Man of colour at computer with headphones
Man of colour at computer with headphones

Information Governance

The Dimensions Group has a Caldicott Guardian.

This person is responsible for making sure that Dimensions and Discovery use information about people legally and appropriately, and that we maintain confidentiality. This includes personal information about people we support, their relatives and our colleagues.

As well as making sure that any systems and processes we use to store information about people are secure, the Caldicott Guardian also helps to ensure that the right arrangements are in place if we need to share information with other organisations, such as those responsible for social care and safeguarding.

Caldicott Guardian

The Caldicott Guardian for the Dimensions Group is Rhoda Iranloye

Rhonda helps to decide when confidential information might be used, and when it should not, by following what are called the seven Caldicott Principles. These are:

  • Justify the purpose of using or transferring personal information.
  • Don’t use personal confidential information unless absolutely necessary .
  • Use the minimum necessary personal confidential information.
  • Access to personal confidential information should be on a need to know basis.
  • Everyone with access to personal confidential information should be aware of their responsibilities.
  • Comply with the law.
  • The duty to share information can be as important as the duty to protect confidentiality.

Senior Information Risk Officer

Ben Sutton is our Senior Information Risk Officer(SIRO), which is a role created under the General Data Protection Regulations (GDPR).

Ben Sutton is our Senior Information Risk Officer(SIRO)

Ben puts in place polices, frameworks and procedures to minimise risks to data. His responsibilities can be summarised as follows:

  • Leading and fostering a culture that values, protects and uses information for the success of the organisation and benefit of its customers
  • Owning the organisation’s overall information risk policy and risk assessment processes and ensuring they are implemented consistently
  • Advising the Chief Executive or relevant accounting officer on the information risk aspects of his/her statement on internal controls
  • Owning the organisation’s information incident management framework.

If you have any queries please contact