CHCINM001 Meet Stat and Org Info Requirements

Learner Guide
CHCINM001
Meet statutory and organisation information
requirements
CHCINM001
Table of Contents
SECTION 1 IDENTIFY AND ADDRESS INFORMATION REQUIREMENTS............................................................... 3
USE APPROPRIATE MECHANISMS TO IDENTIFY ORGANISATION AND STATUTORY INFORMATION REQUIREMENTS .......................... 4
LEGISLATIVE REQUIREMENTS FOR COMMUNITY SERVICES AND HEALTH CARE INFORMATION - NSW SPECIFIC .............................. 6
ETHICS AND CONDUCT ............................................................................................................................................ 11
IDENTIFY GAPS AND INADEQUACIES IN THE ORGANISATION’S INFORMATION SYSTEMS .......................................................... 12
METHODS OF RECORDING, STORING AND ACCESSING INFORMATION ................................................................................ 13
ANALYSE ANY SUBSTANTIAL BREAKDOWNS IN METHODS OF RECORDING, STORING AND ACCESSING INFORMATION FOR CAUSE AND
EFFECT, AND TAKE CORRECTIVE ACTION ...................................................................................................................... 19
COLLECT, ANALYSE AND PREPARE DATA ON INFORMATION NEEDS IN WAYS TO INFORM DECISION-MAKING .............................. 20
SECTION 2 REVIEW OPTIONS FOR INFORMATION MANAGEMENT ................................................................. 23
IDENTIFY AND PERIODICALLY EVALUATE SOURCES OF INFORMATION ................................................................................. 25
IDENTIFY, CALCULATE AND EVALUATE FINANCIAL AND TECHNOLOGICAL RESOURCES REQUIRED FOR SYSTEMS ............................ 27
SECTION 3 ESTABLISH AND MANAGE SYSTEMS TO RECORD AND STORE INFORMATION ............................... 30
DEVELOP, IMPLEMENT AND DOCUMENT SYSTEMS THAT MEET ORGANISATION AND STATUTORY INFORMATION REQUIREMENTS FOR
RECORDING, STORING AND ACCESSING INFORMATION ................................................................................................... 30
IMPLEMENT STRATEGIES TO ADDRESS ANY GAPS IN MEETING CURRENT INFORMATION REQUIREMENTS IN CONSULTATION WITH
STAKEHOLDERS ..................................................................................................................................................... 32
SECTION 4 DEVELOP STAFF AND RESOURCES ................................................................................................. 34

ANALYSE STAFF TRAINING NEEDS IN RELATION TO INFORMATION SYSTEMS AND IN ACCORDANCE WITH LEGISLATIVE AND
ORGANISATION REQUIREMENTS ................................................................................................................................ 34
ORGANISE TRAINING OR RETRAINING IN ACCORDANCE WITH TRAINING NEEDS ANALYSIS....................................................... 36
SUPPORT AND SUPERVISE THE DEVELOPMENT OF INFORMATION AND EDUCATIONAL RESOURCES ........................................... 38
DEVELOP CONTENT AND FORMAT GUIDELINES IN CONSULTATION WITH STAKEHOLDERS TO GUIDE PRODUCTION OF RESOURCES ... 38
RECRUIT APPROPRIATE EXPERTISE TO DEVELOP INFORMATION AND TRAINING RESOURCES .................................................... 39
SECTION 5 EVALUATE AND MAINTAIN QUALITY INFORMATION SYSTEMS..................................................... 43
ROUTINELY EVALUATE ADEQUACY OF INFORMATION SYSTEMS USED TO RECORD AND STORE INFORMATION FOR EFFECTIVENESS,
EFFICIENCY, SECURITY AND INTEGRITY AND INTRODUCE NEW METHODS AS NECESSARY......................................................... 43
MONITOR VALIDITY, CURRENCY AND USEFULNESS OF INFORMATION AND TAKE APPROPRIATE ACTIONS FOR DISPOSAL OR STORAGE
.......................................................................................................................................................................... 44
MONITOR ONGOING DEVELOPMENT OF INFORMATION SYSTEMS AND TRAINING RESOURCES IN CONSULTATION WITH USERS ....... 45
IMPLEMENT STRATEGIES TO CONTINUOUSLY IMPROVE EFFECTIVENESS OF INFORMATION SYSTEMS AND RESOURCES................... 46
RESOURCES: ......................................................................................................................................................... 49
Modification History
Version Date Changes

1.0 03/01/2018 Contextualised for CHC52015
Diploma of Community
Services course program
© This resource was developed by Focussed Consulting and adapted by AHIC for use with the
CHC52015 Diploma of Community Services course program
Australian Harbour International College, 114-120 Castlereagh Street, Sydney NSW 2000, Australia
|RTO NO: 41338 | CRICOS Provider Code: 03449J
Filename: CHCINM001 Version 1.0/ January Review Date: Page 2 of 49
2018 January 2020
CHCINM001
CHCINM001 Meet statutory and organisation

information requirements
Section 1 Identify and address information requirements
Non-government health and community services provide a wide range of services to assist people with
issues in their daily lives, and are an essential element of achieving good health outcomes in the community.
They provide a holistic framework for the promotion and maintenance of good health within community
settings, whilst responding to, and meeting the changing and diverse needs of local communities and priority
population groups.
In identifying information requirements of community service organisations, it is essential to consult with

management about corporate objectives and management needs and also to consider whether streamlining
current systems and automating current processes is a viable alternative or accompaniment.
Identifying information requirements involves broad research and focused analysis. Findings should be
documented and agreed with by management and staff who have participated in the process. Examples of
identified data information requirements:
• research data;
• analysis of data on community issues and trends;
• program planning, management and evaluation;
• facility management;
• human resources management;
• client information management; and
• decision support system
What data should an organisations information system generate?
Information is any data that has been processed for a specific purpose and in a way that it becomes useful
for the end user. Within quality management, information is used for many purposes. It is used to monitor
progress and determine where problems exist.
When considering the information’s purpose, it is important to ensure that the purpose meets with the
objectives of the organisation and its requirements, such as:
• use of services (accessibility, safety, quality, efficiency);

• outputs and service availability; and
• inputs and processes.
Information needs to be secure and responsibilities for Information Security monitoring, reporting and
review need to be assigned to staff at an appropriate level in the organisation.
2018 January 2020
CHCINM001
Use appropriate mechanisms to identify organisation and statutory information

requirements
An analysis of statutory compliance comprises a series of questions for each mandatory requirement and
seeks to discover if there is a documented process in place that adequately addresses the intent of each
requirement. Each question is answered ‘Yes’, ‘Partly’ or ‘No’ and must include justification for each
response answered ‘yes’ and ‘partly’ along with planned mitigation actions for ‘no’ responses. The identified
gaps provide management with insight into the areas within the information security program which need to
be improved. Once the gaps are identified, a project plan can be developed which provides a foundation for
setting priorities, assigning ownership and allocating investments of time and resources for implementing
compliant information systems
Information gathering requirements for organisation
Data Sources – Service based or population based
Scope – Is the information required for just your organisation or for all member organisations of a larger
organisation or for the community services and health Industry. It will be important to determine the
amount of data you need to obtain and the amount of processing that is likely to be required.
Form- data and information come in many forms and you will need to determine what is the most suitable
form for decision makers. Examples of forms of data and information are: written, presented orally, visual
aids, charts, graphs, video presentations. Each have their own advantages and disadvantages.
Presentation- The end presentation format of the data needs to be considered such as:
• identify the types of documents required;
• level of presentation the organisation requires
• determine entry, storage and quality needs;
• determine information technology capability;
• establish styles and standards; and
• information need to be provided in draft form, or in a final finished report
Examples of presentation format
- spreadsheets and databases
- letters
- project milestones
- faxes
- brochures, flyers and display materials
- reports, annual reports and prospectuses
- policies and procedures
- financial statements
- invoices and orders
- tables
- newsletters
- agendas and minutes
Time- Time is money and so budgets will have an effect on the time you can put into a given project.
2018 January 2020
CHCINM001
Expertise- This may also be related to the effects of budget. Less money will = less expertise available to
employ. Therefore, the information gathered may not be as accurate as it could be if expertise in
information management is spread thin across the organisation.
To meet statutory and organisation requirements you will need to know if information management system
has the capabilities for gathering the information that is required, and what level of resources you need to
gather this information?
Available resources are significant factor when looking at information processing strategies. Budgets, time
and expertise constraints restrict our ability to gather the best information, therefore strategies that you
develop must take the limited resources into account.
To ascertain the expenditure of information management and whether it is justified you should consider a
cost benefit analysis. The benefits of gathering the information must outweigh the costs associated with
gathering it. If you require extensive analysis, market research, expensive software or difficult processes and
procedures are required to gather the information – the costs outweigh the benefits.
The organisation maintains accountability to stakeholders through the implementation and maintenance of
sound governance and information management systems. These systems should reflect the size and
structure of the organisation and contribute to maximising outcomes for people using services.
Ways that this can be demonstrated by the organisation are:

• processes to establish plans, objectives and strategies required to deliver information to services.
These may include:
- strategic plan;
- business plan;
- operational plan;
- risk management plan;
- vision and values; and
- client charter.
• processes for measuring performance against established plans;
• processes for allocating resources to enable plans to be actioned;
• processes for delegating authority and responsibilities throughout the organisation and for
establishing, recording, communicating and reviewing delegated authority;
• financial management systems which support effective management, accountability, control and
ongoing viability which may include:
- documentation of financial controls and delegations;
- establishment of safeguards to prevent fraud and financial mismanagement;
- budgeting processes;
- purchasing processes;
- internal and external reporting processes;
- adequate and appropriate insurance coverage;
- maintenance schedules;
- payroll processes; and
- asset management processes.
• minutes and other records of meetings and/or decisions that clearly define responsibilities and
timeframes;
2018 January 2020
CHCINM001
• processes and strategies for managing assets, if applicable, that enable the effective delivery of
repairs and maintenance so that assets are well maintained, and replaced according to a schedule
and that the assets managed by the organisation are protected;
• processes for identifying, managing and monitoring risks (risks include strategic and operational risk,
individual risk and employee or work health and safety risk);
• processes and strategies for managing an effective information management system that maintain
appropriate controls of privacy and confidentiality for stakeholders, such as:
- information requirements are identified, including how information is maintained, stored,
shared and destroyed. Information includes: records (eg. minutes of meetings, completed
forms); files (eg. people using services and staff); and knowledge (this includes knowledge which
is informally gathered); and
- people using services are informed of processes regarding their personal information and how
they can access that information if required.
- organisation may have processes for:
o identifying, maintaining, sharing and storing documents, forms and templates where
required;
o ensuring the integrity of electronic data;
o making information available to people in decision-making roles;
o managing the security, confidentiality, retrieval, archiving, transfer and disposal of
information;
o maintaining records of organisational practices, people using services and staff;
o aligning the organisations information management system with privacy legislation and
relevant privacy principles;
o the provision of relevant and appropriate information to stakeholders; and
o gaining informed consent from stakeholders when sharing information.
Legislative requirements for community services and health care information - NSW specific
A law has been created to regulate the use of data stored in information systems to balance the individual’s
right to confidentiality and an organisation’s need to use it. The main piece of legislation is the Privacy Act
1988. This covers the medical, social and credit information that must be kept private. The data must be:
• fairly and lawfully processes;

• processed for the intended purpose;
• adequate, relevant and not excessive;
• accurate;
• not kept longer than necessary;
• processed in accordance with the subject rights;
• kept secure; and
• not transferred without adequate data protection.
Community Service workers should carry out their responsibilities within the context of the expectations and
requirements of communities, their workplace, and the legislative and regulatory, organisational, agency and
standards of their industry. Community Service workers need to develop a clear understanding of and have
2018 January 2020
CHCINM001
the ability to meet their obligations with respect to legislative, regulatory and policy issues. These obligations
include but are not limited to:
• confidentiality, including matters related to client intake to the service, consultation, appointments,
records, coded de-identified registers and privacy; and
• consent, including matters related to voluntary, informed consent, age, and powers of attorney.
Record keeping, including matters related to timely and accurate documentation, either hard copy or
electronic, record access, storage and information sharing. Examples might be:
• notification of infection, including notifying a partner, maintaining de-identified registers, notifying

according to State and federal legislative and regulatory requirements and contact tracing; and
• application of EEO, anti-discrimination and other relevant legislative and regulatory requirements,
and Implementation of federal and state policies, protocols and clinical care guidelines, industry
practice and service standards in response to community need.
Coverage of these and other areas is both at the local service level where there may be individual agreement
on procedures, and also at the national and state levels. There are a number of existing acts affecting the
work undertaken by people within the NSW health and community services system. This means that the
worker must maintain a current and broad knowledge base of relevant legislation and procedural
requirements that impact upon their work and client/community interaction.
The NSW Health Department has produced principles and minimal standards for the development of health
service codes of conduct which draws together the legislative responsibilities for health and community
service workers. These principles and minimal standards have been developed to provide a framework for
the decision and actions of staff in relation to their conduct in their employment. This information is
available from the following website: http://sydney.edu.au/medicine/northern/electives/pdf/nswhealth-
code-of-conduct-PD2015-035.pdf
The code of conduct covers areas such as:
Personal and professional behaviour Discrimination and harassment
Conflicts of interest Corrupt conduct
Public comment Maladministration and substantial waste
Use of official resources Occupational Health and Safety
Security of official information Conduct of former staff members
Intellectual property and copyright Breach of the code of conduct
Criminal record checking Communicating and implementing a code of conduct
Fairness and equity Discrimination and harassment
Policies, procedures for Community Service work

Use the following website resource for information and templates
http://communitydoor.org.au/organisational-resources/administration/policies-procedures-and-
templates?gclid=CjwKCAiA-
KzSBRAnEiwAkmQ15xNCWuEyqNTAXvGlPIP2BTqdmZYq5yOz2kH8BvS4MAmfaJjsW60ptxoCuj4QAvD_BwE
2018 January 2020
CHCINM001
Information gathering for statutory information requirements
A key to successful information management is ensuring the privacy and freedoms of the client while
protecting/promoting public health. While legislation underpins confidentiality and privacy and attempts to
ensure compliance in this regard, the ethics of information management and systems is much broader.
All organisations have compliance requirements relating to legislation, regulations, contracts or service
agreements. These requirements also relate to quality in that they are often requirements which control
quality of care, management and process. An organisation's quality system determines how it ensures that it
is compliant to prescribed requirements.
Recordkeeping and recordkeeping systems are defined in the Australian Standard AS 4390-1996 as:
• recordkeeping - making and maintaining complete, accurate and reliable evidence of business
transactions in the form of recorded information; and
• recordkeeping systems - information systems which capture, maintain and provide access to records
over time.
A quality management system should support organisations to be compliant to these prescribed

requirements. 1A quality management system (QMS) is a collection of business processes focused on
consistently meeting customer requirements and enhancing their satisfaction. It is aligned with an
organisation's purpose and strategic direction (ISO9001:2015).
Demonstrating compliance to requirements may also be assessed under a quality system indicator, but can
also come under any other indicator where a requirement may also exist in legislation, regulation or
contractual arrangement.
Ways that this can be demonstrated by the organisation are:
• induction processes for members of the governing body include information on the regulatory and
legislative frameworks within which the service operates and the associated compliance obligations;
• constitution, terms of reference, or equivalent guiding documents that articulate processes of how
the governing body operates, including meeting and reporting arrangements;
• processes for maintaining legislative compliance e.g. regulatory compliance processes, external
audits or reviews (e.g. WH&S), advisory services and professional or industry specific memberships;
• processes for approving new policies and/or procedures;
• minutes and other records of meetings;
• processes for managing conflict of interest; and
• processes for reviewing breaches to legislation.
Establishing a records management program
A key obligation under the State Records Act is for all NSW public offices to ‘establish and maintain a records
management program' A records management program encompasses the management framework, the
people and the systems required within an organisation to manage full and accurate records over time. This
includes the identification and protection of records with longer-term value that may be required as
archives. The program includes:
1 https://en.wikipedia.org/wiki/Quality_management_system
2018 January 2020
CHCINM001
• records management policies, plans and procedures;

• skilled staff;
• recordkeeping systems and tools;
• advice and training in recordkeeping rules and practices; and
• recordkeeping performance monitoring and review.
Statutory requirement guidelines
2
The Health Records and Information Privacy Act 2002 (NSW) (the HRIP Act) regulates the collection and
handling of people’s health information by New South Wales public and private sector organisations. It
applies to organisations that are health service providers or that collect, hold or use health information.
In addition, Community Service workers have a duty of confidentiality to their clients/patients. This duty
arises from the nature of the relationship between Community Service workers and their clients and
patients. Community Service workers can be sued in civil courts by clients/patients for breaches of
confidentiality. Damages can be awarded according to the injury or harm to the client/patient caused by the
breach of confidentiality.
Community Service workers should be aware; however, that common law action for a breach of confidence
will also recognise a defence that the disclosure was lawful where a statutory obligation or power exists to
justify disclosure. Where a confidentiality obligation exists, a client/patient may also if aware that the duty
may have been breached, seek court orders to prevent the breach occurring. There are also provisions to
cover Community Service workers when they have acted in good faith
List of legislation and regulatory Acts that may impact on statutory requirements
The Privacy Act 1988 Health Records and Information Privacy Act 2002
https://www.oaic.gov.au/privacy-law/privacy-act/ http://www8.austlii.edu.au/cgi-
https://www.legislation.gov.au/Details/C2016C00838 bin/viewdb/au/legis/nsw/consol_act/hraipa2002370/
Health Administration Act 1982 Privacy and Personal Information Protection Act 1998 (PPIP Act)
https://www.legislation.nsw.gov.au/inforce/7ce6128a-a4a3-4dbc- https://www.legislation.nsw.gov.au/#/view/act/1998/133
fdb8-bb9d8bed143e/1982-135.pdf
Health Services Act 1997 Public Health Act 2010
https://www.legislation.nsw.gov.au/#/view/act/1997/154/full https://www.legislation.nsw.gov.au/inforce/e20f1d11-6a0d-ec9a-fe79-
d31ae57c52c3/2010-127.pdf
Workplace Health and Safety regulation 2011 Health Care Complaints Act 1993 No 105
http://www.legislation.nsw.gov.au/#/view/regulation/2011/674 https://www.legislation.nsw.gov.au/#/view/act/1993/105
Anti-Discrimination Act 1977 No 48 Ombudsman Act 1974 No 68
http://www.legislation.nsw.gov.au/#/view/act/1977/48 http://www.legislation.nsw.gov.au/#/view/act/1974/68
Children and Young Person’s (Care and Protection) Act 1998 Protected Disclosures Act 1994
https://www.legislation.nsw.gov.au/acts/1998-157.pdf https://www.legislation.nsw.gov.au/acts/1994-92.pdf
PUBLIC INTEREST DISCLOSURES ACT 1994
https://www.legislation.nsw.gov.au/#/view/act/1994/92
Crimes Act 1900 No 40 Public Finance and Audit Act 1983
http://www.legislation.nsw.gov.au/#/view/act/1900/40 https://legislation.nsw.gov.au/inforce/b6a5f35d-1e1f-6472-a0a9-
87ba28f2ce75/1983-152.pdf
Freedom of Information Act 1982 Public Sector Management Act 1994
https://www.legislation.gov.au/Details/C2017C00364 https://legislation.nsw.gov.au/inforce/48320eee-1ccc-6404-90c7-
ead50ce2cbaf/2002-43.pdf
2 https://www.ipc.nsw.gov.au/sites/default/files/file_manager/hripa_health_handbook.pdf
2018 January 2020
CHCINM001
3
The Health Privacy Principles (HPPs) - Summary for organisations
3 https://www.ipc.nsw.gov.au/sites/default/files/file_manager/hripa_health_handbook.pdf
2018 January 2020
CHCINM001
Ethics and conduct
The ethical considerations for each community service organisation will vary depending on the area of
service delivery. Obligations of community workers to follow frameworks that prescribe acceptable levels or
standards of behaviour and conduct, particularly as they relate to what are often called ethical issues or
ethical dilemmas must be followed. The following information is an example of the steps in ethical decision
making and ethical considerations for working with children and young people.
Many community workers work under prescribed ethical and conduct standards. These standards, however
described, should be observed and followed by community workers at all times. Standards are set out in a
number of different ways:
• codes of ethics
• codes of conduct
• legislative standards (Consent and participation)
• contractual or service standards
• service or client charters.
Ethical Decision making steps might be:

1. Identify the ethical dilemma.
2. Identify those likely to be affected by the decision.
3. Identify all viable courses of action, including benefits & risks for each.
4. Examine the pros & cons for each course of action.
5. Consult with experts & colleagues.
6. Make the decision & document the decision-making process.
7. Implement the decision.
8. Monitor, evaluate & document the outcomes.
Checklist for Ethical Considerations for Children and Young People’s participation might be:
• Do you have a duty of care procedure in place for supporting any children and young people who
experience distress or any other negative consequence as a direct result of their participation?
• Have all the adults working on this project been assessed for their suitability to have direct,
unsupervised contact with children and young people?
• Is the location for the consultations private and suitable for children and young people?
• Do you know how you will protect the privacy, anonymity and confidentiality of the children and
young people who participate?
• Have you informed children and young people of the limits to confidentiality and when it may be
breached?
• Have you consulted the relevant privacy laws in your State or Territory?
• Will you provide compensation to children and young people over and above reimbursement? If so,
how and when?
• Have you considered additional minimising harm ethical considerations when seeking the
participation of "children and young people doing it tough”?
2018 January 2020
CHCINM001
Identify gaps and inadequacies in the organisation’s information systems
4
Structured analysis of information systems uses a series of phases, called the systems development life
cycle (SDLC) to plan, analyse, design, implement, and support an information system. Structured analysis
relies on a set of process models that graphically describe a system.
Planning Planning the system requires the user to define what the problem is. The planning may
also include how the user would like to solve the problem. Defining the scope of the
problem is also important in this stage as well. Once the problem is determined, and
one or more solutions have been selected, planning to implement the solution begins.
• Define the problem
• Produce the project schedule
• Confirm project feasibility
• Staff the project
• Launch the project
Analysis The analysis phase involves gathering requirements for the system. At this stage,
business needs are studied with the intention of making business processes more
efficient. The system analysis phase focuses on what the system will do in an effort that
views all stakeholders, as viable sources of information. In the analysis phase, a
significant amount of time is spent talking with stakeholders and reviewing the
stakeholder’s input. Common stakeholders for IT projects are:
• Architecture office
• Testing & certification office
• Records management team
• Application support group
Design The design phase is concerned with the physical construction of the system. Included
are the design or configuration of the network (hardware, operating system,
programming, etc.), design of user interfaces (forms, reports, etc.), design of system
interfaces (for communication with other systems), and security issues. It is important
that the proposed design be tested for performance, and to ensure that it meets the
requirements outlined during the analysis phase. In other words, the main objective of
this phase is to transform the previously defined requirements into a complete and
detailed set of specifications which will be used during the next phase. Some of the
activities that need to take place during the design phase are:
• design the application;
• consider Web accessibility
• design and integrate the network;
• design and integrate the database;
• create a contingency plan;
• start a Maintenance, Training and Operations plan;
• review the design;
• articulate the business processes and procedures;
• establish a transition strategy;
• deliver the System Design Document; and
• review final design.
Implementation Clear objectives should be developed. Deliverables then need to be documented along
and support with the project scope. Assumptions and constraints should also be documented. All
4Satzinger, J. W., Jackson, R. B., & Burd, S. (2007). Systems Analysis & Design In A Changing World, Fourth Edition. Boston: Thomson
Course Technology.
2018 January 2020
CHCINM001
stakeholders should be involved in this process. This information will become the
projects charter and the basis for initiating the project. The project then follows the
PLAN-DO CHECK-ACT cycle. The results of each cycle will be linked to the next as input.
There are five activities that must be performed during the implementation phase:
• construct software components;
• verify and test;
• convert Data;
• training end users and document the system; and
• install the system.
Maintenance Maintenance and support covers all activities that are required once the system is in
and support place. Activities include, but are not limited to:
• phone support for users;
• physical onsite user support;
• resolving any issues that may arise with the new system; and
• providing support materials/tools for users.
Methods of recording, storing and accessing information
Implement recordkeeping processes
The records management program provides a framework in which recordkeeping processes can be
effectively implemented in order to make and manage records as long as they are needed.
Making of records
People and organisations need to make records that document the decisions they have made and actions
that have been taken. Many business processes automatically result in the making of a record and systems
should be designed to automate this as far as possible. In other situations, e.g. telephone conversations,
instant messaging, people have to deliberately make a record. Records managers can support the making of
adequate records by:
• working with other staff to design recordkeeping into business processes;

• establishing rules for when and how records need to be made; and
• providing templates to make sure that records have all the necessary information in them.
Control of records
It is important to establish the physical and intellectual control over the records so that the organisation
knows what records it has, where they are and what has happened to them. Using control processes, records
can be found and used in support of business objectives.
Control processes include:
• registration – giving a record a unique identifier (e.g. number or title) to provide evidence that it has
been made. This is the foundation of other control processes;
• classification – categorising records in systematic and consistent ways so that related records are
grouped together to facilitate capture, retrieval, maintenance and disposal;
• language control – using language control tools to title and index records and files, e.g. a thesaurus
or lists of standard headings;
2018 January 2020
CHCINM001
• indexing – attaching searchable terms (from the controlled language tool) to records to help with
retrieval; and
• tracking – tracking the physical movement of records to know who has used them and where they
are at any one time.
• Version control if required for any policy document
Maintenance of records
Maintaining records covers the range of processes and tasks for protecting records from unauthorised
access, loss or destruction, theft or disaster and protecting their integrity over time. It also covers keeping
them accessible for as long as they are needed as evidence of business activities, particularly important for
electronic records. Maintenance processes include:
• storage of active records – establishing and managing facilities for records in all formats in or close to
office or other work areas;
• storage of semi-active and inactive records – usually involves establishing and managing a
warehouse type facility, or outsourcing storage to a commercial provider;
• storage of electronic records - including online and offline data storage devices;
• preservation – establishing and monitoring appropriate environmental conditions for storing
different types of records, implementing safe handling practices, preventing damage to or misuse of
records. May also include transferring records to a different medium, e.g. paper to microfilm;
• conservation – replacing and repairing damaged records or record containers;
• migration – migrating records through technology changes to keep them accessible over time.
Includes documenting migration actions;
• vital records – identifying records and recordkeeping systems critical to the functioning of an
organisation and developing strategies to reduce the risks to these records; and
• disaster management – identifying and assessing the risks of disasters affecting records, developing
strategies to prevent them and for recovering from them.
Access to records
Managing access to records involves making them accessible and useable to users within and outside the
organisation, implementing access rules and also access restrictions where necessary. These processes
include:
• managing access – identifying and administering requirements to make records accessible or to
protect them from unauthorised access because of security, privacy or other restrictions. In the NSW
public sector, access to records is regulated by the State Records Act, the Government Information
(Public Access) Act and privacy legislation. Access may also be regulated by specific legislation;
• retrieval – developing and implementing retrieval tools for records staff and user to identify and
retrieve records, e.g. indexes and other recordkeeping metadata tools; and
• delivery – involves delivering records or copies to internal and external users when they need them.
Considering web accessibility
Web accessibility refers to a range of measures to make accessing online information easier for people with
a disability. One in ten men have some form of colour blindness and accessible websites and technology make using the
Internet easier for people with disability.
2018 January 2020
CHCINM001
Electronic Information in the Community Service and Health industry
Human Resource Management Information Systems (HRMIS) reflect the need for organisations to have
details about staff and their roles and responsibilities. The role of information systems for human resource
management is essential to meeting statutory and organisation information requirements.
5
Electronic client registration in an Area Health Service-wide client registration database, and the
assignment of an Area Health Service unique patient identifier, are essential components of the ICT Strategy.
They are the cornerstones of the following key initiatives:
Client registration is the process of identifying and collecting data on an individual and recording of that data
within an Area Health Service-wide client registration database for the purpose of uniquely identifying that
individual. The allocation of an Area Health Service unique patient identifier, to be used as a unique key for
that client/patient, is a product of this process.
The intent of client registration is to be able to link information held on a client/patient and thereby, support
the delivery of services to that client/patient and the management and understanding of services and service
needs.
Client registration involves all of the following:
• gathering minimum standard information about a client/patient of a health service to ensure that
the client/patient is properly identified;
• searching the Area Health Service-wide client registration database to determine if the client/patient
has already been registered;
• recording mandatory information about the client/patient or updating existing information;
• in the Area Health Service-wide client registration database, and populating any other copies of this
information with the updated information, ensuring that information held by the health service is
correct and up-to-date; and
• allocating an Area Health Service unique patient identifier to new clients/patients.
Registration is for the purpose of providing health care to the client/patient or other related functions.
Electronic Health Record (eHR): collects summary health information about a patient when they present at
participating healthcare services and stores it in a single electronic record. This information is accessible to
the patient and authorised healthcare providers. Participation in the EHR is voluntary and has many benefits
for both providers and patients.
Electronic Medical Record (eMR): is an application that provides comprehensive view of each patient and
their care and supports the clinical care process by enabling the doctor, nurse or allied health professional
to:
• record care where and when it is delivered;
• review progress and order treatment or tests from any location where a computer is located;
• continually review results and outcomes and alter care as required;
• be prompted with alerts and allergies at time of ordering;
• use decision support at the time of ordering tests and procedures; and
5 http://www1.health.nsw.gov.au/pds/ActivePDSDocuments/GL2007_024.pdf
2018 January 2020
CHCINM001
• generate discharge referrals with automatic feeds from relevant systems e.g. radiology, pathology.
The Community Health and Outpatient Care Information Project (CHOCIP): This project will deliver a
standardised, state-wide data set that contains a record for each health service provided to patients in
community health and outpatient care settings.
Community Health and Outpatient Care (CHOC is specially designed integrated clinical and electronic medical
record systems for the NSW community health and outpatient network will improve coordination,
communication and medical information for clinicians working in dispersed facilities, as well as better
healthcare management for patients wherever they live. Services that will be better connected include
Aboriginal Health, Aged and Chronic Care, Allied Health, Child and Family, Community Home Nursing, Drug
and Alcohol, Mental Health and Sexual Health.
Electronic Health Information is used for:

• effective treatment;
• care plans;
• funding/rebates and planning purposes;
• quality of care;
• epidemiological and other research (monitor health of populations and patterns of transmission and
infection); and
• health promotion purposes.
The information has significant funding/rebate implications for the service as well as client/patient
treatment implications. It is therefore essential to understand and use the system correctly.
Key benefits of electronic Information Systems
The benefits expected through creation of a policy for client registration are:
• unique identification of clients, for example, ensuring that each individual’s health record is
associated with that individual and no other person;
• provision of accurate, comprehensive and reliable client information, for example, high quality
information; and
• more efficient health care through reduced time and resources associated with obtaining and re-
gathering client information.
Provision of guidance and direction for staff involved in registration of clients, including:
• those involved in policy and procedure development;

• data administrators;
• Staff involved in data collection, such as:
o client administration staff;
o support staff such as secretarial staff;
o intake officers;
o clinicians;
o contracted staff; and
o staff employed by contracted agencies.
• Increased staff confidence that the data being gathered is associated with the correct individual.
2018 January 2020
CHCINM001
eHealth
6
Electronic health information (e-health) systems has the potential to improve the quality of health care in
Australia by enabling secure, complete and timely transfer of clinical and administrative information
between health-care providers. Providers would be able to access relevant information (for example,
medical history, allergies and current medications) at the time of care in order to make the safest and most
appropriate decisions about individuals’ management and treatment. The addition of new information to the
electronic record at the time of care would enable accurate and timely communication between all members
of the health-care team.
Although the structure and content of a Shared Electronic Health Record (sEHR) for Australia is as yet
unclear, the information could also be a valuable resource for research and quality assurance purposes. The
ability to capture information connecting diagnosis, treatment, referral and outcomes over time, and
between different levels and sectors of the health system, would allow analysts to build comprehensive
pictures of the factors affecting service needs and patient outcomes, such as:
• the effectiveness of different treatment patterns;

• variation in treatment patterns between regions or patient groups;
• variation in rates of disease between regions or patient groups;
• areas of need for certain services or medical specialties;
• changes in practice; and
• implementation of new guidelines or policies.
National and universally available sEHR created in the future, and the data captured within general practice
clinical software systems—some of which are already being used for statistical and research purposes—have
the potential to be a rich source of national information. A review of methods of electronic data collection is
required to inform future decisions about what and how much information will be useful, and to support a
transition from paper-based to electronic data collection about general practice.
This video explains what the national eHealth (PCEHR) record system is and the benefits to healthcare
consumers. It also shows you how to go about applying for an eHealth record.
https://www.youtube.com/watch?v=e9gkl98EphI For resources on eHealth go to the following website:
https://myhealthrecord.gov.au/internet/mhr/publishing.nsf/content/find-out-other
Picture Archiving Communication System (PACS), where digitised images are captured, stored and can be
distributed anywhere within the hospital (or nearby hospitals) at the click of a button – removing the need
for film to be printed.
Radiology Information System (RIS) which supports all key areas in the Radiology Department such as
ordering exams, coordinating appointments, registering the patient, recording details of the exam and
reporting.
PACS/RIS has revolutionised the operations of radiology departments across NSW, delivering quick and easy
Local Health Districts (LHD)-wide access to Medical Imaging (MI) studies across District boundaries with
integration to eMR, including electronic orders and results. For years, hospitals had faced a variety of
radiology-related challenges, such as frequent instances of “lost” films, an ever-increasing demand for
services, and growing service disparities between rural and urban areas.
6 http://www.aihw.gov.au/WorkArea/DownloadAsset.aspx?id=6442458110
2018 January 2020
CHCINM001
PACS/RIS addresses these challenges head on via a single integrated solution which allows images to be
accessed quickly and easily.
Client management systems (CMS) are databases for storing and collating information on services provided
to clients. Some community organisations have developed their own systems in-house to manage their client
records, data collection and reporting. These systems may use commercial database programs such as the
Microsoft Office program Access, or they may have been custom designed by an IT systems specialist. Some
organisations have purchased systems designed by others, but specifically suited to their type of service.
The purpose of a CMS is to make the job of storing, retrieving, collating and reporting client and service
delivery information quick and easy. A good CMS will be:
• appropriate for your organisation both now and over the next three to five years. It should fit with
your objectives, contribute to improvements in service delivery, and be able to handle the expected
number and size of records and the type of reporting you want it to do;
• easy to use and audit to minimise mistakes in the entry, alteration and deletion of information, and
to enable tracking of changes made to personal and financial records;
• reliable (in software terms, stable). This means that it does not unpredictably close down or freeze
the screen when you are using it, or fail to do what you expect;
• well supported by a person or company fully experienced in the system and familiar with the needs
of the types of organisations it has been designed to assist. It is preferable to buy a CMS that comes
with a user manual, as well as offering ongoing online and phone support;
• ethical and legal in its format, particularly in relation to compliance with privacy legislation, anti-
discrimination legislation, and confidentiality;
• compatible with your software and hardware (but you may have to upgrade these to get the system
best suited to your needs); and
• financially viable. The cost of a system and the hardware needed to run it, and the costs and effort
of installing it and learning to use it, will be related in part to its level of sophistication and capacity.
If you have a very small organisation operating a single service from a single office, you may not
need the system designed to handle the complexities of a multi-site, multi-service organisation.
The questions you may want a CMS designer or supplier to answer before you make a decision to purchase
their system include:
1. Meeting our objectives

o How does this particular system fit with and further our values and objectives?
2. Client needs
o How will our client needs be met, especially in relation to privacy?
o Will a single authorised person be able to control the assignment of usernames and
passwords?
o Are files and transactions encrypted?
o Will anyone in your company be able to gain access to our files in their un-encrypted form? If
so, what guarantees will be provided against misuse of our files by your staff?
o What safeguards are there against error and fraud?
3. Convenience/ease of use
o Can you fully explain the processes that our staff will follow to use this system?
o Is there a user manual?
o Do you provide initial training, and what is the cost of this?
2018 January 2020
CHCINM001
o What technical support will be available?

4. Ease of adoption/minimum disruption
o How much staff time will be needed to convert our existing files to the new system (data
entry, scanning, checking, etc.)?
o How long will we be without a working system?
5. Financial viability
o What will the initial outlay on software and hardware be?
o Will there be any other costs over Year1?
o Will there be costs in subsequent years?
Community organisations use Client Relationship Management (CRM) Systems to allow multiple
information systems to talk to each other to connect client and service information to solve problems the
organisation might have with recording, storing and accessing client and service information.
7
A CRM might be able to address some of the following issues:
• Better Organisational Management –tracking staff activities, services delivered, resources allocated
and reporting;
• Improved Team Collaboration– are the staff in different locations, time zones, on the road and
working from home?
• Single Source of Information– is everyone keeping their own spreadsheets, and coming up with
different versions of the truth at reporting time?
• Electronic Trail of Staff Activities –does everyone know what emails and phone calls have been made
to each client?
• Consistent Service Delivery –when teams deliver multiple projects to the same group of clients, is it
difficult to know what has been delivered and what is needed?
• Reporting and Data Accuracy– the old cliché garbage in/garbage out applies, when staff don’t record
data consistently, reports don’t represent actuals;
• Improve External Communications –consistent messages across email, SMS and fax, from all staff,
tracked and recorded;
• Standardised Record Keeping –without a clear information management guideline, staff may store
the same data in completely different ways, making it impossible to find and report on;
• Minimise Data Entry –manual note taking can be time consuming, and not easily shared; and
• Donation management– who has given what, and help to secure more donators and spend per
donation
Analyse any substantial breakdowns in methods of recording, storing and accessing

information for cause and effect, and take corrective action
A 8system analysis "the process of studying a procedure or business in order to identify its goals and
purposes and create systems and procedures that will achieve them in an efficient way". Systems Analysis
has become a necessity, a highly important and integral tool that development teams, governments and
companies use to enhance their productivity and raise their profit margins (Silver et al, 1989)
7 http://communitydoor.org.au/-Choosing-a-Client Management system

8 https://en.wikipedia.org/wiki/Systems_analysis
2018 January 2020
CHCINM001
It is used to test for inadequacies of the organisations information system and will assist in determining an
organisation’s current state of efficiency and its security. The system analysis process involves problem
solving techniques, documenting and obtaining management recognition of mandatory requirements and
where the organisation is currently non-compliant.
Software quality is assessed along different dimensions, including reliability, function, and performance The
9
Workload Analysis Model is created to identify and define the different variables that affect or influence an
application or system's performance and the measures required to assess performance. The workload
profiles that make up the model represent candidates for conditions to be simulated against the Target Test
Items under one or more Test Environment Configurations. The workload analysis model is used by the
following roles:
• the test analyst uses the workload analysis model to identify test ideas and define test cases for
different tests
• the test designer uses the workload analysis model to define an appropriate test approach and
identify testability needs for the different tests
• the tester uses the workload analysis model to better understand the goals of the test to implement,
execute and analyse its execution properly
• the user representative uses the workload analysis model to assess the appropriateness of the
workload, and the tests required to effectively assess the systems behaviour against that workload
analysis model
The information included in the workload analysis model focuses on characteristics and attributes in the
following primary areas:
• Use-Case Scenarios to be executed and evaluated during the tests
• Actors to be simulated / emulated during the tests
• Workload profile - representing the number and type of simultaneous actor instances, use-case
scenarios executed by those actor instances, and on-line responses or throughput associated with
each use-case scenario.
• Test Environment Configuration (actual, simulated or emulated) to be used in executing and
evaluating the tests. Deployment view, which should form the basis for the Test Environment
Configuration
Tests should be considered to measure and evaluate the characteristics and behaviours of the target-of-test
when functioning under different workloads. Successfully designing, implementing, and executing these tests
requires identifying both realistic and exceptional data for these workload profiles.
Collect, analyse and prepare data on information needs in ways to inform decision-making
10
Quantitative information is crucial to building awareness and gathering support for community issues. Hard
data analysis provides a concrete approach for assessing, planning, and implementing community projects. It
can be a valuable tool in comparing community problems across geographic regions and across periods of
time. This section discusses how to gather data through focus groups, public forums, and surveys, and how
and when to implement the information into community planning.
Why should you collect information to inform decision making on community issues?
9 http://www.tesestec.com.br/pasteurjr/rup/process/modguide/md_wlmod.htm
10 http://ctb.ku.edu/en/table-of-contents/assessment/assessing-community-needs-and-resources/collect-information/main
2018 January 2020
CHCINM001
• Knowledge. Reality talks. Knowing the facts is a stark way of determining the size of the gap between
your vision of a healthy community and the reality in which you live. Gathering information from the
time period before your organization got started (also known as baseline data) is an excellent way to
show the magnitude of the problem
• Credibility counts. If you are able to talk easily in a casual conversation about the exact numbers of
people affected by the issue you are involved in, you come across as knowledgeable, serious, and
well organized. Writing down those same figures (in greater detail, of course) as part of a grant
application or project summary for potential funders and evaluators says that you are a well-run
group who can get the job done
• Awareness leads to change. You can use the statistics you have found to raise community awareness
of a number of things: how serious the problem is, how well (or how poorly) your community is
doing in relation to other communities or to the nation as a whole, and last but not least: how well
your coalition is attacking the problem at hand
How do you collect this information?
• agree on the value and purpose of the information that you will collect for example planning
processes;
• determine when you want to use this data such as timeframes and when you want to make the
information public;
• determine exactly what you want to know;
• determine who will find the information;
• identify possible sources of information such as Health departments, Human service departments,
hospitals, census data, Non-profit service agencies, schools, Public health department, Australian
Bureau of statistics;
• set limits as to how much information you want to collect;
• collect the data;
• identify gaps in your knowledge;
• redo the process to try to fill those gaps -- or collect your own data;
• if possible, you might want to compare data for your community with that of other communities, or
that of the nation as a whole or to trend out your own community's data over time;
• identify the method of collecting information that is best suited to your purpose. Different methods
that are often used include surveys and focus groups;
• decide if you want to inform the public of what you are doing;
• train the people who will be collecting the information;
• collect and tabulate your data;
• report (and use) your findings; and
• continue to review and collect information on a regular basis.
With so much data to sort through, you need something more from your data:
• You need to know it is the right data for answering your question;
• You need to draw accurate conclusions from that data; and
• You need data that informs your decision-making process
2018 January 2020
CHCINM001
To improve your data analysis skills and simplify your decisions, execute these five steps in your data analysis
process:
Step 1: Define Your Questions

Step 2: Set Clear Measurement Priorities
Step 3: Collect Data
Step 4: Analyse Data
Step 5: Interpret Results
When preparing information data for decision making check the following:
• does the data answer your original question? How?

• does the data help you defend against objections? How?
• are there any limitation on your conclusions, any angles you haven’t considered?
By following these five steps in your data analysis process, you make better decisions for community services
and or government agency because choices are backed by data that has been robustly collected and
analysed. With practice, your data analysis gets faster and more accurate – meaning management can make
better, more informed decisions to run an organisation most effectively.
2018 January 2020
CHCINM001
Section 2 Review options for information management
The need to review information management systems is a decision made by management and often in
consultation with partners and service agencies. Improving information management practices is a key focus
for many community service organisations, across both the public and private sectors.
Review of options for information management is being driven by a range of factors, including a need to
improve the efficiency of business processes, the demands of compliance regulations and the desire to
deliver new services. In many cases, ‘information management’ has meant deploying new technology
solutions, such as content or document management systems, data warehousing or portal applications.
Effective information management is not easy. There are many systems to integrate, a huge range of
business needs to meet, and complex organisational (and cultural) issues to address. Information
management is an umbrella term that encompasses all the systems and processes within an organisation for
the creation and use of corporate information.
In terms of technology, information management encompasses systems such as:
• web content management (CM)
• document management (DM)
• records management (RM)
• digital asset management (DAM)
• learning management systems (LM)
• learning content management systems (LCM)
• intranet/Social intranet
It is also about the information itself, including the structure of information (‘information architecture’),
metadata, content quality, and more. Information management therefore encompasses:
• people;
• process;
• technology; and
• content.
Options for the development of information systems
Database system - A database (DB) is an electronic system that allows data to be easily accessed,
manipulated and updated. It is used by an organisation as a method of storing, managing and retrieving
information. Modern databases are managed using a database management system (DBMS).
Relational database management systems - A relational database (RDB) is a collective set of multiple data
sets organised by tables, records and columns. RDBs establish a well-defined relationship between database
tables. Tables communicate and share information, which facilitates data searchability, organisation and
reporting. RDBs use Structured Query Language (SQL), which is a standard user application that provides an
easy programming interface for database interaction.
Practical approaches to managing electronic records includes:
• creating, and managing electronic records;

• protection and preserving electronic records;
2018 January 2020
CHCINM001
• proper disposal;
• collection and use of personal information is performed according to legislation.
• agency Internet web site privacy statements;
• maintaining secure, reliable and trustworthy systems;
• electronic records correspond to business needs only and are guided by legislation;
• functional requirements to ensure effective electronic record keeping; and
• (E-mail Guidelines) addresses E-mail as a public record
Some principles to ensure that information management activities are effective and successful:
11
Communicate extensively- The first step in an information management project should be to develop a
clear communication ‘message’. This should then be supported by a communications plan that describes
target audiences, and methods of communication.
Recognise (and manage) complexity - Fully centralising information management activities, to ensure that
every activity is tightly controlled. Risks must then be identified and mitigated throughout the project to
ensure that organisational complexities do not prevent the delivery of effective solutions.
Focus on adoption by staff - Staff must save all key files into the document/records management system. In
all these cases, the challenge is to gain sufficient adoption to ensure that required information is captured in
the system. Without a critical mass of usage, corporate repositories will not contain enough information to
be useful.
Deliver tangible & visible benefits- information management projects must always be designed so that they
deliver tangible and visible benefits. The projects should also target issues or needs that are very visible
within the organisation. When solutions are delivered, the improvement should be obvious, and widely
promoted throughout the organisation.
Prioritise according to business needs - Instead of this technology-driven approach, the planning process
should be turned around entirely, to drive projects based on their ability to address health care needs. For
example, the rate of errors in client health information might be identified as a strategic issue for the
organisation. A new system might therefore be put in place (along with other activities) to better manage
the information that supports the processing of client information.
Take a journey of a thousand steps- This approach recognises that there are hundreds (or thousands) of
often small changes that are needed to improve the information management practices across an
organisation. These changes will often be implemented in parallel. While this can be challenging to
coordinate and manage, this ‘thousand steps’ approach recognises the inherent complexity of organisations)
and is a very effective way of mitigating risks.
Provide strong leadership- The starting point is to create a clear vision of the desired outcomes of the
information management strategy. Successful projects require strong leadership who will drive the project.
Leaders will describe how the organisation will operate, more than just describing how the information
systems themselves will work. Stakeholders must also be engaged and involved in the project, to ensure that
there is support at all levels in the organisation.
Mitigate risks- these risks include:
11 http://www.steptwo.com.au/papers/kmc_effectiveim/
2018 January 2020
CHCINM001
• selecting an inappropriate technology solution

• time and budget overruns
• changing business requirements
• technical issues, particularly relating to integrating systems
• failure to gain adoption by staff
For example, a simple but effective way of mitigating risks is to spend less money. This might involve
conducting pilot projects to identifying issues and potential solutions, rather than starting with enterprise-
wide deployments.
Aim to deliver a seamless user experience- Educating staff in the purpose and use of a disparate set of
information systems is difficult, and generally difficult and time-consuming. The underlying goal should
therefore be to deliver a seamless user experience, one that hides the systems that the information is
coming from. In practice, this means:
• Delivering a single intranet (or equivalent) that gives access to all information and tools.
• Ensuring a consistent look-and-feel across all applications, including standard navigation and page
layouts.
• Providing ‘single sign-on’ to all applications.
Choose the first project very carefully- The first project is the single best (and perhaps only) opportunity to
set the organisation on the right path towards better information management practices and technologies.
The choice of the first project conducted as part of a broader information management strategy is critical.
This project must be selected carefully, to ensure that it:
• demonstrates the value of the information management strategy;

• builds momentum for future activities;
• generates interest and enthusiasm from both end-users and stakeholders;
• delivers tangible and visible benefits;
• addresses an important or urgent business need;
• can be clearly communicated to staff and stakeholders (principle 8)
• assists the project team in gaining further resources and support
Identify and periodically evaluate sources of information
Evaluation of sources of information should be integrated into every aspect of a service, initiative or strategy
from initial planning through to formal review, and should be viewed as an ongoing cycle that contributes to
continuous service improvement. Mechanisms for continuous improvement are demonstrated in
organisational management and service delivery processes.
The organisations may have continuous improvement frameworks which may include:
• systems for regularly monitoring and evaluating the effectiveness of service delivery and
governance/management systems and plans;
• continuous quality improvement plan;
• processes for reviewing policies and procedures;
• processes for seeking feedback from people using services and other relevant stakeholders, for
example in relation to organisational performance, service delivery and satisfaction;
• improvement processes connected to:
2018 January 2020
CHCINM001
- feedback, complaints and appeals processes;

- records of incidents of harm, abuse or neglect of people using services; and
- workplace injuries/hazard reporting systems
• timely analysis and summaries of data held by the organisation that inform management decisions;
and
• processes for the governing body to regularly review the effectiveness of its own processes and
structure in providing good governance to the organisation (e.g. how effectively meetings are
conducted, response time to important issues, awareness of responsibilities and effectiveness of
delegations).
Identify, evaluate and prepare options for the development of information systems in
consultation with users
Who are the stakeholders that should be consulted with for the development of information systems?
• People using the service – clients in the community
- People working in the service Admin team; ITC team; Project managers; Workforce planning team;
Business team; Human Relations team; Change management team All staff who will use the
information system
• Governance and accountability – Funding bodies, Government departments
• Volunteers
Development of Information systems needs to be in consultation with users to identify what works and what
does not. Areas that may be discussed with users could be some of the following listed in the diagram below.
Image source:https://www.wiley.com/legacy/Australia/PageProofs/BUS_MAN/1_2/KC_VCE_BusMgmnt_U1%262_3E_c07__WEB.pdf
2018 January 2020
CHCINM001
Consultation with users will help develop an information management strategy. The benefits of the
developed Information Management Strategy are:
• a sense of direction and continuity;

• provide a framework for organisational decision making;
• provide standards of accountability for the communities, programs and allocated resources;
• support improvement of organisational processes, people and resources;
• identifies gaps, duplications and overlaps in Information management (IM) initiatives across an
organisation;
• establishes IM Policies, Guidelines and Standards;
• ensures that measures are established to assess compliance with IM/IT security policies, procedures
and standard;
• ensures that the change processes associated with the implementation of new IM initiatives is
managed in a way that ensures a smooth transition in terms of policy, staff productivity, procedural
changes, effective support and technological infrastructure; and
• ensures compliance with the IM core policies and standards.
Steps in implementing Information Management Strategic Plan
1. convene an Information Management Advisory Reference Group (IMAG)

2. research IM Standards (alignment to Accreditation Standards)
3. define IM Standards & Interpretative Guidelines
4. develop Confidentiality & Privacy handling
5. develop a Communication Plan
6. IMAG to develop an Auditing Tool for IM
7. identify & select Pilot Sites
8. develop Policy & Best Practice Guidelines
9. identify recurrent costs as per capital investment and ongoing operational support
10. annual Progress Audit Reviews conducted
11. ensure transference of knowledge
12. ensure IM Standards are incorporated as part of the Accreditation Standards
Identify, calculate and evaluate financial and technological resources required for systems
Community Service information systems serve multiple users and a wide range of purposes. They need to
enable decision-makers at all levels of Community Service to identify problems and needs, make evidence-
based decisions on policy and allocate resources optimally. Data from different sources are used for multiple
purposes at different levels of Community Service.
Needs assessment of technological resources to meet organisational needs
• What quantity of a resource is required?

• When will the resource be needed?
• What capability does the resource need to have? Are there any limitations?
• What is the cost for procuring or having the resource available? Are there any liabilities associated
with use of the resource?
2018 January 2020
CHCINM001
• How will you identify the information management goals and future IT needs of the organisation?
• How can you assess the current system and staff needs from an individual worker perspective?
• How will you assess the current IT system from the overall system perspective?
• Should you document an IT development plan including a budget and resource plan?
• Who should you consult with externally to get quotes or tender for the contract?
These resources can be organised into different categories:

• People;
• Facilities;
• Systems;
• Equipment;
• Materials;
• Supplies;
• Funding; and
• Information.
In terms of technology, information management encompasses systems such as:

• web content management;
• patient information management;
• organisation records management;
• Clinical audit tool;
• Data extraction tool;
• Data Analysis Tools;
• digital asset management;
• customer relationship management;
• learning management systems; and
• learning content management systems.
Information management therefore encompasses; people; process; technology; and content
Identifying information technology needs of a Community Service organisation
Computers are highly efficient information storage and management systems, but only if the computer user
sets up a sensible framework or filing system for grouping and ordering that information in the first place.
There are various types of management information systems and it is important for an organisation to
identify appropriate management information systems that will meet the organisation’s needs. The
following is a list of identified systems that could be used to meet information needs of an organisation.
Client management systems (CMS) are databases for storing and collating information on services provided
to clients.
Databank Information System. The responsibility of this information system is to observe, classify, and store
any item of data which might be potentially useful to the decision maker. Examples of the kind of data that
might be recorded in such a database for a given Community Service are as follows:
• number of services provided

• number of clients accessing the service
• number of community service workers required to manage the service
2018 January 2020
CHCINM001
• number of work hours devoted by community service staff to a particular project

• salary costs and other expenses by project
Predictive Information System. This system moves beyond pure data collection and the determination of
trends over time. Predictive information systems provide for the drawing of inferences and predictions that
are relevant to decision making. If data from the above examples were to be used in this way, it is possible to
obtain information useful for making predictions or for drawing inferences.
Decision-Making Information System. This system goes one step further in the process of decision making
and incorporates the value system of the organisation or its criteria for choosing among alternatives. An
extension organisation's values are many and varied. They include concerns for resolving project problems,
increasing and providing for stability of project funding, and improving the quality of services offered. They
also include an intent to provide well for staff members (training, adequate salaries, etc.) and to aid in the
process of bringing about Community development.
Project management system. This system can manage estimation and planning, scheduling and milestones
achieved, cost control and budget management, resource allocation, decision-making and meet quality
management and documentation requirements.
Financial reporting and accounting system This system is responsible for financial management, planning,
record keeping, accounting, reports, financial statements, taxation requirements. Assists in keeping track of:
• monthly financial, statutory and funding reporting;

• keeping track of grants, contracts and risk assessments;
• year-end financial statements and processes, annual financial accounts and auditing;
• resource expenditure including: information technology, products, wages, travel, training and
marketing; and
• financial analysis of life cycle costings.
2018 January 2020
CHCINM001
Section 3 Establish and manage systems to record and store information

As discussed earlier the Community Service and Health industry use a wide range of systems to record and
store information which needs to be managed to meet the heath privacy principles.
Develop, implement and document systems that meet organisation and statutory
information requirements for recording, storing and accessing information
Confidentiality is a very important right of individuals who receive care and support. It is part of the
relationship of trust that individuals have with community service support workers and social care workers.
Information requirements for recording, storing and accessing information within Community Service
agencies can be categorised by type:
• Mandatory – Legislation/Legislative Instruments require the information to be recorded relevant to

legislative and statutory requirements. Example would be that a client’s information is kept private,
secure and stored correctly and password protected and that all staff have police check and working
with children check;
• Required practice – Agencies must be aware of, and implement to the level required, the
requirements of the relevant policy/standard/guideline. Example would be that all staff use a
password login to access information systems and databases; and
• Recommended good practice – Agencies are not obliged to comply and may adopt the
advice/guidance as best suits their needs. Example would be Quality Management System approach.
Information requirements for records:
• Electronic records are particularly vulnerable to unauthorised or inadvertent change and loss.
Security measures need to include:
o Digital signatures to protect the authenticity and integrity of electronic documents (the
Electronic Communications Act 2000 provides for legal recognition of electronic signatures and
the process under which they are generated, communicated or verified).
o Scanning and storing electronic records and digitised documents according to BSI PD 0008:1999,
Legal admissibility and evidential weight of information stored electronically to ensure their
authenticity in the event of a legal challenge.
o Encryption of portable storage media.
• Email is not a secure system, so be aware that confidentiality cannot be assured for any information
sent via email.
• Procedures for document control and record management
o Electronic Format
o Document Creation
o Document Review
o Obsolete Documents
o Document Format
o Document Properties
o Consultation & Communication
o Document Approval Process
2018 January 2020
CHCINM001
o Document Control Register

o Record Management
• Procedures for WHS documents record management
o Training needs analysis and plans
o Incident / Hazard reports
o First Aid treatment
o Licensing and certification Registrations
o Health and Safety working group meeting agendas and minutes
o Training and induction checklists
o Performance management plans
o Emergency evacuation reports
o Maintenance, inspections and testing
o Health monitoring reports and testing
o Research Approvals/authorisations
o Claims management & Rehabilitation case records
• Note: Many information systems are also recordkeeping systems as they create and maintain
records of the organisation activities which they support. Tools that are commonly integrated in
recordkeeping systems include record retention and disposal authorities, listing retention periods
and disposal actions.
Information requirements for storage might be:
• keep antivirus software up to date on any laptops and password protect any mobile devices;
• paper records should be in lockable cupboards when not in use with a clear desk policy
recommended, where paper documentation is locked away at the end of the working day;
• electronic records need to be kept password protected within databases and accessed only by
relevant people;
• Cloud services should not be used for staff or client personal information;
• portable storage devices should be encrypted or not used at all; and
• stored in a manner that is easily identifiable to facilitate their efficient and effective
retrieval/replacement by any authorised person for purposes such as:
o analysis/investigation;
o internal/external evaluation;
o evidence of legal compliance;
o evaluation and review; and
o training needs.
Destruction of confidential data: All staff have a responsibility to consider security when disposing of
information in the course of their work. Special care must be taken with the destruction of e-records, as
deleted information can often be reconstructed. Erasing and reformatting disks or personal computers with
hard drives which contained personal data is likely to be insufficient. Destruction should be carried out in
collaboration with your IT Support team, which will have the software tools to ensure that the data is
removed. Overwriting should ensure all previous information has been removed, but this should be executed
by authorised staff only.
All destruction should be carried out in accordance with the provisions of the relevant retention schedule for
that information, allowing for an audit trail to be kept.
2018 January 2020
CHCINM001
Information requirements for access might be:

• access should be password protected and only available to relevant personnel;
• remote access available to relevant people in job roles where they fully understand the
responsibilities of this remote access; and
• keep antivirus software up to date on any laptops and password protect any mobile devices.
Implement strategies to address any gaps in meeting current information requirements in

consultation with stakeholders
What is the purpose of the consultative process?
Some types of issues primarily require information to be channelled from community to authority
organisation, others from authority organisation to community. Others require both.
In some instances, the process is intended to provide people with an opportunity to understand a point of
view not previously considered, and perhaps even to arrive at some collective appreciation of the
alternatives. In brief, you need to be clear about the primary purpose of the consultation. You can then
select the most appropriate and efficient method. At this step, you choose or design a consultative process
which will secure the widest possible involvement of the stakeholders, and achieve the purpose of informing
community, or design authority, or both. In deciding the process to be used, it is helpful to think of an issue
as falling primarily into one or another of four categories.
• Information to the community - For example, the design authority might wish to notify the
community about the timetable for acting on decisions already taken. Or the community may wish
to know what the long-term plans of the authority organisation are.
• Information from the community - For example, the authority organisation might wish to know the
issues which the community regards as of the highest priority. Or the community may wish to bring
some attitude to the notice of the authority organisation.
• Information exchange - For example, the authority organisation might advise the community of
some design options, and seek a response. Or the community might raise an issue, and require a
reply from the authority organisation.
• Developing agreement - For example, different groups of stakeholders might each prefer an option
which disadvantaged the other group. Or, through misunderstanding or mistrust, the authority
organisation and community activists might misunderstand each other’s' motives.
After consultative process and a gap analysis of current information requirements has been conducted by an
organisation the report should be considered by stakeholders and any recommendations need to be
consulted and agreed upon before committing to any proposed changes.
The following is a list of some of the 12common information management problems, which include:
• large number of disparate information management systems;
• little integration or coordination between information systems;
• range of legacy systems requiring upgrading or replacement;
• direct competition between information management systems;
• no clear strategic direction for the overall technology environment;
12 http://www.steptwo.com.au/papers/kmc_effectiveim/
2018 January 2020
CHCINM001
• limited and patchy adoption of existing information systems by staff;

• poor quality of information, including lack of consistency, duplication, and out-of-date information;
• little recognition and support of information management by senior management;
• limited resources for deploying, managing or improving information systems;
• lack of enterprise-wide definitions for information types and values (no corporate-wide taxonomy);
• large number of diverse business needs and issues to be addressed;
• lack of clarity around broader organisational strategies and directions;
• difficulties in changing working practices and processes of staff; and
• internal politics impacting on the ability to coordinate activities enterprise-wide.
• and reflect real constraints in the problem domain; their specification is not arbitrary.
Implementation plan will need to be developed in consultation with key information managers and
stakeholders to action any recommendations. Factors such as budget, workforce planning, regulatory
requirements and training will all need to be addressed in ‘change management’ implementation
strategies.
2018 January 2020
CHCINM001
Section 4 Develop staff and resources

Organisations should develop and clearly set out the statutory and mandatory training standards for staff.
This might include:
• systematic induction program during the first 3 months of employment

• minimum statutory and mandatory training requirements that will be monitored and assigned to
each role the organisations
• annual work appraisal and training and professional development needs
• all staff to evaluate the training standards and resources for continuous improvement
It is important to monitor and evaluate the team and individuals learning performance, this will allow you to
determine the type and extent of any additional work-based support required to develop and support staff
skills in information gathering and management.
Most organisations have human resource management systems that are consistent with regulatory
requirements, industrial relations legislation, work health and safety legislation and relevant agreements or
awards. Human resources are managed to ensure that adequate numbers of appropriately skilled and
trained staff/volunteers are available for the delivery of services to people using services
• buildings and the physical environment where services are delivered are safe
• risks associated with employees’ rights and work health and safety are managed effectively and in
accordance with legislation.
• organisations ensure compliance to legislative and regulatory requirements for selecting, training
and management of staff, including checks such as suitability checks (for Child Safety care services),
Working with Children (please refer to Chapter 8 of the Commission for Children and Young People
and Child Guardian Act 2000) and/or Criminal History Screening.
Ways that this can be demonstrated are:
- non-discriminatory human resource practices;

- the application of equal employment opportunity principles;
- the elimination of bullying and harassment;
- the consistent application of awards, collective agreements or contracts;
- safe work practices; and
- safe work environment.
Analyse staff training needs in relation to information systems and in accordance with
legislative and organisation requirements
To write and develop strategies for information gathering, you need to examine the information needs of the
end user. You need to know the purpose of the information gathering activities, and what is required from
the information provided and strategies for the system to capture this information.
Questions to ask are:

• Will the information management system have the capabilities to gather this information that you
are asked to bring together?
2018 January 2020
CHCINM001
• What resources are available to you?

• What skills are needed in the organisation for them to perform their role more competently?
• Do you need to undertake a training needs assessment of the end users?
• How can you create learning opportunities? E.g. self-paced learning on the job, external training.
Computer and information systems managers must possess strong interpersonal, communication, and
leadership skills because they are required to interact not only with their employees, but also with people
inside and outside their organisation. They must also possess great team skills to work on group projects and
other collaborative efforts. Information system managers are needed for:
• experience with the specific software or technology to be used on the job, as well as a back-ground
in either consulting or business management;
• understanding of people, processes, and customer's needs;
• motivating, developing, and directing people as they work;
• identifying problems and reviewing information needs;
• analysing options and applying solutions;
• obtaining needed equipment, facilities, and materials and overseeing their use; and
• determining how a system should work and how changes in operations will affect outcomes.
Records managers must process the management of records which requires a range of strategic and
operational skills. Depending upon the size of the organisation, these roles are filled by one person or by a
number of people. Records managers work in partnership with other professionals such as the Practice to
build good recordkeeping into the business activities of the organisation. Strategic and managerial skills are
needed for:
• formulating corporate recordkeeping and records management policies for records in all formats,
including electronic records;
• setting corporate standards for recordkeeping and records management;
• monitoring performance and compliance with standards and other requirements;
• providing records management consultancy services to business units; and
• designing recordkeeping systems
Recordkeeping responsibilities of all staff
• All staff in an organisation is responsible for making records and capturing these into official
recordkeeping systems. These responsibilities should be set out clearly in corporate policy and
procedures. This is particularly important when records management systems are rolled out to users
and they capture their own documents into the system, and where email is sent direct to the
recipients without passing through any central registration system. The timely capture of the record
itself and relevant details about the record (metadata) determine the reliability and useability of the
records over time.
• Operational skills are required to implement records management processes and tools in an
organisation, whether for the whole of the organisation, business unit or workgroup level. These
skills include:
o classifying, registering and tracking records in recordkeeping systems;
o implementing retention and disposal authorities;
o maintaining classification schemes;
2018 January 2020
CHCINM001
o inventorying records systems;

o providing quality records services;
o good communication skills;
o training;
o time management and prioritisation; and
o planning.
13
In order to guarantee acceptance and effective usage of information system (IS), its end users must be
appropriately trained. Therefore, it is essential for developing a good training program to precisely assess
end users’ training needs. However, applying traditional approaches for Training Needs Analysis (TNA) such
as interviews or surveys alone is insufficient. These methods are limited in their capacity to understand the
cognitive processes a learner follows in learning a new computer program. Usability testing, with its ability to
gather rich data about human computer interaction, overcomes the deficiencies of traditional approaches.
Organise training or retraining in accordance with training needs analysis
Training needs analysis

14
The primary purpose of the Training Needs analysis (TNA) is to identify what knowledge and skills end users
should have to enable them to effectively interact with Information systems in the community Service
setting. The results of the analysis are the foundations for the development of effective training strategies
and programs. Through identifying the problems, a user may encounter in using a new Information System
(IS), the gap between the necessary and the actual knowledge and skills that a user has for effectively
interacting with this IS can be inferred. In other words, experimental Human Computer Interaction (HCI) data
such as users’ usage problems, mistakes or inefficient behaviours, are effective indicators of what they do
not know, which, in turn, suggests what they need to know.
The proposed Multi-Method Approach for Training Needs are:

• observe how novice, intermediate and veteran users use a HIS to complete representative tasks;
• before or after the conducting of cognitive usability testing, interview or survey these users to gather
further information about their knowledge and skills that is relevant to a particular HIS that they are
trained to use;
• extract patterns of strategies used by the novice, intermediate and veteran users to complete
various tasks with this HIS;
• identifying the key knowledge gaps (learning needs) of different levels of learners based on the
different interaction patterns that they displayed when using the HIS;
• user Manual: this is usually for novice or first-time users and should be contain detailed information
and diagrams or screenshots of the program for ease of use in identifying how to perform tasks; and
• Online Help: this type of training is traditionally for the relatively experienced users that require help
while using the product, it usually contains information on how to conduct a task. FAQ pages are also
part of the online help information system.
13
http://ro.uow.edu.au/cgi/viewcontent.cgi?article=1672&context=infopapers
14
http://ro.uow.edu.au/cgi/viewcontent.cgi?article=1672&context=infopapers
2018 January 2020
CHCINM001
The organisation provides people working in the organisation with induction, training and development
opportunities relevant to their roles. The reasons why specific training is important for information system
users when upgrades and change occur is to:
• minimise confusion and mistakes when the new system is implemented;
• ensure that staff are able to take full advantage of new features;
• ensure that the budget spent on the upgrade is not wasted;
• minimise unnecessary work for IT staff solving minor problems; and
• make staff feel valued and empowered by updating their skills.
Ways that this Training can be demonstrated are:
• induction processes that address mandatory requirements and the knowledge necessary to fulfil a
role within the organisation;
• qualifying periods and review processes;
• identifying and responding to the learning needs of people working in the service;
• processes for communicating organisational requirements (e.g. administrative duties, timesheets
and record keeping) as well as role specific requirements to staff; and
• processes for staff to identify, apply for and attend/participate in learning and development
opportunities.
Effective orientation is an investment in employee morale, productivity and retention. Industry best practice
suggests induction/orientation should involve:
• conducting a structured induction process that covers tactical and administrative issues;
• using a buddy system or a mentoring program;
• obtaining formal feedback from new starters after a specified time in the new role; and
• monitoring and managing probation.
Collecting accurate information is essential to not only understanding what is taking place, but also to ensure
correct interpretation of the facts. Training resources should be developed using best practice with
consultation and collaboration of the teams collecting information and using the information technology
(Informatics) or policy and procedures of the organisation
The organisation ensures that people working in the organisation have access to fair and effective reporting
systems for dealing with complaints, grievances and disputes using communication strategies outlined in
policy and procedures. Agreed ways of working with information are clearly identified by the organisation
during induction processes and breaches in information privacy are reported according to line of command
or through Human Resource departments.
The interpretation of this is that:
• all staff have the right to raise grievances and disputes under a system of natural justice with no fear
of retributive action;
• Agreed ways of working is clearly identified; and
• access to departmental review processes is assured.
• processes for grievances and disputes may include:
2018 January 2020
CHCINM001
o making staff aware of their right to raise grievances and to have disputes resolved;
o making staff aware of their right to access support when involved in grievances and/or disputes;
o ensuring stakeholders are informed of the outcomes of grievances and/or disputes where
appropriate;
o how the organisation will maintain and respect people’s right to privacy and confidentiality in
managing grievances and disputes;
o access to employee assistance programs that provide counselling and/or other services; and
o processes for engaging external grievance investigation companies who can provide an objective
investigation into grievances if required.
The organisation provides ongoing support, supervision, feedback and fair disciplinary processes for people
working in the organisation.
• supervision processes for people working in services;

• performance management processes;
• debriefing processes for staff;
• strategies to promote and encourage staff/volunteer retention;
• monitoring processes for sub-contracted/brokered staff;
• processes to support volunteers to do their jobs well and safely; and
• demonstrated adherence to current industrial legislative requirements in regard to disciplinary
processes, including discipline for specific breaches of conduct, demotion and dismissal.
Support and supervise the development of information and educational resources
Community services should establish a framework for the development and delivery of suitable education on
documentation and management of information records. All Community Service care professionals who
document or manage health care records must be provided with appropriate orientation and ongoing
education on the documentation and management of health care records.
The content and delivery of education programs should be informed by record audits. The results of such
audits should be used to target problem areas relating to particular health care personnel groups or facets of
documentation and management.
Specific learning opportunities should be sought and professional development training must be conducted
for the introduction of any new complex health care record requirements and for changes in documentation
models or implementation of new patient information management systems.
Develop content and format guidelines in consultation with stakeholders to guide production
of resources
The following will be helpful to develop content and resources regarding information management in
consultation with management:
External sources- Use external sources to help validate data eg. Pap Smear register, breast screening register
Centre for Disease Control, electronic health records.
2018 January 2020
CHCINM001
Training- Involve data quality staff in training to help identify and reduce common errors in Patient
information records use/data entry
Report function- Use the report function of the information system to schedule reports to identify issues
with date entry and follow ups
Ending consultations- Ensure that all consult entries are ‘finished’ correctly at the end of reporting so that all
relevant data is entered and data is counted in reports and information is collected in data extractions
Recall management- Recall management is crucial to good data quality and clinical care
Medicare management- Good Medicare management will assist in good KPIs as well as increased income
generation to improve patient care
Notes and pop up alerts- Good reminders to staff for specified information gathering.
Relationships and data- Good relationships with all staff end users is crucial to good data management and
will improve data quality. Ensure the presentation of data is accessible and easily understood by all staff.
Referral channels- Ensure that all staff are acutely aware of the policy and processes and legislation
regarding referrals.
Know your database/population- Know your database/population by accessing regularly and look for trends
in the data
KPI reporting- Use patient information record systems that allow tracking of KPIs and can produce reports
for funding bodies.
Decision support systems- Use related computer programs and the data required to assist with analysis and
decision-making within an organisation. Decision support systems are a set of related computer programs
and the data required to assist with analysis and decision-making within an organisation. They can be a
useful tool in improving managerial effectiveness. To determine the type of decision support system
required you firstly need to assess what ‘you’ the end user need from your information system and what you
want to do with this information. Examples of what the additional software can be used for:
• retrieves isolated data items;
• uses as a mechanism for ad hoc analysis of data files;
• obtains pre-specified aggregations of data in the form of standard reports;
• estimates the consequences of proposed decisions;
• proposes decisions; and
• makes decisions.
Recruit appropriate expertise to develop information and training resources
Planning the recruitment and selection process
Planning is essential in the recruitment and selection process as it ensures the best possible process is
followed. It helps to manage time constraints and streamlines the recruitment and selection process for both
the organisation and applicant.
Planning is crucial as it allows analysis and design of the position to be filled to be according to what the
organisation needs at the time and in the future. The departure of a staff member provides an opportunity
2018 January 2020
CHCINM001
to consider and analyse whether the position itself should change in order to provide increased benefit to
the organisation.
Ways that recruitment and selection process can be demonstrated are:

- position descriptions for all roles;
- processes for advertising or promoting available positions;
- merit based selection and recruitment processes;
- processes for appealing recruitment and selection decisions; and
- processes for staff leave and backfill arrangements that ensure continuity of service delivery.
15
Job analysis involves determining the knowledge, skills and attributes required to perform in a particular
role. Job analysis is critical to recruitment and selection because it is the foundation of a high-quality process
and when done well identifies not only the skills and knowledge required to perform a role but also the
attributes, which can be used to assess ‘cultural fit’ within an organisation. Job analysis helps to identify the
key selection criteria and inform the position description, which are both key aspects in attracting suitable
candidates. A poor job analysis is likely to adversely affect the quality of outcomes, irrespective of how well
the rest of the selection process is executed.
Step 1 Step 2 Step 3 Step 4

Process Understand the Understand the Develop selection Review position
tasks job criteria & decide description
techniques
Interviewing
16
Interviewing is the most commonly used selection technique. It can be expensive, time consuming and
most organisations do not maximise its value. However, if used appropriately, interviewing can be a good
predictor of work performance.
Research suggests that many organisations conduct unstructured interviews (i.e. have the person in for a
‘chat’ to see what they are like). They may also simply ask the same questions of each applicant believing this
constitutes a ‘structured’ interview. This is only considered best practice if the structured questions are
behaviourally-oriented.
The aim of behaviourally-oriented questions is for the applicant to demonstrate through past behaviour that
they meet the required knowledge, skills and attributes e.g. Please describe a time when you had to raise
funds for a particular purpose within an organisation. What was the situation, what did you do and what was
the result?
Where a candidate does not meet all criteria to the required level, the interview also provides an
opportunity for the organisation to consider the candidate’s potential to grow into the role.
Avoid discrimination in the recruitment process by checking Equal Opportunity and Human Rights
Commission guide, A Fair Go for Job Seekers – Best practice guidelines for the recruitment industry and
employers
15 Best practice-recruitment and selection a tool kit for the community sector_State Government of Victoria 2009
2018 January 2020
CHCINM001
In order to ensure that assessments made during interviews are objective, it is advisable that more than one
person be involved in conducting the interview and in some circumstances for someone external to the
organisation, but with the appropriate interviewing skill, to assist in this process. It is also important to
advise candidates who will be conducting the interview.
17
Reference checks are generally used to obtain the following information:
- employment dates;
- appraisal of an applicant’s claim against the key selection criteria;
- estimates of an applicant’s job performance capabilities; and
- employer’s willingness to re-hire the applicant.
Professional referees (i.e. a previous employer) should be contacted to provide information on the applicant.
If an applicant does not provide professional referees and does not have a legitimate reason, this could
indicate issues around their past experiences. It is advisable to explore reasons as to why recent previous
employers’ details are not given. Telephone reference checks are the most frequently used method of
reference checking. This method has a number of advantages:
- high return rate;
- allows the reference checker to ask follow up questions for clarification;
- it is inexpensive to conduct; and
- speed.
A structured approach to reference checks improves its value. Mandatory checks (e.g. police check or
working with children checks) are an important part of the recruitment and selection process. These checks
must be added into the recruitment and selection process as relevant to the organisation.
What is the cost of a poor recruitment and selection process?

18
A poor recruitment and selection process increases the probability of a poor hire and this can have a
significant impact on the organisation financially and non-financially.
The financial cost of hiring a poor recruit extends beyond the costs involved in appointing the person. It also
extends to the ongoing salary costs of the person and, where a probation period is not managed efficiently
or where a position turns out to be quite different to the position that was advertised, legal costs.
A poor recruitment decision can also have a demoralising effect on staff as their roles may be affected while
time, money and effort are spent bringing the recruit up to standard, impacting the motivation to carry out
their own roles and possibly the productivity of the organisation.
Making a selection decision
It is common throughout organisations to make subjective judgements to assess an applicant’s suitability to

the role. This does not align with identified best practice.
Best practice is to use a scale (for example 0-5 with descriptors for each point of the scale) to rate each
assessment and then combine all ratings for each assessment activity for each applicant throughout the
recruitment and selection process to provide the basis for a decision. This is an especially good method when
2018 January 2020
CHCINM001
more than one selection technique is used. This approach means the selection decision is more objective,
removing the risk of bias or “gut feeling” which is not backed up by evidence.
A gap analysis assessment tool could be used to assess recruitment and selection processes against those
defined as best practice. This tool can help identify areas where they can improve their implementation of
best practice and also measure their improvement over a number of years through annual assessments such
as:
• job analysis and key selection criteria;
• short-listing;
• interviewing and additional assessment;
• induction/orientation; and
• the process (which includes evaluation of the selection process).
2018 January 2020
CHCINM001
Section 5 Evaluate and maintain quality information systems

Improving information management practices is a key focus for many organisations, across both the public
and private sectors. Not all information is equal. Some information you gather will be more important than
other information to a specific information gathering task. Computer technology is a reality of our modern
world and it gives us a tool which can be used to help us cope with the complexity and efficiency which is
often required in many areas of work. Over the last few years we have seen major changes in the way
community service and health care is delivered. There has been and will be in the future a need for
informatics to evolve to meet the changing requirements of our community service care system so as to
serve our client’s needs.
Routinely evaluate adequacy of information systems used to record and store information for
effectiveness, efficiency, security and integrity and introduce new methods as necessary
What do you need to evaluate?
Author- Is the author credible? What position do they hold? Are they form inside or outside the organisation
or industry?
Date of information- Is the source current or out-of-date for the purpose of the information required? When
was the information collected?
Content analysis- Does the introduction to the information indicate its intensions, does it have a table of
contents/ index to get a broad overview of the material that is covered? Does it have bibliographies?
Intended audience- Is the information board enough to be used by a range of projects or only a specific
project. Is too elementary, too technical, too advanced or, just right?
Objective reasoning- Are you able to separate fact from opinions?
Coverage- Does the information cover the topics in question, is the information useful?
Writing style- does it make logical sense or represented in a form that is appropriate for the target
audience?
Sufficiency- Is there enough information to draw valid conclusion?
The eight stages of the methodology for implementation of recordkeeping systems and tools are:
Step 1 – preliminary investigation;

Step 2 – analysis of organisational activity;
Step 3 – identification of recordkeeping requirements;
Step 4– assessment of existing systems;
Step 5 – strategies for recordkeeping;
Step 6 – design of a recordkeeping system;
Step 7 – implementation of a recordkeeping system; and
Step 8 – post-implementation review.
2018 January 2020
CHCINM001
Monitor validity, currency and usefulness of information and take appropriate actions for
disposal or storage
Community service workers need to understand the need for secure handling of information in community
service settings. Principles of information data reporting are:
• minimise the reporting costs for service providers and community services;
• only collect data that will be used and is meaningful for compliance or evaluation; and
• simplify systems for data collection, storage and analysis
Information based on valid, reliable, and timely data about the services provided, the recipients of care, the
facilities used, is fundamental to all strategies for monitoring and improving the quality of long-term service
programs.
Consumers and their advocates want information to guide the selection of service providers, monitor current
services, inform efforts to encourage and promote system-wide improvements in long-term service
programs, and work with their providers to improve quality of service. Providers want such information to
target their efforts toward improving service processes and outcomes. Regulators need this information to
identify quality problems, target monitoring and enforcement processes, and confirm corrective actions.
Purchasers of service, might use this information to decide who should provide services for their
beneficiaries or subscribers.
By working with Quality Management system (QMS), the entire quality management system certification
and implementation process is simplified, building an organisation on quality management standards that
improve efficiency, performance, safety and sustainability.
• ISO 9001 quality management systems certification
• NSW QMS guidelines
Within Family and Community Services in NSW there are Community Builders performance frameworks
which provide a set of consistent performance measures that, in line with results based accountability,
identifies data results to be achieved within each Service Activity Descriptions (SAD) in each of the following
categories:
• How much?
• How well?
• Is anyone better off?
Objectives and principles for data reporting
The purpose of the data reporting project is to:

• assess project effectiveness against the service specification;
• measure the project’s contribution to the service activity description model and program; and
• contribute to program evaluation
The principles of the data reporting project are to introduce a data collection system that will:
• enable service providers to consistently collect data against Community Builders performance
measures;
• align with Community Services principles by only collecting data that will be used and is meaningful
for compliance and evaluation;
• provide a simple cost-effective way for submitting that data to Community Services;
2018 January 2020
CHCINM001
• meet Community Services requirements for performance monitoring data;

• provide Community Services with high quality data that can be aggregated and used to guide
program evaluation and management; and
• provide service providers with information to guide their service delivery to the community.
Program reporting system
The monitoring data reporting system has been developed to help Community Builders funded services
provide data to Community Services for each of the performance measures in a simple and consistent way.
Outputs data (those relating to ‘how much’ and some of the ‘how well’ measures) will count each occasion
of service or activity undertaken. This data will be submitted via an on-line portal per reporting period.
Outcomes data (those relating to ‘is anyone better off’ and some of the ‘how well’ measures) will be
collected through outcome surveys of Community Builders service users.
Disposal of records
The disposal of records includes the retention, deletion, transfer or destruction of records following
appraisal decisions. Disposal processes include:
• appraisal – appraising business functions and activities to determine whether records need to be
made, which of these records need to be retained and for how long. This includes identifying records
with on-going value as archives. In NSW appraisal decisions are authorised by State Records through
general and functional retention and disposal authorities;
• sentencing – implementing the disposal authority and applying retention decisions and disposal
actions to records. This includes documenting sentencing activities, including transfer and
destruction;
• destruction – the safe, secure and authorised destruction of time-expired records. This includes
documenting records destroyed and the authority by which they were destroyed; and
• storage/Transfer of records – transferring control of records to new owners or custodians following
the transfer of functions. It can also apply to the transfer of archives to an archives institution such
as State Records. This includes documenting records that have been transferred.
Monitor ongoing development of information systems and training resources in consultation

with users
People are involved in information systems: people imagine information systems, people develop
information systems, people support information systems, and, perhaps most importantly, people use
information systems.
To monitor ongoing development of information systems, information needs to be gathered from a range of
different people. Many organisations will have developed a continuous monitoring strategy to access these
people and gather information. The continuous monitoring strategy can apply to an individual information
system or for a group of related information systems. The continuous monitoring strategy should also
address the requirement to determine the extent to which a proposed change to the system or its operating
environment will affect users of the system. Information system changes should not be made prior to
assessing the security impact of those changes.
2018 January 2020
CHCINM001
After the information owner/information system owner and authorising official/s agree on the strategic
decisions for continuous monitoring, the strategy is documented in a continuous monitoring plan or
organisational policies and procedures. This document will identify the roles and responsibilities of those
involved in the monitoring process and the procedures to be followed to manage system changes.
The information owner/information system owner should document any relevant information about specific
changes to the hardware, software, or firmware such as descriptions of planned new or modified
features/capabilities or security implementation guidance. It is also important to document any proposed
changes to the information system’s operating environment such as modifications to hosting facilities or the
organization’s policies, processes, or procedures. The information owner/information system owner should
use this information when assessing the potential security impact of the changes on the information system.
Proposed changes are typically documented in a change request form and include the following types of
information:
• change requestor’s name and contact information;

• description of the proposed change;
• description of the problem that relates to the proposed change;
• identification and description of any components affected by the change;
• reason for the proposed change;
• implications of not making the proposed change;
• security controls impacted by the proposed change;
• scope and impact of the proposed change on system or component operations;
• types (e.g., local, remote) and number of users affected by the proposed change;
• resource assessment of the proposed change (e.g., time and expertise required to implement the
proposed change, training resources required);
• suggested implementation plan for the proposed change including proposed milestones;
• back-out plan, including triggers for decision makers, if appropriate;
• impacts on business continuity and contingency plans; and
• risks involved in making the proposed change.
Implement strategies to continuously improve effectiveness of information systems and

resources
Organisation should use a Quality Management System approach to ensure that all aspects of information
management is compliant and meets industry standards.
Prior to implementing strategies for continuous improvement an organisation must establish a baseline, or
starting point. Then you:
• PLAN: Plan your improvements, including setting goals.

• DO: Put in place the actions required for improvement.
ACT PLAN
• CHECK: Measure your success relative to your baseline.
• ACT: Adjust or tweak your changes.
CHECK DO
2018 January 2020
CHCINM001
Even if an organisation doesn’t actively promote continuous improvement process, it just means that they
are not doing it as systematically or effectively as they could, and they might not be deploying changes from
one sector or area to others that could benefit. This is where the notion of a culture of continuous
improvement comes into play. Broaching the subject of continuous improvement with employees and
collaborators, most will agree in the necessity but not necessarily know where to begin. Creating a
formalised plan that works for the structure of the organisation is critical.
19
Data Breaches
Data breaches occur in a number of ways. Some examples include:
• lost or stolen laptops, removable storage devices, or paper records containing personal information;
• hard disk drives and other digital storage media (integrated in other devices, for example,
multifunction printers, or otherwise) being disposed of or returned to equipment lessors without the
contents first being erased;
• databases containing personal information being ‘hacked’ into or otherwise illegally accessed by
individuals outside of the agency or organisation;
• employees accessing or disclosing personal information outside the requirements or authorisation of
their employment;
• paper records stolen from insecure recycling or garbage bins; and
• an agency or organisation mistakenly providing personal information to the wrong person, for
example by sending details out to the wrong address, and an individual deceiving an agency or
organisation into improperly releasing the personal information of another person.
Preventing data breaches — obligations under the Privacy Act
Appropriate security safeguards for personal information need to be considered across a range of areas. This
could include maintaining physical security, computer and network security, communications security and
personnel security. To meet their information security obligations, agencies and organisations should
consider the following steps:
• Risk assessment – Identifying the security risks to personal information held by the organisation and
the consequences of a breach of security;
• Privacy impact assessments – Evaluating, in a systemic way, the degree to which proposed or
existing information systems align with good privacy practice and legal obligations;
• Policy development – Developing a policy or range of policies that implement measures, practices
and procedures to reduce the identified risks to information security;
• Staff training – Training staff and managers in security and fraud awareness, practices and
procedures and codes of conduct;
• The appointment of a responsible person or position – Creating a designated position within the
agency or organisation to deal with data breaches. This position could have responsibility for
establishing policy and procedures, training staff, coordinating reviews and audits and investigating
and responding to breaches;
19https://www.oaic.gov.au/agencies-and-organisations/guides/data-breach-notification-a-guide-to-handling-
personal-information-security-breaches#data-breaches
2018 January 2020
CHCINM001
• Technology – Implementing privacy enhancing technologies to secure personal information held by

the agency or organisation, including through such measures as access control, copy protection,
intrusion detection, and robust encryption;
• Monitoring and review – Monitoring compliance with the security policy, periodic assessments of
new security risks and the adequacy of existing security measures, and ensuring that effective
complaint handling procedures are in place;
• Standards – Measuring performance against relevant Australian and international standards as a
guide; and
• Appropriate contract management – Conducting appropriate due diligence where services
(especially data storage services) are contracted, particularly in terms of the IT security policies and
practices that the service provider has in place, and then monitoring compliance with these policies
through periodic audits.
The role of the Office of the Australian Information Commissioner (OAIC)
The OAIC has the function of investigating possible breaches of the Privacy Act. It also has the function of
providing guidance and advice to agencies and organisations on the operation of the Privacy Act. As such,
the OAIC may provide general information on how to respond to a data breach. The Commissioner has a
range of enforcement powers, including the power to:
• make a determination requiring the payment of compensation for damages or other remedies, such
as the provision of access or the issuance of an apology (enforceable by the Federal Court or Federal
Magistrates Court);
• accept an enforceable undertaking;
• seek civil penalties of up to or apply for civil penalty orders of up to $340,000 for individuals and up
to $1.7 million for companies; and
• seek an injunction regarding conduct that would contravene the Privacy Act.
Disseminating information to stakeholders
When the main purpose of a consultative activity within organisations is to inform the community, the use of
mass media or print media is usually indicated. The more detailed the information, the more the benefit of
using something relatively permanent, like print, rather than something impermanent like radio or face-to-
face contact. A combination of several media usually achieves better results than any one in isolation. Some
examples follow:
• electronic newsletters;
• consultative meetings, forums or focus groups;
• advertisements or feature articles in the local press;
• newspapers which deal specifically with the geographical area affected are often more appropriate than
state-wide publications’;
• letter box drops; and
• colourful and informative posters in places where many people pass can be a useful way of reaching the
community.
2018 January 2020
CHCINM001
Exchanging information with stakeholder examples might be:

• interviews with groups or individuals;
• small group surveys;
• community meetings;
• Workshops to generate community interest;
• temporary working parties to develop local ownership and involvement;
• facilitated meetings; and
• team building to enhance relationships.
Resources:
1. Statutory guidelines Health records and information Privacy Act 2001 (NSW)
2. Planning an Information system project. A toolkit for Public Health Managers
3. Living Well. A strategic plan for mental health in NSW 2014 – 2024
4. Information management: Implementing Information Security. TAHO
5. Development and evaluation of online family dispute resolution capabilities published by
Relationship Australia and the commonwealth of Australia.
6. NSW Health. Health Care Records - Documentation and Management.
7. Health Records and information Privacy Act 2002 (NSW) Handbook to health privacy.
8. Human Services Quality Framework Version 4.0, published by Department of Communities, Child
Safety and Disabilities Services
2018 January 2020

CHCINM001 Meet Stat and Org Info Requirements

Uploaded by

Copyright:

Available Formats

You might also like

CHCINM001 Meet Stat and Org Info Requirements

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CHCINM001 Meet Stat and Org Info Requirements

Uploaded by

Copyright:

Available Formats

Learner Guide

SECTION 4 DEVELOP STAFF AND RESOURCES ................................................................................................. 34

Version Date Changes

CHCINM001 Meet statutory and organisation

In identifying information requirements of community service organisations, it is essential to consult with

What data should an organisations information system generate?

• use of services (accessibility, safety, quality, efficiency);

Use appropriate mechanisms to identify organisation and statutory information

Information gathering requirements for organisation

Data Sources – Service based or population based

Ways that this can be demonstrated by the organisation are:

• fairly and lawfully processes;

• notification of infection, including notifying a partner, maintaining de-identified registers, notifying

Personal and professional behaviour Discrimination and harassment

Conflicts of interest Corrupt conduct

Public comment Maladministration and substantial waste

Use of official resources Occupational Health and Safety

Security of official information Conduct of former staff members

Intellectual property and copyright Breach of the code of conduct

Criminal record checking Communicating and implementing a code of conduct

Fairness and equity Discrimination and harassment

Policies, procedures for Community Service work

Information gathering for statutory information requirements

A quality management system should support organisations to be compliant to these prescribed

Ways that this can be demonstrated by the organisation are:

Establishing a records management program

• records management policies, plans and procedures;

Ethics and conduct

Ethical Decision making steps might be:

Identify gaps and inadequacies in the organisation’s information systems

Methods of recording, storing and accessing information

Implement recordkeeping processes

• working with other staff to design recordkeeping into business processes;

Considering web accessibility

Electronic Information in the Community Service and Health industry

Electronic Health Information is used for:

Key benefits of electronic Information Systems

• those involved in policy and procedure development;

• the effectiveness of different treatment patterns;

1. Meeting our objectives

o What technical support will be available?

Analyse any substantial breakdowns in methods of recording, storing and accessing

7 http://communitydoor.org.au/-Choosing-a-Client Management system

How do you collect this information?

Step 1: Define Your Questions

• does the data answer your original question? How?

Section 2 Review options for information management

Options for the development of information systems

Practical approaches to managing electronic records includes:

• creating, and managing electronic records;

Mitigate risks- these risks include:

• selecting an inappropriate technology solution

• demonstrates the value of the information management strategy;

Identify and periodically evaluate sources of information

- feedback, complaints and appeals processes;

• a sense of direction and continuity;

Steps in implementing Information Management Strategic Plan

1. convene an Information Management Advisory Reference Group (IMAG)

Needs assessment of technological resources to meet organisational needs