ACCESS TO RiO and Small Systems (Archive systems)

USER AUTHORISATION FORM

Users Full Name ………………………………………………..

You have applied to be provided with a Virtual Smartcard and a logon to RiO as it is considered necessary that
you have access to this system in order to conduct your day-to-day work for the Trust. You will also have
access to the Trust’s Patient Archived Data System (PADS) which holds data from the patient information
systems that were used prior to RiO. The information that is held in this system is read-only.

Use of the system is governed by the Data Protection Act 2018, the Computer Misuse Act 1990, Caldicott
principles and common law confidentiality. By entering the system, you are agreeing to follow Trust policy,
procedures and legislation surrounding the information you access and how it is used or shared and comply
with the terms and conditions of the Smartcard supplied to you as part of your registration process.

All information you come into contact with during your use of RiO or PADS is confidential and must not be
discussed with, shared or disclosed to any individual who is not directly involved in the healthcare of the
individual without the prior explicit consent of the service user, or a legitimate and legally justified reason for
doing so exists. Advice and guidance on such matters can be sought through your Team Manager, Trust
policies and procedures or the Information Governance Department at St Michaels House.

You are only authorised to review, create or amend information on this system for those individuals for whom
you have a legitimate relationship for example, the service user has been referred or is being treated; has
been treated by your team within a reasonable period of time; or you are undertaking an investigation which
requires access to the service users clinical record. Unauthorised use of the system is strictly prohibited and
all access by staff will be audited on a random and regular basis.

Staff found to have accessed information for which there is no legitimate business reason, or those who have
discussed, shared or disclosed information inappropriately will be held to account under the appropriate
disciplinary procedures.

You will receive an email from Isosec inviting you to enrol your Virtual Smartcard. You will be asked to set a
password and also to set up three security questions which will be used if you need to reset your password.

Your smartcard password should be known ONLY to you. You will also be provided with passcodes for the
archive systems (which you will be prompted to change immediately). You MUST NOT write these passcodes
down. Users are reminded that their passcode is personal to them and MUST NOT under any circumstances
be given to anyone else.

If you forget your Virtual Smartcard password and enter it incorrectly three times, as long as you have signed
up to the self-service portal, an email will automatically be generated to help you reset your own password. If
you forget your passcode for the archived systems please log a call with the IT helpdesk on 01795 508200.
You will also need to inform the Systems Manager and the Registration Authority Team of any change in
circumstance i.e. leaving the Trust or changing jobs within the Trust.

Please ensure to log out of any system once you have completed your patient updates. If you do not log out
this leaves sensitive personal information available for others to view and therefore could result in a breach of
confidentiality.
DECLARATION

I have read and understand the above statement. I am aware of my responsibilities under the Data Protection
Act 2018, Caldicott Principles and Computer Misuse Act 1990 and agree to comply with these and the Trust
Policies relating to my Smartcard, RiO, PADS and Records Management. I will inform the Systems Manager
when access to the patient information systems is no longer required.

Signed: …………………………………………………..Date: ……………………….