A SIRO is a professional who has responsibility for implementing and managing information risks within the organisation. The SIRO role is mandatory for public sector organisations and organisations which are contracted to deliver services under the NHS Standard Contract. The SIRO has oversight of information risks within the organisation and will inform and advise the board on how to mitigate the risk in accordance with the organisation’s risk appetite.

Kaleidoscope have long delivered SIRO training sessions tailored to the type of organisation and the industry they are working in, including delivering to SIROs from NHS regional bodies and ICS/STP footprints to primary care. Kaleidoscope delivers the SIRO function to small – medium providers and companies entering the UK health market. This service includes:

  • Providing a named individual to fulfil the role of SIRO
  • Carry out the SIRO duties and responsibilities
  • Implement and maintain information risk oversight on organisational processing activities
  • Advise the board/senior management team on information risks and how to mitigate those risks. Liaise with information governance personnel
  • Produce regular reports and submit to the board and feed into the IG framework governance