Dr. Elena Beratarbide

PhD, MeHealth, IEng, BComp, BBA, CISA, DPO
National Information Governance and Security Lead for Health and Social Care, Scottish Government (eHealth)

IG Policy Advisor for the Scottish Government.  
Member of: the National IG Leads Forum, National Information Security Officers Forum and National Public Benefit and Privacy Panel.

During the last decade, Dr. Beratarbide has been working with the National Health Service (Scotland) to raise strategic alignment and eHealth governance maturity by redesigning information and ICT services, implementing continual improvement plans and demonstrating eHealth benefits. 

The last few years, Dr. Beratarbide has developed the Scottish Information Sharing Toolkit, National guidelines and code of practice for better information governance and security across health and social care organizations in complex data sharing landscapes, and is a key member of the working group commissioned for the development of the National IG programme.

She is a former IT consultant and security auditor for the former Touche & Ross (now Deloitte), KPMG and Fujitsu.

Dr. Beratarbide is also an active eHealth researcher in collaboration with St. Andrew’s University (Scotland, UK), Polytechnical University of Valencia (Spain), Capella University (USA), Middlesex University (UK), the NHS Scotland and EHTEL (European Health Telematics Association, Brussels).

Dr. Beratarbide is an active member of ISACA and the British Computer Society (BCS, The Chartered Institute of IT) and Health Informatics tutor in the Global eHealth Master, University of Edinburgh.

Key client List (Middle East/World Wide)   

• Scottish Government (eHealth)
• National Health Service (Scotland)
• Fujitsu Services customers (disclosure protected)
• KPMG customers (disclosure protected)
• University of Edinburgh
• University of St. Andrew’s
• British Computer Society
• WHINN Health and Innovation (Denmark)
• ISACA
• EHTEL European Health Telematics Association
• Capita

Key publications

• Scottish Information Sharing Toolkit (2016) 
• Health and Social Care Records Manager Code of Practice (2017/18)
• Integrating Health and Social Care: blending information, processes and technologies in partnerships (webcast)
• ISACA Journal: Strategic  alignment and eHealth Governance in health care organisations.
• eHealth Governance in Scotland: A Cross-Sectoral and Cross-National Comparison
• eHealth: Legal, Ethical and Governance Challenges (2013)
• CobIT® Maturity Assessment and Continual
• eHealth Governance improvement (COBIT Focus)
• Implementation of IT Governance. “Ethical Issues and Security Monitoring Trends in Global Healthcare: Technological Advancements” (2011 Book chapter)
• Critical factors in the adaptation of the NHS to the Information Society (IADIS)
• A multi-case analysis of eHealth Governance (IADIS)

List of Achievements (some examples of key pieces of work in different areas/disciplines of interest for this course:

• Health & Social Care Records Management Code of Practice (Scottish Government, Health and Social Care)
• Review/update of the National Information Governance and Security Strategy for Health and Social Care.
• Negotiations and drafting of key National Information Sharing Agreements with key Health and Social Care data controllers.
• Design and delivery of National information assets risk assessments (methodology and coaching/assistance conducting assessements)
• National guidelines for General Data Protection Regulation. Design of tools for monitoring national progress across NHS organisations and government reporting.
• Government reports on NHS resilience and progress adopting National Information Security and Governance Framework 2015/17
• Teaching/tutoring Global eHealth master, University of Edinburgh
• Design and delivery of National Information Sharing Toolkit (Scotland)
• Design and delivery of a methodology for prevention and management of information risks in software development projects (PRIMA)
• IT strategy for local government (542 municipalities), Valencia, Spain (eGoverment strategy)
• International speaker at a variety of forums on data protection, information governance, information security, ehealth topics, e.g. EHTEL (European Health Telematics Association), Capita Conferences, BCS British Computer Society, ISACA, WHINN Health and Innovation (Denmark), IADIS International Association for Development of the Information Society (Germany), etc.)
• NHS Fife, first National Health Service Board obtaining ISO27001 Certification in Scotland
• NHS Fife, first National Health Service Board using COBIT for continual improvement of IT services
• National demonstration project of COBIT effectiveness improving eHealth Governance (expanded to 3 representative NHS Boards in Scotland)
• Disaster Recovery Plan (Financial institution, Fujitsu’s customer, NHS Fife)
• Evaluation of Macroscope and recommendation/report for Corporate adoption at Fujitsu Spain