
Information governance by design means treating information as a critical part of safe care rather than simply a compliance requirement.
In healthcare, information is rarely just data. It tells a story and shows what has happened, what decisions have been made, what risks have been identified and what needs to happen next. When information is incomplete, inaccessible or inaccurate, people can fall through gaps in the system. When it is available, reliable and appropriately shared, it becomes one of the most powerful tools for delivering safe and effective care.
For Thalamos, information governance is therefore not simply about meeting regulatory requirements; it is about ensuring that information supports the people who rely upon it, from frontline professionals making high-stakes decisions to organisations seeking oversight and assurance.
Protected, but also useful
This begins with a simple principle: information should be protected, but it should also be useful.
For many years, discussions about data protection have often focused on restriction. Organisations became understandably cautious about sharing information, particularly following the introduction of GDPR. While protecting sensitive information remains essential, information governance is not intended to prevent appropriate information sharing. Its purpose is to ensure that information is used safely, legally and in ways that benefit the people receiving care. Responsible innovation requires recognising that balance.
Governance from the beginning
Healthcare systems depend upon information flowing between organisations, services and professionals. Mental health pathways are particularly complex, often involving healthcare providers, local authorities, emergency services and independent organisations. Information governance provides the framework that allows those organisations to work together safely whilst maintaining appropriate safeguards.
Embedding information governance from the outset helps ensure that these considerations shape products rather than constrain them later. Instead of treating governance as a final review before launch, it becomes part of understanding the problem being solved.
This changes the nature of product development. Questions about privacy, access, auditability, accountability and data sharing are considered alongside functionality, usability and workflow design. Potential risks are identified early, allowing solutions to be built into products rather than added afterwards through workarounds and controls. The result is often better technology.
Many systems evolve by accumulating fixes over time. New requirements emerge, additional controls are added and processes become increasingly complex. While each change may address a genuine issue, the overall result can become fragmented and difficult to manage.
Starting with governance from the beginning allows a different approach. By understanding the broader context, identifying risks early and considering how information will move through a pathway, products can be designed around the needs of the system rather than continually patched in response to problems.
This is particularly important in mental health settings, where decisions often carry significant legal, clinical and ethical consequences. Information must not only be accurate. It must also be accessible to the right people at the right time, protected from inappropriate access and supported by clear evidence of how it has been used. Auditability therefore becomes as important as security.
Good governance creates confidence because organisations can understand what happened, when it happened and why. Clear audit trails, transparent processes and robust reporting allow organisations to demonstrate compliance, investigate concerns and continuously improve. They provide reassurance not only to regulators and leaders, but also to the professionals relying on the system every day
This emphasis on transparency reflects a broader philosophy of accountability. Technology should make it easier to identify problems, not harder. Safe systems encourage openness, support learning and create environments where issues can be recognised and addressed before they become larger risks.
The foundation for trustworthy innovation
Information governance also helps organisations navigate one of the most difficult challenges in modern healthcare: balancing innovation with responsibility.
New technologies create opportunities to improve access, coordination and efficiency. At the same time, they introduce questions about privacy, security and trust. Responsible innovation requires recognising that these objectives are not in competition with one another. Strong governance does not prevent innovation. It enables sustainable innovation by ensuring that progress is built on secure and trustworthy foundations.
Professionals need confidence that the information they rely upon is accurate and complete. Organisations need confidence that systems meet their legal and regulatory obligations. Most importantly, people receiving care need confidence that sensitive information is being handled appropriately and used in ways that support their wellbeing. Information governance by design helps create that confidence.
It ensures that privacy, security, transparency and accountability are not treated as separate activities sitting alongside product development. They become part of the product itself. They shape how systems are designed, how information is shared and how organisations work together.
Ultimately, information governance is about more than protecting data. It is about creating the conditions for safe, effective and connected care. When information is trusted, accessible and appropriately governed, professionals can make better decisions, organisations can provide better oversight and people can receive better support.
Information governance by design means building those foundations from the very beginning.
If you’d like to find out more about the structure and process Thalamos Responsible Innovation Group then visit our dedicated webpage or read about its origins in our feature.
You can also read interviews with each RIG member:


