How to run a 15-minute IG refresher at your next team meeting

In most general practices, information governance (IG) training happens once a year - often via e-learning or in a box-ticking format that staff race through without much reflection. But IG isn’t a one-off task. It’s a constant part of delivering safe, respectful care. That’s why short, engaging refreshers between formal training sessions can make all the difference - helping staff embed good habits, notice risks, and speak up when something goes wrong. And it doesn’t need to take hours. You can deliver a powerful IG refresher in just 15 minutes during your next team meeting. This guide shows you how. 

Why micro-training works for IG

 Staff learn best when: 

• The content is relevant to their day-to-day work. 

• It’s short enough to hold attention. 

• It invites conversation, not just compliance. 

• It’s tied to real scenarios, not just policy terms. 

Micro-training refreshers support safer practice by: 

• Reinforcing good habits. 

• Spotting issues before they become breaches. 

• Keeping IG on everyone’s radar - not just the IG lead’s. 

• Creating a culture of shared responsibility. 

What to cover in a 15-minute IG refresher 

The key is to focus on one clear theme, supported by real examples and open conversation. Here are some suggested themes you could rotate: 

• How to handle confidential information at the front desk. 

• What to do if you send a letter to the wrong patient. 

• Smartcards, logins, and why access rules matter. 

• Spotting phishing emails or suspicious messages. 

• Talking about patients in shared spaces - what’s OK and what’s not. 

• Using personal devices for work: dos and don’ts. 

• How to report an IG concern without fear or blame. 

How to deliver your IG refresher 

1. Pick your moment

Schedule the refresher into an existing team meeting. You only need 10-15 minutes. Let staff know in advance so they’re prepared to engage - not just listen passively. 

2. Start with a real-life scenario

Give a short, anonymised example that’s relevant to your team. For instance: “Last month, a receptionist in another practice accidentally gave a discharge letter to the wrong patient. The names were similar. It led to a formal complaint and a report to the ICO.” Ask: “Could that happen here?” or “What would you do in that situation?” This creates relevance and opens up the conversation.

3. Keep it conversational 

Encourage discussion. Ask questions like: 

• “What’s the process for this here?” 

• “What would help make this safer?” 

• “Have you seen anything recently that felt risky?” 

Let staff share ideas or concerns without fear of judgement. 

4. Link back to your policies or toolkit 

Gently reinforce the formal context: 

• “This links to our IG policy section on printing and disclosure.” 

• “It’s part of the DSPT requirement for handling personal data.” 

• “The ICO expects organisations to show that training is ongoing.” 

You don’t need to quote policy - just show that the discussion connects to the bigger picture.

 5. Wrap up with an action 

Every refresher should end with one clear takeaway, such as: 

• “Always double-check patient ID before handing over letters.” 

• “Use NHSmail, not WhatsApp, for patient queries.” 

• “If you spot a risk, tell your team lead or use the reporting form.” 

Make it simple, practical and easy to remember.

Top tips for success 

• Rotate themes - run one mini refresher per month or quarter. 

• Invite others to lead - involve reception leads, nurses, or PCN staff. 

• Keep it positive - focus on safety, not blame. 

• Record attendance - this supports DSPT and CQC evidence. 

• Share insights - use what you hear to improve your systems and policies. 

Final word: small conversations, big impact 

Information governance doesn’t improve through posters or passwords alone. It improves when teams talk, reflect, and feel confident in making good decisions. 

By running short, focused IG refreshers as part of your regular rhythm, you’ll keep data safety at the heart of your culture - without needing to schedule another full training day. 

A quarter of an hour is all it takes to make your practice more aware, more consistent, and more secure.