• Framkvæmdaáætlun Landspítala í jafnréttismálum 2023-2026

• Jafnréttismælikvarðar 2016 - 2023

A five-member Gender Equality Committee operates at Landspítali, appointed by the CEO, based on staff nominations. The committee is appointed for two years at a time. The chairperson of the committee is selected from among the committee members, following a proposal from the Executive Director of Human Resources.

Scope of Work

The scope of work of the Landspítali Gender Equality Committee extends to tasks that employers are required to perform according to Act No. 10/2008 on the equal status and equal rights of women and men (Gender Equality Act).

The committee's tasks primarily concern Chapter III of the Gender Equality Act, which addresses systematic gender equality work in the labor market, the obligation to counteract gender segregation of jobs, equal pay, equality in hiring, vocational training, continuing and lifelong education, reconciliation of family and work life, and preventive work against gender-based violence, gender-based harassment, and sexual harassment.

However, the Gender Equality Committee is also authorized to discuss matters concerning the diversity and equality of Landspítali employees based on other background factors such as age, national origin, sexual orientation, or religion.

Role of the Landspítali Gender Equality Committee

• To make an annual proposal for the revision of Landspítali's gender equality plan and for the updating of its implementation plan, cf. paragraphs 2-5 of Article 18 of the Gender Equality Act.

• To review statistical information related to gender equality and diversity within the hospital once a year and propose corrective actions.

• To advise the Executive Board on gender equality and diversity matters and to consult with implementers on improvements in this area.

Committee Operating Procedures

The Gender Equality Committee shall define a channel for staff suggestions on matters falling under the committee's purview, but it does not resolve individual cases.

The Gender Equality Committee shall generally meet monthly.

The Gender Equality Committee shall keep minutes and publish information about its work on the hospital's intranet, along with documents on gender equality issues that the committee deems appropriate for staff access.

Support for the Gender Equality Committee

It is the role of all managers at Landspítali to respond to inquiries from the Gender Equality Committee and support the committee, so that it can fulfill its role.

The Gender Equality Committee has access to a Human Resources Department employee who handles minutes and other assistance for the committee.

Furthermore, the Gender Equality Committee has access to the services of Landspítali's Economics Department for data collection.

Landspítali pays salaries in accordance with valid collective agreements and institutional agreements. Executive directors, following formal delegation of authority from the CEO, hold hiring power and are responsible for all hirings, cf. the CEO's declaration. (CEO's Declaration).

Landspítali's objective is to attract qualified and ambitious staff. Salary decisions shall be transparent and objective, based on collective and institutional agreements.It is important that salaries reflect the demands of the job regarding responsibility, tasks, workload, and specialization. Furthermore, salary setting and institutional agreements must aim to ensure that Landspítali staff receive equal pay and enjoy the same terms of employment for the same or equally valuable work, in accordance with Act No. 150/2020 on the equal status and equal rights of genders.

Salaries shall be determined in accordance with job requirements regardless of gender. Landspítali emphasizes being a sought-after workplace, known for a good working environment, competitive terms, and good communication. Landspítali's Equal Pay Policy aims to support the vision, overall goals, and operational plans at any given time.

Landspítali's Equal Pay Policy includes the following commitments:

• An Equal Pay Group is active, documenting and maintaining, through continuous improvement, a certified equal pay management system based on the ÍST-85 standard.

• Continuous improvement and prevention shall be promoted, through monitoring and responding to deviations.

• Jobs shall be classified based on the demands they place, and at least an annual salary analysis shall be conducted comparing the same or equally valuable jobs to ascertain whether unexplained gender-based pay differences exist.

• The results of the salary analysis shall be presented to staff, provided for review, unless personal data protection interests advise against it.

• Legal requirements and other requirements applicable to the equal pay management system shall be followed. Legal advice shall be accessible to Landspítali management to ensure these requirements are met. Compliance with these legal and other requirements applicable to the system shall be confirmed annually.

• An internal audit of all published documents belonging to the equal pay management system shall be conducted no less frequently than every three years.

• An annual management review shall be conducted where equal pay objectives are set and reviewed.

• Equal pay matters are part of the overall policy.

• The Equal Pay Policy shall be presented to staff and made publicly available on Landspítali's website.

The Equal Pay Policy is simultaneously Landspítali's Salary Policy. The Executive Director of Operations and Human Resources is responsible for ensuring the policy is followed, and staff may contact them with comments or send inquiries to jafnlaun@landspitali.is

Confirmation of certification that Landspítali operates an ÍST 85:2012 equal pay system in Icelandic.

The information held by Landspítali must be protected from all threats, internal and external, whether intentional, negligent or accidental. The implementation and execution of the policy is the basis for professional working practices and is important to assure Landspítali employees and users of the hospital's services of integrity and correct working practices.

1. Scope

The information security policy applies to all data/information, in whatever form it exists and wherever it is stored. Special emphasis is placed on:

a. Health data; health information and biosamples.

b. Personal information related to Landspítali employees.

The information security policy also applies to the premises, equipment, and systems that house or transmit data/information, including server rooms, servers, information systems, databases, cables, network equipment, and telecommunication cabinets. The information security policy also extends to Landspítali employees and contractual partners who have access to the aforementioned data/information, such as contractors or service providers.

2. Objectives

The objectives of the information security policy are to ensure that:

a. Information is accurate and accessible to those with authorized access.

b. Confidentiality and privacy of information are maintained, where applicable.

c. Information transmitted over Landspítali's network reaches the correct recipient undamaged.

d. Risk related to information processing and retention is within defined risk limits, in accordance with risk assessment.

3. Means to Objectives

The means to achieve the above objectives are:

a. To always comply with the laws, rules, and regulations governing Landspítali's operations concerning the retention, handling, protection, and registration of health information.

b. To develop, maintain, and test business continuity plans to ensure secure operation and system recovery.

c. To investigate and follow up on deviations from the information security policy.

d. To maintain certification of Health and Information Technology operations in accordance with ISO 27001.

e. To regularly and formally conduct risk assessments of critical assets (e.g., Information assets) and the vulnerabilities that may jeopardize them.

f. To maintain a register of information assets and classify them by confidentiality, integrity, and availability.

g. To create backups of all Landspítali data and software systems.

h. To comply with and fulfill all agreements Landspítali is a party to that concern information security.

i. To always comply with the laws and rules of the Landspítali Ethics Committee, the Data Protection Authority (Persónuvernd), and the National Bioethics Committee, regarding the handling of applications for access to health information from Landspítali systems, for example, for scientific research.

j. To ensure that access to health information and biosample information is in accordance with laws, regulations, and recommendations issued by the Director of Health and Landspítali.

k. To comply with laws, rules, and regulations concerning healthcare institutions as well as Landspítali's own rules.

l. To maintain quality manuals with procedures and workflows for information handling and ensure that employees and partners follow them.

m. To provide training and education to employees on information security.

n. To ensure workflows that promote improvements in the field of information security.

4. Responsibilities

Responsibility for the implementation and maintenance of the information security policy is divided as follows:

a. The Chief Medical Officer of Landspítali is responsible for the security of medical records at Landspítali.

b. The Landspítali Executive Board is responsible for the information security policy and for its regular review and revision.

c. The Development Division is responsible for the implementation of the information security policy concerning all electronic data.

d. Landspítali managers are responsible for ensuring that their employees comply with the rules and recommendations governing information security, the handling of health information, and the handling of biosample information. Landspítali managers are also responsible for maintaining security awareness among employees.

e. All employees are obligated to work in accordance with the information security policy. They must report security deviations and vulnerabilities related to information security to their respective Quality and/or Security Manager, if applicable, or to the units responsible for Landspítali's Health and Information Technology matters within the Development Division. Landspítali employees must, to the best of their ability, ensure that only those with authorization can access health information or biosample information.

5. Penalties

Those who deliberately compromise Landspítali's information security face prosecution or other appropriate legal action. Furthermore, according to the Act on the Rights and Duties of State Employees, they risk a warning or, in case of repeated or serious violations, dismissal from employment.

Approved by the CEO of Landspítali on January 23, 2025 Landspítali Information Security Policy (.pdf)