Government data security consultation

The Government has been conducting a data security review, run by Dame Fiona Caldicott, the National Data Guardian for Health and Care. A report has now been produced with ten proposed standards:

  1. All staff ensure that personal confidential data is handled, stored and transmitted securely, whether in electronic or paper form. Personal confidential data is only shared for lawful and appropriate purposes.
  2. All staff understand their responsibilities under the National Data Guardian’s Data Security Standards including their obligation to handle information responsibly and their personal accountability for deliberate or avoidable breaches.
  3. All staff complete appropriate annual data security training and pass a mandatory test, provided through the revised Information Governance Toolkit.
  4. Personal confidential data is only accessible to staff who need it for their current role and access is removed as soon as it is no longer required. All access to personal confidential data on IT systems can be attributed to individuals.
  5. Processes are reviewed at least annually to identify and improve processes which have caused breaches or near misses, or which force staff to use workarounds which compromise data security.
  6. Cyber-attacks against services are identified and resisted and CareCERT security advice is responded to. Action is taken immediately following a data breach or a near miss, with a report made to senior management within 12 hours of detection.
  7. A continuity plan is in place to respond to threats to data security, including significant data breaches or near misses, and it is tested once a year as a minimum, with a report to senior management.
  8. No unsupported operating systems, software or internet browsers are used within the IT estate.
  9. A strategy is in place for protecting IT systems from cyber threats which is based on a proven cyber security framework such as Cyber Essentials. This is reviewed at least annually.
  10. Suppliers are held accountable via contracts for protecting the personal confidential data they process and meeting the National Data Guardian’s Data Security Standard.

The Government are seeking feedback on the proposed ten standards via an online survey, which is open until 7 September 2016.

Last updated : 19 Jul 2016
 

Information Commissioner’s Office posters (22 May 2019)

The Information Commissioners Office (ICO) have produced useful guidance and posters to help raise the issue of the importance of data privacy with the practice team.  The posters are part...
Read more »

Latest LMC workforce survey - please complete our short survey by Tuesday 18 June 2019 (21 May 2019)

Thank you in advance for making space in your busy day to complete our short survey on practice workforce issues which will help us to gather insight to share with...
Read more »

Calling all Digital Leads, IT Managers and Practice Managers - digital round table on 3 July 2019 (21 May 2019)

We are hosting a digital round table event to discuss issues relating to expanding IT use in general practice. This is more than an information-sharing exercise with peers, it will...
Read more »

Mword issue 37 - Dr Michelle Drage's latest update for GPs and practice teams (15 May 2019)

Read more »

Londonwide LMCs' April 2019 Newsletter (17 Apr 2019)

  ...
Read more »

Practice Manager Leads Forum April 2019 meeting (17 Apr 2019)

April saw Practice Manager Leads Forum come together for discussions, updates and networking at the first of their 2019 meetings. Presentations included:  Cervical screening updates and issues within the...
Read more »

Join our new Health Care Support Workers Forum (17 Apr 2019)

We are excited to announce the launch of our new Health Care Support Workers Forum (HCSW Forum) on Thursday 13 June. It is our pleasure to invite healthcare support workers, healthcare assistants,...
Read more »

Preventing type 2 opt-out codes being recorded in clinical systems (17 Apr 2019)

As we reported in our February 2019 newsletter, type 2 opt-outs have been replaced by the national data opt-out. This means that practices must not use the type 2...
Read more »

What state indemnity means for you (16 Apr 2019)

The Clinical Negligence Scheme General Practice (CNSGP) came into effect on 1 April 2019, meaning NHS Resolution will now settle most negligence claims against GPs undertaking NHS activities. GPs are...
Read more »

Tips of the month April 2019 (15 Apr 2019)

We provide weekly tips based on common queries which come through to us from London GPs and practice teams. These are shared via social media and collated for...
Read more »
Next Page »
« Previous Page