Be safe! Take care of your cyber security
We know that the security of your practice IT systems is often out of your hands. However, we have put together some tips that may help you secure your systems following the ‘WannaCry’ attack on the NHS earlier this month.
Back up and update
Make sure you have effective backups of data on an external hard drive or cloud-based service and ensure all devices are regularly updated.
Beware of spam emails
Ransomware attacks usually rely on an end-user activating them, normally by opening an email attachment. Educate the practice team and ensure that they question who or where emails come from on a regular basis. Ensure this is covered in any staff inductions.
Make sure the team regularly change their passwords and using a mixture of upper and lower case letters, numbers and symbols.
The National Cyber Security Centre has produced some helpful guidance on dealing with a ransomware attack.
Have a disaster recovery plan
You should have a disaster recovery plan in place which outlines what the team should do in the event of an attack. Also, ensure that cybersecurity is discussed at every practice team meeting. The plan should include details on how to disconnect infected devices from the network as well as how the practice may work whilst systems are restored.
Read the RCGP’s ‘advice for GP practices following cyber-attacks on their systems’ for further information.
Plan a response
Advice from Practice Index states:
“In the absence of IT specialists – which is the case for most practices – it’s up to ‘leaders’, which will usually be a practice manager, to determine an effective cause of action in the event of an attack, and educate staff to prepare for them.”
What this means in essence is that the practice should have a strong cyber security response plan with clear definitions of how data can be recovered as well as roles and responsibilities within the practice team. Read the UK government’s 10 steps to cybersecurity for further advice.
Unfortunately, cybercrime is a fact of life today and it’s only a matter time before the next attack takes place.
These tips will hopefully help you to take a few simple steps towards making cybersecurity part of your practice culture so you can minimise the chances of any future attacks and the damage they may cause.
Last updated : 21 Jun 2017Londonwide LMCs conference 2019 round-up (19 Mar 2019)
On 12 March 2019 we hosted our annual conference – titled “All Together Now” - at the Kia Oval. The day was a great success with an array of guest...New ICO advice on handling Subject Access Requests (19 Mar 2019)
The Information Commissioner’s Office (ICO) have recently released a blog containing further advice for GPs and practices on the right of access for patients, commonly called Subject Access Requests (SARs)....Londonwide LMCs’ board changes (15 Mar 2019)
Following elections we would like to welcome Dr Anouska Hari (NW) and Dr Naureen Bhatti (NC/NE) to the board. Dr Marek Jarzembowski (South), Dr Robbie Bunt (NC/NE), Dr Simon Parton...New BMA locum template terms and conditions (13 Mar 2019)
The BMA GPC and sessional subcommittee have jointly produced model terms of engagement for locum GPs, which they recommend both practices and locums should proactively adopt. It should be noted that...Safeguarding Children and Adults L2 - Wednesday 22 May 2019 - places still available (27 Feb 2019)
...Londonwide LMCs' February 2019 Newsletter (20 Feb 2019)
...Tips of the month February 2019 (19 Feb 2019)
We provide weekly tips based on common queries which come through to us from London GPs and practice teams. These are shared via social media and collated for...QOF business rules coding issues – update for practice teams (19 Feb 2019)
Please note that no action is currently needed by practices on this matter, but you should read the information carefully. Following the introduction of the SNOMED-CT coding in 2018/19, NHS...Type 2 opt-outs replaced by the national data opt-out (19 Feb 2019)
Type 2 opt-outs have been replaced by the national data opt-out so practices must no longer use the type 2 opt-out code to record a patient's opt-out choice as it...The Data Security and Protection Toolkit (DSPT) – further guidance now available (19 Feb 2019)
The The Data Security and Protection Toolkit (DSPT) replaced the Information Governance toolkit from April 2018. The DSPT is an online self-assessment toolkit that has to be used by all...Guidance
We provide expert guidance for practices in our guidance section, as well as an archive of other materials you may find useful.
GP Support
Contact our GP Support team if you need help or advice.
The team provide professional and pastoral support to GPs and practice teams on a broad range of issues.
follow us on...
