Government data security consultation

The Government has been conducting a data security review, run by Dame Fiona Caldicott, the National Data Guardian for Health and Care. A report has now been produced with ten proposed standards:

  1. All staff ensure that personal confidential data is handled, stored and transmitted securely, whether in electronic or paper form. Personal confidential data is only shared for lawful and appropriate purposes.
  2. All staff understand their responsibilities under the National Data Guardian’s Data Security Standards including their obligation to handle information responsibly and their personal accountability for deliberate or avoidable breaches.
  3. All staff complete appropriate annual data security training and pass a mandatory test, provided through the revised Information Governance Toolkit.
  4. Personal confidential data is only accessible to staff who need it for their current role and access is removed as soon as it is no longer required. All access to personal confidential data on IT systems can be attributed to individuals.
  5. Processes are reviewed at least annually to identify and improve processes which have caused breaches or near misses, or which force staff to use workarounds which compromise data security.
  6. Cyber-attacks against services are identified and resisted and CareCERT security advice is responded to. Action is taken immediately following a data breach or a near miss, with a report made to senior management within 12 hours of detection.
  7. A continuity plan is in place to respond to threats to data security, including significant data breaches or near misses, and it is tested once a year as a minimum, with a report to senior management.
  8. No unsupported operating systems, software or internet browsers are used within the IT estate.
  9. A strategy is in place for protecting IT systems from cyber threats which is based on a proven cyber security framework such as Cyber Essentials. This is reviewed at least annually.
  10. Suppliers are held accountable via contracts for protecting the personal confidential data they process and meeting the National Data Guardian’s Data Security Standard.

The Government are seeking feedback on the proposed ten standards via an online survey, which is open until 7 September 2016.

Last updated : 19 Jul 2016

 

New five year GP contract (31 Jan 2019)

The new GP Contract has been agreed between the BMA’s GPC and NHS England. This is a critical issue for London general practice and we will be circulating more information...
Read more »

Preparing for Brexit with MidMeds (30 Jan 2019)

With growing uncertainty about the impacts of Brexit on London general practice, we know that some practices are thinking about stockpiling essential supplies as we near B-day on 29 March. ...
Read more »

Londonwide LMCs' Buying Group Locum Insurance Survey - February 2019 (30 Jan 2019)

Londonwide LMCs and the Londonwide LMCs' Buying Group insurance providers MIAB are keen to assess the impact and uptake amongst our members of the NHS’s Sickness Reimbursement Scheme, introduced in...
Read more »

Supporting patients to stay healthy in the community (25 Jan 2019)

Dr Lisa Harrod-Rothwell, Deputy Chief Executive of Londonwide LMCs, looks at how practices can use sign-posting to community groups to encourage and support patients to fulfil their New Year’s resolutions. ...
Read more »

Londonwide LMCs' AGM 2019 (24 Jan 2019)

Londonwide LMCs' Annual General Meeting took place on Thursday 24 January 2019 at Tavistock House South, Tavistock Square, London WC1H 9LG. Please click on the links below to access the...
Read more »

General Data Protection Regulation (GDPR) update for practices (23 Jan 2019)

The Information Commissioners Office (ICO) and the government have released further guidance on the General Data Protection Regulation (GDPR) and other related data issues. The ICO have published the
Read more »

NHS Long Term Plan summary (23 Jan 2019)

The NHS Long Term Plan was launched on Monday 7 January, with an additional £4.5bn promised for primary care by 2024 and a focus on practices collaborating to serve populations...
Read more »

New forum for all practice management roles (23 Jan 2019)

Calling all general practice managers, business managers, finance managers, operations managers, and data quality managers.  We’d like to invite you to join our Londonwide Practice Manager Forum.  Previously known as...
Read more »
Next Page »
« Previous Page