Government data security consultation

The Government has been conducting a data security review, run by Dame Fiona Caldicott, the National Data Guardian for Health and Care. A report has now been produced with ten proposed standards:

  1. All staff ensure that personal confidential data is handled, stored and transmitted securely, whether in electronic or paper form. Personal confidential data is only shared for lawful and appropriate purposes.
  2. All staff understand their responsibilities under the National Data Guardian’s Data Security Standards including their obligation to handle information responsibly and their personal accountability for deliberate or avoidable breaches.
  3. All staff complete appropriate annual data security training and pass a mandatory test, provided through the revised Information Governance Toolkit.
  4. Personal confidential data is only accessible to staff who need it for their current role and access is removed as soon as it is no longer required. All access to personal confidential data on IT systems can be attributed to individuals.
  5. Processes are reviewed at least annually to identify and improve processes which have caused breaches or near misses, or which force staff to use workarounds which compromise data security.
  6. Cyber-attacks against services are identified and resisted and CareCERT security advice is responded to. Action is taken immediately following a data breach or a near miss, with a report made to senior management within 12 hours of detection.
  7. A continuity plan is in place to respond to threats to data security, including significant data breaches or near misses, and it is tested once a year as a minimum, with a report to senior management.
  8. No unsupported operating systems, software or internet browsers are used within the IT estate.
  9. A strategy is in place for protecting IT systems from cyber threats which is based on a proven cyber security framework such as Cyber Essentials. This is reviewed at least annually.
  10. Suppliers are held accountable via contracts for protecting the personal confidential data they process and meeting the National Data Guardian’s Data Security Standard.

The Government are seeking feedback on the proposed ten standards via an online survey, which is open until 7 September 2016.

Last updated : 19 Jul 2016

 

GDPR goes live 25 May 2018 – latest guidance for practices (21 May 2018)

The General Data Protection Regulation (GDPR) comes into force in less than 48 hours (25 May 2018). We have produced a round-up of a significant amount of guidance to help...
Read more »

Thank you to those who responded to our data-validation exercise (21 May 2018)

A big thank you to all the practices who responded to the data validation exercise, which ran between January-March 2018. We asked practices to confirm the details of the GPs...
Read more »

Tips of the month May 2018 (21 May 2018)

We provide weekly tips based on common queries which come through to us from London GPs and practice teams. These are shared via social media and collated for...
Read more »

Seven London hospital trusts cease to accept paper referrals in June or July (21 May 2018)

From the 1 October eRS will be the only route for GP to Consultant-led first outpatient appointments, as part of the Standard Contract 2018/2019. However, Trusts have staggered paper switch-off...
Read more »

Free leadership coaching available for practice teams in London (18 May 2018)

The London Leadership Academy, a pan-London leadership development organisation, working across all NHS organisations offers a free coaching service for GPs and practice team members working in the NHS. Recent...
Read more »

Londonwide LMCs’ Buying Group new shredding service – sign up now (18 May 2018)

Almost a fifth of our practices have signed up to the new Londonwide LMCs’ Buying Group which means they can take advantage of offers such as a new shredding service...
Read more »

NHS Digital to increase threshold for data sharing with the Home Office (18 May 2018)

NHS Digital will now only share patient information with the Home Office in cases where an individual is being considered for deportation due to “serious criminality”. Previously NHS Digital had...
Read more »

Acting as a supervisor for a doctor with conditions (18 May 2018)

This month our GP support team pose a challenge: Ask not what your LMC can do for you – ask what you can do for your professional colleagues.  Background GPs are...
Read more »

Londonwide LMCs conference 2018 round-up (18 May 2018)

On 2 May 2018 we hosted our annual conference – titled “London Calling” - at the Kia Oval. The day was a great success with an array of guest speakers...
Read more »

Londonwide LMCs' Buying Group - MIAB (16 May 2018)

Caring for those that care the most - expert insurance from MIAB It would be easy to think of MIAB as 'just' another insurance broker. As one of many in...
Read more »
Next Page »
« Previous Page