Government data security consultation

The Government has been conducting a data security review, run by Dame Fiona Caldicott, the National Data Guardian for Health and Care. A report has now been produced with ten proposed standards:

  1. All staff ensure that personal confidential data is handled, stored and transmitted securely, whether in electronic or paper form. Personal confidential data is only shared for lawful and appropriate purposes.
  2. All staff understand their responsibilities under the National Data Guardian’s Data Security Standards including their obligation to handle information responsibly and their personal accountability for deliberate or avoidable breaches.
  3. All staff complete appropriate annual data security training and pass a mandatory test, provided through the revised Information Governance Toolkit.
  4. Personal confidential data is only accessible to staff who need it for their current role and access is removed as soon as it is no longer required. All access to personal confidential data on IT systems can be attributed to individuals.
  5. Processes are reviewed at least annually to identify and improve processes which have caused breaches or near misses, or which force staff to use workarounds which compromise data security.
  6. Cyber-attacks against services are identified and resisted and CareCERT security advice is responded to. Action is taken immediately following a data breach or a near miss, with a report made to senior management within 12 hours of detection.
  7. A continuity plan is in place to respond to threats to data security, including significant data breaches or near misses, and it is tested once a year as a minimum, with a report to senior management.
  8. No unsupported operating systems, software or internet browsers are used within the IT estate.
  9. A strategy is in place for protecting IT systems from cyber threats which is based on a proven cyber security framework such as Cyber Essentials. This is reviewed at least annually.
  10. Suppliers are held accountable via contracts for protecting the personal confidential data they process and meeting the National Data Guardian’s Data Security Standard.

The Government are seeking feedback on the proposed ten standards via an online survey, which is open until 7 September 2016.

Last updated : 19 Jul 2016

 

Responding to online comments about your practice (13 Apr 2018)

This is a reminder for practices about what they can do if they receive notification of negative comments posted on the NHS Choices website.  We understand practices are notified...
Read more »

Recommended codes for vaccinations (12 Apr 2018)

Childhood vaccination coding can be unexpectedly complex there are just 26 pre-school and school age vaccinations, but practices can record these vaccinations using over 1,000 different codes.  Data export providers,...
Read more »

LEAD events May and June 2018 (12 Apr 2018)

Hold the date: our annual Practice Manager Conference will take place on Thursday 22 November 2018 at Woburn House Conference Centre. The following events are now available for online booking....
Read more »

Stand. Vote. Engage. The 2018 LMC elections (12 Apr 2018)

Nomination papers for this year’s LMC elections were sent out in the week beginning 30 April 2018. This year every LMC seat is up for election.  We want any GP...
Read more »

Concerns about coroners issues (21 Mar 2018)

In response to concerns raised regarding GP relationships with the coroners’ office, we recently requested examples of problems experienced by GPs and practice staff. Examples provided so far include:  ...
Read more »

GMC requests for evidence of English language competence (20 Mar 2018)

The House of Commons Library has release updated guidance on what documentation the GMC will accept as evidence that GPs, nurses and pharmacists have sufficient English language skills. These controls...
Read more »

LMC elections – join us in May to learn about what is involved in being an LMC member (20 Mar 2018)

This year every LMC seat is up for election and next month you will have a chance to stand for election to your LMC. Any GP working in one of...
Read more »

NHS Digital questioned on Home Office data sharing (20 Mar 2018)

On Thursday 15 March the Health and Social Care Select Committee took evidence from Sarah Wilkinson, Chief Executive Officer, NHS Digital; and Noel Gordon, Chair, NHS Digital on data sharing. ...
Read more »

UK LMC Conference 2018 round-up (20 Mar 2018)

This year's LMC Conference saw debate on a range of issues of concern to London GPs: from Bawa-Garbar and the use of written reflections, to mass resignations, workload management, and...
Read more »
Next Page »
« Previous Page