Government data security consultation

The Government has been conducting a data security review, run by Dame Fiona Caldicott, the National Data Guardian for Health and Care. A report has now been produced with ten proposed standards:

  1. All staff ensure that personal confidential data is handled, stored and transmitted securely, whether in electronic or paper form. Personal confidential data is only shared for lawful and appropriate purposes.
  2. All staff understand their responsibilities under the National Data Guardian’s Data Security Standards including their obligation to handle information responsibly and their personal accountability for deliberate or avoidable breaches.
  3. All staff complete appropriate annual data security training and pass a mandatory test, provided through the revised Information Governance Toolkit.
  4. Personal confidential data is only accessible to staff who need it for their current role and access is removed as soon as it is no longer required. All access to personal confidential data on IT systems can be attributed to individuals.
  5. Processes are reviewed at least annually to identify and improve processes which have caused breaches or near misses, or which force staff to use workarounds which compromise data security.
  6. Cyber-attacks against services are identified and resisted and CareCERT security advice is responded to. Action is taken immediately following a data breach or a near miss, with a report made to senior management within 12 hours of detection.
  7. A continuity plan is in place to respond to threats to data security, including significant data breaches or near misses, and it is tested once a year as a minimum, with a report to senior management.
  8. No unsupported operating systems, software or internet browsers are used within the IT estate.
  9. A strategy is in place for protecting IT systems from cyber threats which is based on a proven cyber security framework such as Cyber Essentials. This is reviewed at least annually.
  10. Suppliers are held accountable via contracts for protecting the personal confidential data they process and meeting the National Data Guardian’s Data Security Standard.

The Government are seeking feedback on the proposed ten standards via an online survey, which is open until 7 September 2016.

Last updated : 19 Jul 2016
 

October 2015 newsletter now available (15 Oct 2015)

Londonwide LMCs Newsletter
Read more »

Tamiflu in nursing and care homes (14 Oct 2015)

In January the GPC sought legal advice on Public Health England’s (PHE) instructions to prescribe Tamiflu for the prophylaxis of influenza in nursing and care homes where there have been...
Read more »

Improving well-being and health for dementia patients workshop (14 Oct 2015)

WHELD Research Programme (Improving Wellbeing and Health in Dementia) have organised an Royal College of General Practitioners accredited workshop for GPs in London. It will discuss anti-psychotic medication and no-pharmacological...
Read more »

Clinical Commissioning Group Outcomes Indicator Set - participation voluntary (14 Oct 2015)

Advice has been sought from the BMA General Practitioners Committee’s IT Subcommittee on the Clinical Commissioning Group Outcomes Indicator Set (CCG OIS) for 2013/14 and 2014/15. Practices have been asked to sign...
Read more »

Year-end deadline for agreement of GP Systems of Choice and GP IT services (14 Oct 2015)

NHS England has published an agreement for signature by practices and Clinical Commissioning Groups (CCGs) setting out the provision of GP Systems of Choice (GPSoC) and GP IT services. The...
Read more »

Death in service benefits for locum GPs - are you covered? (14 Oct 2015)

You may already be aware that there are persistent current inequities regarding the entitlement to ‘death in service’ benefit for freelance/ locum GPs compared to their principal or salaried GP...
Read more »

Healthwatch ask General Practice Committee for transparency on additional charges (14 Oct 2015)

The General Practitioners Committee (GPC) recently met with Healthwatch England to discuss charges that GPs can make for work not covered by their contract. Whilst the patient group understands the...
Read more »

New London Ambulance Service proposals to introduce non-emergency transport (14 Oct 2015)

London Ambulance Service (LAS) have consulted with us about a new service which they are implementing to help them manage the need for emergency ambulances more efficiently. A letter outlining...
Read more »

Meningococcal B for infants – FAQs update (14 Oct 2015)

NHS Employers have updated their vaccs and imms FAQs in relation to meningococcal B for infants to explain the eligible age cohort (2 – 13 months), as well as a catch-up...
Read more »

Nursing and Midwifery Council revalidation (14 Oct 2015)

The Nursing and Midwifery Council (NMC) have introduced revalidation for all nurses and midwives in the UK: the most significant change to regulation in a generation. Revalidation means that everyone...
Read more »
Next Page »
« Previous Page