Government data security consultation

The Government has been conducting a data security review, run by Dame Fiona Caldicott, the National Data Guardian for Health and Care. A report has now been produced with ten proposed standards:

  1. All staff ensure that personal confidential data is handled, stored and transmitted securely, whether in electronic or paper form. Personal confidential data is only shared for lawful and appropriate purposes.
  2. All staff understand their responsibilities under the National Data Guardian’s Data Security Standards including their obligation to handle information responsibly and their personal accountability for deliberate or avoidable breaches.
  3. All staff complete appropriate annual data security training and pass a mandatory test, provided through the revised Information Governance Toolkit.
  4. Personal confidential data is only accessible to staff who need it for their current role and access is removed as soon as it is no longer required. All access to personal confidential data on IT systems can be attributed to individuals.
  5. Processes are reviewed at least annually to identify and improve processes which have caused breaches or near misses, or which force staff to use workarounds which compromise data security.
  6. Cyber-attacks against services are identified and resisted and CareCERT security advice is responded to. Action is taken immediately following a data breach or a near miss, with a report made to senior management within 12 hours of detection.
  7. A continuity plan is in place to respond to threats to data security, including significant data breaches or near misses, and it is tested once a year as a minimum, with a report to senior management.
  8. No unsupported operating systems, software or internet browsers are used within the IT estate.
  9. A strategy is in place for protecting IT systems from cyber threats which is based on a proven cyber security framework such as Cyber Essentials. This is reviewed at least annually.
  10. Suppliers are held accountable via contracts for protecting the personal confidential data they process and meeting the National Data Guardian’s Data Security Standard.

The Government are seeking feedback on the proposed ten standards via an online survey, which is open until 7 September 2016.

Last updated : 19 Jul 2016
 

Responsible Oxygen Prescribing (04 Sep 2015)

The London Respiratory Network have asked us to re-circulate a copy of the London Clinical Oxygen Network (LCON) key messages for Responsible Oxygen use in adults...
Read more »

Patient Complaints - The DOs and DON'Ts - two half day workshops, Thursday 7 October 2015 (03 Sep 2015)

 
Read more »

Is your practice as productive as it could be? Business health check event, 24 September 2015 - book your place now (02 Sep 2015)

...
Read more »

August Newsletter (13 Aug 2015)

Londonwide LMCs Newsletter
Read more »

Making health and social care information accessible (12 Aug 2015)

The new Accessible Information Standards for GP Practices has been launched by NHS England and comes into force on 31 July 2016.  Practices must ensure that all information...
Read more »

Men ACWY – Sign up guidance and Action Card for GPs from NHS England (12 Aug 2015)

Following enquiries received from practices regarding the Men ACWY programme, NHS England has issued brief guidance about the sign up process for this...
Read more »

GMS global sum calculation and data request for atypical population profiles (12 Aug 2015)

The BMA have produced a document that details how the global sum allocation (Carr-Hill formula) determines funding for GMS practices. This has been published in response to...
Read more »

PHP Reflective Practice Master Classes beginning 12 September 2015 (12 Aug 2015)

Each Master Class helps individuals to identify both the organisational and psychological barriers to change and personal development. Participants will have the choice of attending one of the following...
Read more »

Friends and Family Test: Disappointing news for London practices (12 Aug 2015)

Although it is a contractual requirement for practices to carry out the Friends and Family Test (F&FT) and submit data each month, the May return for London was a disappointing...
Read more »

New pan-London Cervical Sample Taker Database (CTSD) (12 Aug 2015)

NHS England has commissioned a web-based Cervical Sample Taker Database (CSTD) for the quality assurance of sample taking in London. The database enables the allocation of unique sample taker codes...
Read more »
Next Page »
« Previous Page