The session will commence at Please mute your microphone

Slides:



Advertisements
Similar presentations
1 Improving Services and Performance Toolkit for Effective Front-line Services to Youth Module Six: Documentation: Record- keeping, and Case Notes.
Advertisements

Introduction to Information Governance (IG)
Information Governance. “ensuring the confidentiality, accuracy and availability of patient information” Why Information Governance?
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
Cyber Security & Fraud – The impact on small businesses.
1 Information Governance (For Dental Practices) Norman Pottinger Information Governance Manager NHS Suffolk.
Family Assessment Service Engagement Event 21 st August 2013 NWCE-9A3GPK.
The Evolving IG Lead Role Phil Walker IGA. The IG Lead Role I am constantly surprised by the breadth and variety of work undertaken by IG Leads, but there.
Transforming the quality of dementia care – consultation on a National Dementia Strategy Mike Rochfort Programme Lead Older People’s Mental Health WM CSIP.
1 CQC review of data security standards in the NHS Rosie Wood, Strategy Lead Information Governance Alliance Conference 16 March 2016.
Data Controller Issues in context of shared records – revised guidance Information Governance Alliance Webinar:- Wednesday 6 July 2016 Chair Suzanne Lea.
Information Governance A refresher for all staff who have previously gone through the full course.
Safe Digital Transformation
An update from the Department of Health Lorraine Jackson Deputy Director for Data sharing and Cyber security Department of Health 22 November 2016.
The Quality Surveillance Team / Programme
National Stroke Audit Rehabilitation Services 2016
Accountability & Structured Privacy Management
IS YOUR ORGANISATION’S INFORMATION SECURE?
New CMS Emergency Preparedness Rule
SIGNs Chairs Meeting – 14th December 2016
Tailored Dispensing Service (TDS)
Operational Assessment
GDPR Awareness and Training Workshop
General Data Protection Regulations: what you really need to know
General Data Protection Regulations Preparing for the upcoming changes in data protection law David Jones & Angharad Williams.
Technology in care homes -
The session will commence at Please mute your microphone
General Data Protection Regulations
The session will commence at Please mute your microphone
Data Security Protection Toolkit – Overview
GDPR in schools and academies
The session will commence at Please mute your microphone
Incident Reporting Webinar Begins at 12.30
Data Security and Protection Toolkit
The session will commence at Please mute your microphone
Sue Cawthray, CEO/ Gill Thrush, Catering Manager
Premises Assurance Model
Data Security and Protection Toolkit
Data protection and information governance: Balancing the confidentiality of patients against the importance of sharing information presented by John Hodson,
Appropriate Data Sharing in Health and Social Care
Information Governance
G.D.P.R General Data Protection Regulations
Data Security Protection Toolkit – Top Tips
NHSmail and HSCN Lorraine Amor
The session will commence at Please mute your microphone

Premises Assurance Model
Primary Care Information Governance Manager
General Data Protection Regulation
The National Working Group
The session will commence at Please mute your microphone
A whistle stop tour of GDPR
Mathew Norman, Policy & Public Affairs Officer, RLA Wales
How we’ll prepare for the General Data Protection Regulation (GDPR)
Developing an integrated approach to identifying and assessing Carer health and wellbeing ADASS Yorkshire and The Humber Carers Leads Officers Group, 7.
The Models of Care Portal was launched in 2016, there are now over 1000 registered users on the web platform. To encourage continued.
NHS mail sign-up & NUMSAS registration
By The Data Protection Commissioner
Drew Hunt Network Security Analyst Valley Medical Center
The session will commence at Please mute your microphone
Paul Barnes - Cyber Security Programme Manager, NHS England
The session will commence at Please mute your microphone
The General Data Protection Regulations 2016
Jodie Stutely Primary Care Information Governance Manager
Internet First presented by Gill Foley Engagement Lead.
General Data Protection Regulation “11 months in”
Better Information sharing?
Data Security and Protection Toolkit Assurance 2018/19
ESFA Update for North East Learning Providers Network
Information Governance
Presentation transcript:

The session will commence at 14.00 Please mute your microphone Data Security and Protection Toolkit Welcome The session will commence at 14.00 Please mute your microphone Presented by: David Ingham and John Hodson, NHS Digital

What is the Data Security and Protection Toolkit Online data security self assessment Replacement for the IG Toolkit Lets organisations measure themselves against the NDG Data Security Standards Provides help for organisations with support to comply with GDPR All organisations that process health and care data should complete a Data Security and Protection Toolkit.

Why data security is important It’s about Trust! “Trust cannot be ensured without secure systems…” People trust the health and care system to protect information. Data Security must support digital transformation otherwise the risk of breaches increase and trust will be lost.

Why is it changing Static for a long period of time GDPR New threats Move to continuous improvement model NDG Report Making the first step more straightforward for smaller organisations Provide intelligence to CQC for inspections.

Where we are DSP Toolkit is now open for registration Development continuing every week and will continue throughout the year Main focus on the development and testing of the GDPR Breach reporting Guidance being continuously updated.

Take up

What has changed? Requirements reflect the 10 NDG Data Security Standards Support key requirements under the General Data Protection Regulation Move away from level 1,2,3 and towards ‘mandatory’ evidence items Removed duplication Concise, clear requirements Documentary evidence only required where it adds value Exemptions for organisations which use NHSmail or have in place a relevant standard. The requirements of the Data Security and Protection Toolkit (DSPT) are designed to encompass the National Data Guardian review’s 10 data security standards. The requirements of the DSPT support key requirements under the General Data Protection Regulation (GDPR), identified in the NHS GDPR checklist. The IG Toolkit assessed performance against three levels 1, 2 and 3. Organisations were required to provide evidence of compliance with (at least) level 2 for all elements of their assessment. The DSPT does not include levels and instead requires compliance with assertions and (mandatory) evidence items. The assertions and evidence items are designed to be concise and unambiguous. Documentary evidence is only requested where this adds value. Some evidence items will not be required where an organisation uses NHSmail, or has in place an existing relevant standard (Cyber Essentials PLUS, ISO 27001, Public Service Network Information Assurance).

Hardest requirements in DSPT 95% of all staff to have data security training Information Asset register Data protection Impact Assessments Understanding your data flows Understand who has access to all your systems Organisations must survey their software for unsupported systems Organisations must ensure all networking components have had their default passwords changed.

What is coming Public view Combined reporting Secondary sectors Provide evidence for multiple organisations Batch submission Peer benchmarking Generate an action plan Assessment Review.

Support for GPs Ability of IT suppliers / CCGs to provide evidence for GP practices To avoid emailing out 000s of evidence item to GPs GP IT support contract Can vary between suppliers Accountability versus responsibility.

Communications GP email going out this week. Webinars https://www.dsptoolkit.nhs.uk/News/10 Beginners Guide 07/06 Third Sector 13/06 Social Care 21/06 Dentists 19/06 Optician 26/06 Incident Reporting 12/06 Incident Reporting 03/07 What additional communications would you find useful?

Help and Support Register https://www.dsptoolkit.nhs.uk/Account/Register Presentation developed to be used by IG Leads. https://www.dsptoolkit.nhs.uk/News/25 FAQs including Training Tool. https://www.dsptoolkit.nhs.uk/News/9 DSP Toolkit Support available through. Exeter.helpdesk@nhs.net Toolkit training and update events https://www.dsptoolkit.nhs.uk/News/10

Demonstration

Questions? cybersecurity@nhs.net

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.