Data Security Protection Toolkit – Overview

Slides:



Advertisements
Similar presentations
Information Governance in Commissioning Mental Health Commissioners Collaborative.
Advertisements

CLINICAL GOVERNANCE and MI Services : An introduction National MI Training Course University of Leicester 5 th July 2007 Mark Cheeseman E ast Anglia MI.
Case studies: online health and telemedicine Professor Peter C Smith Professor of Health Policy, Imperial College Business School, London.
1 Understanding CQC registration Summer Introduction to CQC.
Improving the IG Toolkit (IGAF 2) presented by Mark Reynolds SCCI, September 2015.
Registering the care sector – next steps Dr Linda Hutchinson Director, Care Quality Commission National Care Association Conference, 21 October 2010.
Security Vulnerability Identification and Reduction Linda Cornwal, JRA1, Brno 20 th June 2005
1 Information Governance (For Dental Practices) Norman Pottinger Information Governance Manager NHS Suffolk.
7/7/20161 The Public Sector Equality Duty for Schools in England Jonathan Timbers – Policy Manager, PSED Team, Equality and Human Rights Commission.
Information Governance A refresher for all staff who have previously gone through the full course.
Funded Agency Channel overview
The Quality Surveillance Team / Programme
Data Protection Regulation
SIGNs Chairs Meeting – 14th December 2016
Secure Standard Introduction for Health and Social Care Organisations
Team 2 – understand vulnerabilities
Presentation to GTMC on GDPR
General Data Protection Regulation (GDPR)
General Data Protection Regulation
General Data Protection Regulations Preparing for the upcoming changes in data protection law David Jones & Angharad Williams.
About the national data opt-out
Technology in care homes -
Learning Aim B: Examine the ethical issues when Providing care and support to meet the individual needs. B1 & B2.
Data protection reform:
The session will commence at Please mute your microphone
General Data Protection Regulations
HCPC AUDIT How to prepare
Introduction to GDPR 09/11/2018.
Reporting personal data breaches to the ICO
GDPR and paper records Why it’s not all cyber and fines Gary Shipsey
Building digital capabilities of staff
The session will commence at Please mute your microphone
The session will commence at Please mute your microphone
GDPR in schools and academies
The session will commence at Please mute your microphone
Incident Reporting Webinar Begins at 12.30
Data Security and Protection Toolkit
The session will commence at Please mute your microphone
Patient Safety Guidance- development, implementation and compliance
Data Security and Protection Toolkit
Data protection and information governance: Balancing the confidentiality of patients against the importance of sharing information presented by John Hodson,
Data protection reform – update from the ICO
Information Governance
Data Security Protection Toolkit – Top Tips
From DPA to GDPR: the key elements
NHSmail and HSCN Lorraine Amor
The session will commence at Please mute your microphone
The National Working Group
The session will commence at Please mute your microphone
Data Protection What’s new about The General Data Protection Regulation (GDPR) May 2018? Call Kerry on Or .
How we’ll prepare for the General Data Protection Regulation (GDPR)
HCPC AUDIT How to prepare
Detecting, reporting & investigating data breaches under GDPR
The General Data Protection Regulation Six months on – What’s changed
The session will commence at Please mute your microphone
HIPAA Compliance Services CTG HealthCare Solutions, Inc.
State of New Jersey Department of Health Patient Safety Reporting System Module 1 – Overview and Administrative Functions.
Neopay Practical Guides #2 PSD2 (Should I be worried?)
HIPAA Compliance Services CTG HealthCare Solutions, Inc.
Patient Safety Guidance- development, implementation and compliance
The session will commence at Please mute your microphone
Performance report Qtr1 2018/19 July 2018.
Jodie Stutely Primary Care Information Governance Manager
General Data Protection Regulation “11 months in”
NHS Digital Katie Thorn: nhs.mail Accounts for Social Care Providers.
Data Security and Protection Toolkit Assurance 2018/19
About the national data opt-out
Information Governance
GDPR is here – are you ready?
Learning Hub update September @HEE_TEL.
Presentation transcript:

Data Security Protection Toolkit – Overview Presented by: David Ingham & John Hodson NHS Digital

Why data security is important It’s about Trust! “Trust cannot be ensured without secure systems…” People trust the health and care system to protect information. Data security must support digital transformation otherwise the risk of breaches increase and trust will be lost.

Data Security and Protection Toolkit in numbers Active Users 28 development sprints completed 6,800+ 8500+ active user organisations Integrated GDPR + NIS Incident notification for streamlined automated reporting Feedback items 44 Higher education registrations 308 Bugs Takes in account other recognised Certifications and systems GDPR Incidents Recorded 3 446 Reported and fixed

Iterative development

What is coming? New functionality in development* amendment to org profile (department) accessibility and user interface improvements provide evidence for multiple organisations but not submitting public view peer benchmarking and enhanced reporting generate an action plan. * Not exhaustive

Levels Name Description  Standards Exceeded Evidence Items for all mandatory expected requirements have been met. The organisation has external cyber security accreditation. Evidence of best practice.  Standards Met Evidence items for all mandatory expected requirements have been met. Required for access to NHS Digital Data Equivalent to Satisfactory.  Critical Standards Not Met Evidence items for critical legal requirements have not been met by the organisation. No access to information sharing tools e.g. NHS Digital Data.

Incident reporting tool launched https://www.dsptoolkit.nhs.uk/Incidents guidance published and updated https://www.dsptoolkit.nhs.uk/Help/29 worked with ICO DHSC, NHS England and NHS any comments or suggestions about the guidance, email us on cybersecurity@nhs.net Launch Guidance Update to guidance typos/consistency etc.,

What is changing? The scoring system of SIRI has been changed Level 2 is no longer the trigger for reporting Number of people effected not a sensitivity factor anymore Trigger for reporting is harm and impact Notification system not an incident management system. Explain previous and new IR process

What is reportable ? ICO - the incident is assessed that it is (at least) likely that some harm has occurred and that the impact is (at least) minor. DHSC - the incident is (at least) likely that harm has occurred and the impact is at least serious. Where the 72 hours (real hours) deadline is not met, an organisation must provide an explanation Look at the examples at the back of the guidance.

e-Learning Self-registration on e-learning for healthcare (e-LfH)  https://nhsdigital.e-lfh.org.uk/ Organisation registration https://healtheducationyh.onlinesurveys.ac.uk/nhs-digital-data-security-awareness Access through Athens (http://portal.e-lfh.org.uk)

Help and support Register https://www.dsptoolkit.nhs.uk/Account/Register Presentation developed to be used by IG Leads. https://www.dsptoolkit.nhs.uk/News/25 FAQs including Training Tool. https://www.dsptoolkit.nhs.uk/News/9 DSP Toolkit Support available through. Exeter.helpdesk@nhs.net Toolkit training and update events https://www.dsptoolkit.nhs.uk/News/10

Demonstration

Questions? cybersecurity@nhs.net

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.