Data Security and Protection Toolkit

Slides:



Advertisements
Similar presentations
1 Improving Services and Performance Toolkit for Effective Front-line Services to Youth Module Six: Documentation: Record- keeping, and Case Notes.
Advertisements

Why Information Governance wont will let you do that! and other IG myths Barry Jackson Information Governance & Security Manager – North East Lincolnshire.
Information Governance. “ensuring the confidentiality, accuracy and availability of patient information” Why Information Governance?
National Update: The information revolution and the 2012 Caldicott Review Simon Richardson – Information Rights Manager.
Information Governance in Commissioning Mental Health Commissioners Collaborative.
The New CQC Inspection Regime
1 Information Governance (For Dental Practices) Norman Pottinger Information Governance Manager NHS Suffolk.
1 CQC review of data security standards in the NHS Rosie Wood, Strategy Lead Information Governance Alliance Conference 16 March 2016.
National Data Guardian Report on Information Sharing in Health and Care Webinar:- Wednesday 20 July 2016 Chair Stephen Elgar IGA.
Information Governance A refresher for all staff who have previously gone through the full course.
Premises Assurance Model
An update from the Department of Health Lorraine Jackson Deputy Director for Data sharing and Cyber security Department of Health 22 November 2016.
The Quality Surveillance Team / Programme
Preparing for the GDPR Helping us to help you.
Integration, cooperation and partnerships
CQC matters: Regulating the safe and effective use of medicines
Accountability & Structured Privacy Management
National data opt-out - Implementation approach
SIGNs Chairs Meeting – 14th December 2016
Public Health Intelligence in London PCTs
MODULE 2 Effective drug policy What needs to change?
Incident handling and transparency Duty of candour
GDPR Awareness and Training Workshop
General Data Protection Regulations Preparing for the upcoming changes in data protection law David Jones & Angharad Williams.
Technology in care homes -
An introduction to ACSA
The session will commence at Please mute your microphone
The Information Commissioner’s Office
General Data Protection Regulations
National data opt-out - Implementation approach
Quality in Training Dr Mashbileg Maidrag
The session will commence at Please mute your microphone
The session will commence at Please mute your microphone
Data Security Protection Toolkit – Overview
The session will commence at Please mute your microphone
Incident Reporting Webinar Begins at 12.30
The session will commence at Please mute your microphone
General Counsel and Chief Privacy Officer
Sue Cawthray, CEO/ Gill Thrush, Catering Manager
Data Security and Protection Toolkit
Data protection and information governance: Balancing the confidentiality of patients against the importance of sharing information presented by John Hodson,
Information Governance
Data Security Protection Toolkit – Top Tips
NHSmail and HSCN Lorraine Amor
The session will commence at Please mute your microphone
Premises Assurance Model
What do we do with what you tell us?
Primary Care Information Governance Manager
RM network Marianne Davis.
The National Working Group
The session will commence at Please mute your microphone
How we’ll prepare for the General Data Protection Regulation (GDPR)
SSSC Fitness to Practise – What it is and what we do! Calum Davidson
Diagnostic accreditation and the quality agenda – CQC’s perspective
Managing Data Darren Wright.
Commissioner Feedback for SLAM CQC Inspection in September 2015
Equally Outstanding Yvonne Ellaway Care Managers Network
The session will commence at Please mute your microphone
Paul Barnes - Cyber Security Programme Manager, NHS England
The session will commence at Please mute your microphone
Jodie Stutely Primary Care Information Governance Manager
Data Protection What can I do? GDPR Principles General Data Protection
ADD YOUR LOGO HERE TYPE IN CENTRE NAME LEVEL 1 GDPR AWARENESS
Working in a digital way
Better Information sharing?
Data Security and Protection Toolkit Assurance 2018/19
About the national data opt-out
The National Data Guardian review & Government response
National data opt-out - Preparing for implementation
Information Governance
Presentation transcript:

Data Security and Protection Toolkit Presented by: John Hodson, NHS Digital

Why data security is important It’s about trust! “Trust cannot be ensured without secure systems…” People trust the health and care system to protect information. Data Security must support digital transformation otherwise the risk of breaches increase and trust will be lost.

What is the Data Security and Protection Toolkit Online data security self assessment Replacement for the IG Toolkit Lets organisations measure themselves against the NDG Data Security Standards Provides help for organisations with support to comply with GDPR.

Why is it Changing Static for a long period of time GDPR New threats Move to continuous improvement model Making the first step more straightforward for smaller organisations Provide intelligence to CQC for inspections.

What has changed? Requirements reflect the 10 NDG Data Security Standards Support key requirements under the General Data Protection Regulation Move away from level 1,2,3 and towards ‘mandatory’ evidence items Removed duplication Concise, clear requirements Documentary evidence only required where it adds value Exemptions for organisations which use NHSmail or have in place a relevant standard. The requirements of the Data Security and Protection Toolkit (DSPT) are designed to encompass the National Data Guardian review’s 10 data security standards. The requirements of the DSPT support key requirements under the General Data Protection Regulation (GDPR), identified in the NHS GDPR checklist. The IG Toolkit assessed performance against three levels 1, 2 and 3. Organisations were required to provide evidence of compliance with (at least) level 2 for all elements of their assessment. The DSPT does not include levels and instead requires compliance with assertions and (mandatory) evidence items. The assertions and evidence items are designed to be concise and unambiguous. Documentary evidence is only requested where this adds value. Some evidence items will not be required where an organisation uses NHSmail, or has in place an existing relevant standard (Cyber Essentials PLUS, ISO 27001, Public Service Network Information Assurance).

Care Quality Commission (CQC) CQC well led inspections will include data security, we are testing approaches currently The focus so far has been on how boards gain data security assurance Data security is wider than cyber Use information from DSPT and wider intelligence to set the prompts for the inspection.

Help and support Register https://www.dsptoolkit.nhs.uk/Account/Register Presentation developed to be used by IG Leads. https://www.dsptoolkit.nhs.uk/News/25 FAQs including Training Tool. https://www.dsptoolkit.nhs.uk/News/9 DSP Toolkit Support available through. Exeter.helpdesk@nhs.net Toolkit training and update events https://www.dsptoolkit.nhs.uk/News/10

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.