Secure Email Standard Introduction for Health and Social Care Organisations 09 June 2014 Clive Star 1.

Slides:



Advertisements
Similar presentations
Interoperability at the Pan-European Level John Borras Assistant Director Technology Policy.
Advertisements

DIP Futures Project and Police & Crime Commissioners West Midlands DIP Clinic 13 June 2012 Richard Jolley Reducing Reoffending Unit Home Office.
Jeff Wallbank KPSN Partnership Development Manager How will the PSN change the shape of the Public Sector and the ways in which it delivers services.
Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.
Corporate Records Management (Practitioner) Information Governance Policy Team NHS Connecting for Health.
Regional DNACPR Policy Steve Barnard, Head of Clinical Governance, North West Ambulance Service NHS Trust
Secure Standard Introduction for IT Suppliers 09 June 2014 Clive Star 1.
The EU self-regulation of online behavioural advertising May 2014.
Presentation by Rachel Su’a
Regulators’ Code July Regulators’ Code A statutory Code Came into effect in April 2014, replacing the Regulators’ Compliance Code All local authorities.
Common Assessment Framework for Adults Demonstrator Site Programme Event to Support Expressions of Interest.
Corporate Records Management (Practitioner) Information Governance Policy Team NHS Connecting for Health.
Data linking – Project update 15 th May 2012 – Homecare & SDS event Atlantic Quay Ellen Lynch & Euan Patterson.
National Patient Safety Alerting System (NPSAS) Patient Safety Domain NHS England Publications Gateway Ref No
Slides to accompany the Adult Social Care Letter on National Data Collections to Local Authorities March Developed by the HSCIC / ZBR communications.
Cyber Security & Critical Controls Chris Few Industry Enabling Services CESG February 2011 © Crown Copyright. All rights reserved.
Review of Public Health in Scotland Heather Cowan Policy Lead Scottish Government.
NHS European Office Accessing EU structural funding Michael Wood, European Policy Manager 14 th August.
Prepared and presented by Paul French AJA Registrars Operations Director AJA are a multi-accredited International Certification Body based in Portishead.
Assuring Transformation Section 251s Process overviews 6-Nov-14.
Revised Caldicott Manual- Practice Managers Groups Revised Caldicott Manual – November 2008.
Conformity Assessment Practical Implications InterAgency Committee on Standards Policy June 2007 Gordon Gillerman Conformity Assessment Advisor Homeland.
NHSmail & Microsoft Licensing
1 GCSX and NHS Anna Smith Implementation & Service Delivery Manager, Government Connect October 2010.
Creating an accreditable secure remote working solution - 10 Step Guide for Local Authorities - © 2010 This document contains information which is confidential.
First Practice - Information Security Management System Implementation and ISO Certification.
Information Governance in Commissioning Mental Health Commissioners Collaborative.
Welcome to The Quarry Health and Safety Management System Developed for the UK quarrying industry by the Camborne School of Mines, with the support of.
The Nuffield Council on Bioethics Report : The collection, linking and use of data in biomedical research and health care: ethical issues. Martin Richards.
NHSmail Workshop 14th October 2010 London Secure Projects.
1 CHCOHS312A Follow safety procedures for direct care work.
NHS England & Customer Contact Centre FOI Introduction 2013.
ISO. ISO 9000 is a family of standards for quality management systems. ISO 9000 is maintained by ISO, the International Organization for Standardization.
WHY CONFORMITY ASSESSMENT?. What is conformity assessment?  Conformity assessment is the name given to processes that are used to demonstrate that a.
Certification Approaches EAC Meeting Miami, FL August 2008 Gordon Gillerman Conformity Assessment Advisor Homeland Security National Institute of Standards.
Telecommunications Customer Equipment Compliance & Labelling Peter Cunningham Standards Section ITP 2006.
© 2013 Cambridge Technical CommunicatorsSlide 1 ISO/IEC Standard for Information Security Management Systems.
HIT Policy Committee Information Exchange Workgroup NwHIN Conditions for Trusted Exchange Request For Information (RFI) May 15,
Workshop BEWAG Entity in charge of Maintenance Brussels, 01 st of December /11/2010J-M DECHAMPS.
NHS Connecting for Health A National Framework For Implementing Electronic SAP Summary of Recommendations.
1 Understanding CQC registration Summer Introduction to CQC.
10/20/ The ISMS Compliance in 2009 GRC-ISMS Module for ISO Certification.
DICOM and ISO/TC215 Hidenori Shinoda Charles Parisot.
LeToia Crozier, Esq., CHC Vice President, Compliance & Regulatory Affairs Corey Wilson Director of Technical Services & Security Officer Interactive Think.
Improving the IG Toolkit (IGAF 2) presented by Mark Reynolds SCCI, September 2015.
1 MISA Model Douglas Petry Manager Information Security Architecture Methodist Health System Managed Information Security.
Secure into Care Homes Toolkit October 2015.
SAM-101 Standards and Evaluation. SAM-102 On security evaluations Users of secure systems need assurance that products they use are secure Users can:
Internal Auditing ISO 9001:2015
Phil Mason, who made £1million in the timber industry by the age of 25.
Secure Communications Tony Payne YJB IT Security Officer
Partners in improving local health Slide 1 Information Governance & IT Security in the NHS Ian Davison, Director of Business Information Services Alison.
1 Information Governance (For Dental Practices) Norman Pottinger Information Governance Manager NHS Suffolk.
London Information Governance Guidance. Consent and for use of secure Within the NHS side, consent is implicit along the carepathway (with some.
Models of Security Management Matt Cupp. Overview What is Security Management? What is Security Management? ISO/IEC ISO/IEC NIST Special Publication.
Department of Computer Science Introduction to Information Security Chapter 8 ISO/IEC Semester 1.
International Organization for Standardization Develops voluntary standards to help promote international trade Network of national standards bodies Has.
NHSmail: social care overview
Secure Standard Introduction for Health and Social Care Organisations
Secure Standard Introduction for IT Suppliers
The session will commence at Please mute your microphone
Introduction to GDPR 09/11/2018.
The session will commence at Please mute your microphone
The session will commence at Please mute your microphone
Data Security Protection Toolkit – Top Tips
NHSmail and HSCN Lorraine Amor
IT & Security Training Skills.
DSC Contract Management Committee Meeting
ISO 9001.
NHS Digital Katie Thorn: nhs.mail Accounts for Social Care Providers.
Presentation transcript:

Secure Standard Introduction for Health and Social Care Organisations 09 June 2014 Clive Star 1

Background Developed to support the secure exchange of sensitive information between Health and Social Care Organisations using secure services Builds on the Information Governance Toolkit organisations already complete with some additional enhancements on a few of the individual baseline controls Developed with a potential to step up to meet Public Sector accreditation requirements

Scope Applies to health, public health & social care organisations in England Under the 2012 Health Act, organisations must have “due regard” for standard Standard covers services for personal and sensitive data only

The Specification The Secure standard is available at: Contains: –The Information Standards Notice –The Specification –The Baseline Control Set

Principles Aligned to ISO Independent accreditation Supports insourced and outsourced systems Organisation compliance System/Service provider compliance Clinical safety approval for the service Organisations with Public Sector (HMG) certification do not need to accredit to this standard as well

Health & Care Conformance Evidence of a security risk assessment for the service i.e. to consider whether is contains personal & sensitive data or not One of either the Information Governance Toolkit (IGT) / Public Services Network (PSN) Code of Connection or an Information Security Management System (ISMS) conforming to ISO Published policies and procedures for the use of secure using mobile devices Evidence provided by the service provider that they have met this standard. Clinical safety approval for the service Published policies for the use of with insecure systems

Interoperability - How it will work Secure will communicate via the Government Secure Intranet (GSi) / PSN infrastructure All services will need to conform to pan- government standards The HSCIC will create and administer 3 domains: – NHSmail – Secure NHS systems –TBC – Secure care systems

IT Services that meet the Standard Health and Social Care using –.nhs.net - NHSmail Local Government / Social Services –.gcsx.gov.uk Central Government –.gsi.gov.uk,.gse.gov.uk, gsx.gov.uk Criminal and Justice –.cjsm.net,.scn.gov.uk,.pnn.police.uk Military –.mod.uk

Next Steps Determine if your service contains personal or sensitive data Register with so we can include you in future targeted Seek evidence of conformance to health & care requirements Ensure service conforms to supplier aspects of standards. If you host your own you are the supplier Self-certify conformance. Good practice is to publish this, as with NHSmail: (

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.