Presentation is loading. Please wait.

Presentation is loading. Please wait.

The session will commence at Please mute your microphone

Published byAlfred Watson Modified over 6 years ago

Similar presentations

Presentation on theme: "The session will commence at Please mute your microphone"— Presentation transcript:

1 The session will commence at 14.00 Please mute your microphone
Data Security and Protection Toolkit Welcome The session will commence at 14.00 Please mute your microphone Presented by: David Ingham and John Hodson, NHS Digital

2 What is the Data Security and Protection Toolkit
Online data security self assessment Replacement for the IG Toolkit Lets organisations measure themselves against the NDG Data Security Standards Provides help for organisations with support to comply with GDPR All organisations that process health and care data should complete a Data Security and Protection Toolkit.

3 Why data security is important
It’s about Trust! “Trust cannot be ensured without secure systems…” People trust the health and care system to protect information. Data Security must support digital transformation otherwise the risk of breaches increase and trust will be lost.

4 Why is it changing Static for a long period of time GDPR New threats
Move to continuous improvement model NDG Report Making the first step more straightforward for smaller organisations Provide intelligence to CQC for inspections.

5 Where we are DSP Toolkit is now open for registration
Development continuing every week and will continue throughout the year Main focus on the development and testing of the GDPR Breach reporting Guidance being continuously updated.

6 Take up

7 What has changed? Requirements reflect the 10 NDG Data Security Standards Support key requirements under the General Data Protection Regulation Move away from level 1,2,3 and towards ‘mandatory’ evidence items Removed duplication Concise, clear requirements Documentary evidence only required where it adds value Exemptions for organisations which use NHSmail or have in place a relevant standard. The requirements of the Data Security and Protection Toolkit (DSPT) are designed to encompass the National Data Guardian review’s 10 data security standards. The requirements of the DSPT support key requirements under the General Data Protection Regulation (GDPR), identified in the NHS GDPR checklist. The IG Toolkit assessed performance against three levels 1, 2 and 3. Organisations were required to provide evidence of compliance with (at least) level 2 for all elements of their assessment. The DSPT does not include levels and instead requires compliance with assertions and (mandatory) evidence items. The assertions and evidence items are designed to be concise and unambiguous. Documentary evidence is only requested where this adds value. Some evidence items will not be required where an organisation uses NHSmail, or has in place an existing relevant standard (Cyber Essentials PLUS, ISO 27001, Public Service Network Information Assurance).

8 Hardest requirements in DSPT
95% of all staff to have data security training Information Asset register Data protection Impact Assessments Understanding your data flows Understand who has access to all your systems Organisations must survey their software for unsupported systems Organisations must ensure all networking components have had their default passwords changed.

9 What is coming Public view Combined reporting Secondary sectors
Provide evidence for multiple organisations Batch submission Peer benchmarking Generate an action plan Assessment Review.

10 Support for GPs Ability of IT suppliers / CCGs to provide evidence for GP practices To avoid ing out 000s of evidence item to GPs GP IT support contract Can vary between suppliers Accountability versus responsibility.

11 Communications GP email going out this week.
Webinars Beginners Guide 07/06 Third Sector 13/06 Social Care 21/06 Dentists 19/06 Optician 26/06 Incident Reporting 12/06 Incident Reporting 03/07 What additional communications would you find useful?

12 Help and Support Register
Presentation developed to be used by IG Leads. FAQs including Training Tool. DSP Toolkit Support available through. Toolkit training and update events

13 Demonstration

14 Questions?

15

Download ppt "The session will commence at Please mute your microphone"

Similar presentations

1 Improving Services and Performance Toolkit for Effective Front-line Services to Youth Module Six: Documentation: Record- keeping, and Case Notes.

1 Improving Services and Performance Toolkit for Effective Front-line Services to Youth Module Six: Documentation: Record- keeping, and Case Notes.
Introduction to Information Governance (IG)

Introduction to Information Governance (IG)
Information Governance. “ensuring the confidentiality, accuracy and availability of patient information” Why Information Governance?

Information Governance. “ensuring the confidentiality, accuracy and availability of patient information” Why Information Governance?
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.

Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
Cyber Security & Fraud – The impact on small businesses.

Cyber Security & Fraud – The impact on small businesses.
1 Information Governance (For Dental Practices) Norman Pottinger Information Governance Manager NHS Suffolk.

1 Information Governance (For Dental Practices) Norman Pottinger Information Governance Manager NHS Suffolk.
Family Assessment Service Engagement Event 21 st August 2013 NWCE-9A3GPK.

Family Assessment Service Engagement Event 21 st August 2013 NWCE-9A3GPK.
The Evolving IG Lead Role Phil Walker IGA. The IG Lead Role I am constantly surprised by the breadth and variety of work undertaken by IG Leads, but there.

The Evolving IG Lead Role Phil Walker IGA. The IG Lead Role I am constantly surprised by the breadth and variety of work undertaken by IG Leads, but there.
Transforming the quality of dementia care – consultation on a National Dementia Strategy Mike Rochfort Programme Lead Older People’s Mental Health WM CSIP.

Transforming the quality of dementia care – consultation on a National Dementia Strategy Mike Rochfort Programme Lead Older People’s Mental Health WM CSIP.
1 CQC review of data security standards in the NHS Rosie Wood, Strategy Lead Information Governance Alliance Conference 16 March 2016.

1 CQC review of data security standards in the NHS Rosie Wood, Strategy Lead Information Governance Alliance Conference 16 March 2016.
Data Controller Issues in context of shared records – revised guidance Information Governance Alliance Webinar:- Wednesday 6 July 2016 Chair Suzanne Lea.

Data Controller Issues in context of shared records – revised guidance Information Governance Alliance Webinar:- Wednesday 6 July 2016 Chair Suzanne Lea.
Information Governance A refresher for all staff who have previously gone through the full course.

Information Governance A refresher for all staff who have previously gone through the full course.
Safe Digital Transformation

Safe Digital Transformation
An update from the Department of Health Lorraine Jackson Deputy Director for Data sharing and Cyber security Department of Health 22 November 2016.

An update from the Department of Health Lorraine Jackson Deputy Director for Data sharing and Cyber security Department of Health 22 November 2016.
The Quality Surveillance Team / Programme

The Quality Surveillance Team / Programme
National Stroke Audit Rehabilitation Services 2016

National Stroke Audit Rehabilitation Services 2016
Accountability & Structured Privacy Management

Accountability & Structured Privacy Management
IS YOUR ORGANISATION’S INFORMATION SECURE?

IS YOUR ORGANISATION’S INFORMATION SECURE?
New CMS Emergency Preparedness Rule

New CMS Emergency Preparedness Rule
SIGNs Chairs Meeting – 14th December 2016

SIGNs Chairs Meeting – 14th December 2016

Similar presentations

Ads by Google