Presentation is loading. Please wait.

Presentation is loading. Please wait.

Data Security Protection Toolkit – Overview

Published byGlenna Cahyadi Modified over 6 years ago

Similar presentations

Presentation on theme: "Data Security Protection Toolkit – Overview"— Presentation transcript:

1 Data Security Protection Toolkit – Overview
Presented by: David Ingham & John Hodson NHS Digital

2 Why data security is important
It’s about Trust! “Trust cannot be ensured without secure systems…” People trust the health and care system to protect information. Data security must support digital transformation otherwise the risk of breaches increase and trust will be lost.

3 Data Security and Protection Toolkit in numbers
Active Users 28 development sprints completed 6,800+ 8500+ active user organisations Integrated GDPR + NIS Incident notification for streamlined automated reporting Feedback items 44 Higher education registrations 308 Bugs Takes in account other recognised Certifications and systems GDPR Incidents Recorded 3 446 Reported and fixed

4 Iterative development

5 What is coming? New functionality in development*
amendment to org profile (department) accessibility and user interface improvements provide evidence for multiple organisations but not submitting public view peer benchmarking and enhanced reporting generate an action plan. * Not exhaustive

6 Levels Name Description  Standards Exceeded Evidence Items for all mandatory expected requirements have been met. The organisation has external cyber security accreditation. Evidence of best practice.  Standards Met Evidence items for all mandatory expected requirements have been met. Required for access to NHS Digital Data Equivalent to Satisfactory.  Critical Standards Not Met Evidence items for critical legal requirements have not been met by the organisation. No access to information sharing tools e.g. NHS Digital Data.

7 Incident reporting tool launched
guidance published and updated worked with ICO DHSC, NHS England and NHS any comments or suggestions about the guidance, us on Launch Guidance Update to guidance typos/consistency etc.,

8 What is changing? The scoring system of SIRI has been changed
Level 2 is no longer the trigger for reporting Number of people effected not a sensitivity factor anymore Trigger for reporting is harm and impact Notification system not an incident management system. Explain previous and new IR process

9 What is reportable ? ICO - the incident is assessed that it is (at least) likely that some harm has occurred and that the impact is (at least) minor. DHSC - the incident is (at least) likely that harm has occurred and the impact is at least serious. Where the 72 hours (real hours) deadline is not met, an organisation must provide an explanation Look at the examples at the back of the guidance.

10 e-Learning Self-registration on e-learning for healthcare (e-LfH)   Organisation registration Access through Athens (

11 Help and support Register
Presentation developed to be used by IG Leads. FAQs including Training Tool. DSP Toolkit Support available through. Toolkit training and update events

12 Demonstration

13 Questions?

14

Download ppt "Data Security Protection Toolkit – Overview"

Similar presentations

Information Governance in Commissioning Mental Health Commissioners Collaborative.

Information Governance in Commissioning Mental Health Commissioners Collaborative.
CLINICAL GOVERNANCE and MI Services : An introduction National MI Training Course University of Leicester 5 th July 2007 Mark Cheeseman E ast Anglia MI.

CLINICAL GOVERNANCE and MI Services : An introduction National MI Training Course University of Leicester 5 th July 2007 Mark Cheeseman E ast Anglia MI.
Case studies: online health and telemedicine Professor Peter C Smith Professor of Health Policy, Imperial College Business School, London.

Case studies: online health and telemedicine Professor Peter C Smith Professor of Health Policy, Imperial College Business School, London.
1 Understanding CQC registration Summer 2012. 2 Introduction to CQC.

1 Understanding CQC registration Summer Introduction to CQC.
Improving the IG Toolkit (IGAF 2) presented by Mark Reynolds SCCI, September 2015.

Improving the IG Toolkit (IGAF 2) presented by Mark Reynolds SCCI, September 2015.
Registering the care sector – next steps Dr Linda Hutchinson Director, Care Quality Commission National Care Association Conference, 21 October 2010.

Registering the care sector – next steps Dr Linda Hutchinson Director, Care Quality Commission National Care Association Conference, 21 October 2010.
Security Vulnerability Identification and Reduction Linda Cornwal, JRA1, Brno 20 th June 2005

Security Vulnerability Identification and Reduction Linda Cornwal, JRA1, Brno 20 th June 2005
1 Information Governance (For Dental Practices) Norman Pottinger Information Governance Manager NHS Suffolk.

1 Information Governance (For Dental Practices) Norman Pottinger Information Governance Manager NHS Suffolk.
7/7/20161 The Public Sector Equality Duty for Schools in England Jonathan Timbers – Policy Manager, PSED Team, Equality and Human Rights Commission.

7/7/20161 The Public Sector Equality Duty for Schools in England Jonathan Timbers – Policy Manager, PSED Team, Equality and Human Rights Commission.
Information Governance A refresher for all staff who have previously gone through the full course.

Information Governance A refresher for all staff who have previously gone through the full course.
Funded Agency Channel overview

Funded Agency Channel overview
The Quality Surveillance Team / Programme

The Quality Surveillance Team / Programme
Data Protection Regulation

Data Protection Regulation
SIGNs Chairs Meeting – 14th December 2016

SIGNs Chairs Meeting – 14th December 2016
Secure Standard Introduction for Health and Social Care Organisations

Secure Standard Introduction for Health and Social Care Organisations
Team 2 – understand vulnerabilities

Team 2 – understand vulnerabilities
Presentation to GTMC on GDPR

Presentation to GTMC on GDPR
General Data Protection Regulation (GDPR)

General Data Protection Regulation (GDPR)
General Data Protection Regulation

General Data Protection Regulation
General Data Protection Regulations Preparing for the upcoming changes in data protection law David Jones & Angharad Williams.

General Data Protection Regulations Preparing for the upcoming changes in data protection law David Jones & Angharad Williams.

Similar presentations

Ads by Google