Presentation is loading. Please wait.

Presentation is loading. Please wait.

The session will commence at Please mute your microphone

Published byDjaja Tanudjaja Modified over 6 years ago

Similar presentations

Presentation on theme: "The session will commence at Please mute your microphone"— Presentation transcript:

1 The session will commence at 12.30 Please mute your microphone
Data Security and Protection Toolkit Welcome The session will commence at 12.30 Please mute your microphone Presented by: David Ingham NHS Digital

2 What is the Data Security and Protection Toolkit
Online data security self assessment Replacement for the IG Toolkit Lets organisations measure themselves against the NDG Data Security Standards All organisations that process health and care data should complete a Data Security and Protection Toolkit.

3 Why data security is important
It’s about trust! “Trust cannot be ensured without secure systems…” People trust the health and care system to protect information Data security must support digital transformation, otherwise the risk of breaches increase and trust will be lost.

4 Data Security and Protection Toolkit in numbers
Active Users 33 development sprints completed 8,800+ 9,800+ active user organisations Integrated GDPR + NIS Incident notification for streamlined automated reporting Feedback items 3,500 GP Practices Registered 500 Takes in account other recognised Certifications and systems 8 Bugs 81 GDPR Incidents Reported to ICO by GPs Reported and fixed 25 GP Practices have published

5 What has changed? Move away from level 1, 2 and 3 and towards ‘mandatory’ evidence items Removed duplication Aligned with NDG Standards and GDPR More concise requirements Documentary evidence only required where it adds value Exemptions for organisations which use NHSmail or have in place a relevant standard including Cyber Essentials Plus.

6 Hardest requirements in DSPT
For the Practice 95% of all staff to have data security training Understand who has access to all your systems Understanding your data flows. CCG/CSU can help List of systems holding or sharing personal information (information asset register) Data Protection Impact Assessments Organisations must survey their software for unsupported systems Organisations must ensure all networking components have had their default passwords changed.

7 Iterative development

8 What is coming? New functionality in development*
accessibility and user interface improvements provide evidence for multiple organisations but not submitting e.g. a CSU. (any volunteers to test this from a GP point of view) public view peer benchmarking and enhanced reporting generate an action plan. * Not exhaustive

9 Incident reporting overview
An online tool for reporting GDPR notifiable incidents (health and care data) Applies to all organisations processing health and care personal data under contract Worked with ICO DHSC, NHS England and users Replacement of the IG SIRI Tool Guidance published and updated

10 Help and support Register
Presentation developed to be used by IG Leads. FAQs including Training Tool. DSP Toolkit Support available through. Toolkit training and update events LGA newsletter article.

11 Demonstration

12 Questions?

13

Download ppt "The session will commence at Please mute your microphone"

Similar presentations

Information Governance in Commissioning Mental Health Commissioners Collaborative.

Information Governance in Commissioning Mental Health Commissioners Collaborative.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.

Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
Data Protection Act obligations and pseudonymisation Dawn Monaghan Group Manager Information Commissioners Office.

Data Protection Act obligations and pseudonymisation Dawn Monaghan Group Manager Information Commissioners Office.
1 Understanding CQC registration Summer 2012. 2 Introduction to CQC.

1 Understanding CQC registration Summer Introduction to CQC.
Improving the IG Toolkit (IGAF 2) presented by Mark Reynolds SCCI, September 2015.

Improving the IG Toolkit (IGAF 2) presented by Mark Reynolds SCCI, September 2015.
1 Information Governance (For Dental Practices) Norman Pottinger Information Governance Manager NHS Suffolk.

1 Information Governance (For Dental Practices) Norman Pottinger Information Governance Manager NHS Suffolk.
The Evolving IG Lead Role Phil Walker IGA. The IG Lead Role I am constantly surprised by the breadth and variety of work undertaken by IG Leads, but there.

The Evolving IG Lead Role Phil Walker IGA. The IG Lead Role I am constantly surprised by the breadth and variety of work undertaken by IG Leads, but there.
Healthy Apps Healthy Data Healthy People Healthy Apps Healthy Data Healthy People.

Healthy Apps Healthy Data Healthy People Healthy Apps Healthy Data Healthy People.
The Quality Surveillance Team / Programme

The Quality Surveillance Team / Programme
Preparing for the GDPR Helping us to help you.

Preparing for the GDPR Helping us to help you.
Accountability & Structured Privacy Management

Accountability & Structured Privacy Management
Knowledge for Healthcare: Driver Diagrams October 2016

Knowledge for Healthcare: Driver Diagrams October 2016
IS YOUR ORGANISATION’S INFORMATION SECURE?

IS YOUR ORGANISATION’S INFORMATION SECURE?
NHSmail: social care overview

NHSmail: social care overview
SIGNs Chairs Meeting – 14th December 2016

SIGNs Chairs Meeting – 14th December 2016
Emergency Care Data Set (ECDS)

Emergency Care Data Set (ECDS)
Tailored Dispensing Service (TDS)

Tailored Dispensing Service (TDS)
Data protection headaches: GDPR, brexit AND perimeter risk

Data protection headaches: GDPR, brexit AND perimeter risk
Presentation to GTMC on GDPR

Presentation to GTMC on GDPR
General Data Protection Regulation (GDPR)

General Data Protection Regulation (GDPR)

Similar presentations

Ads by Google