Presentation is loading. Please wait.

Presentation is loading. Please wait.

The session will commence at Please mute your microphone

Similar presentations


Presentation on theme: "The session will commence at Please mute your microphone"— Presentation transcript:

1 The session will commence at 12.30 Please mute your microphone
Data Security and Protection Toolkit Welcome The session will commence at 12.30 Please mute your microphone Presented by: David Ingham NHS Digital

2 What is the Data Security and Protection Toolkit
Online data security self assessment Replacement for the IG Toolkit Lets organisations measure themselves against the NDG Data Security Standards All organisations that process health and care data should complete a Data Security and Protection Toolkit

3 Why data security is important
It’s about Trust! “Trust cannot be ensured without secure systems…” People trust the health and care system to protect information. Data Security must support digital transformation otherwise the risk of breaches increase and trust will be lost.

4 Data Security and Protection Toolkit in numbers
Active Users 29 development sprints completed 7,500+ 9,300+ active user organisations Integrated GDPR + NIS Incident notification for streamlined automated reporting Feedback items 98 Local Authorities Registered 374 Takes in account other recognised Certifications and systems 6 Bugs 190 GDPR Incidents Reported to ICO Reported and fixed

5 What has changed? Move away from level 1,2,3 and towards ‘mandatory’ evidence items Removed duplication Aligned with NDG Standards and GDPR More concise requirements Documentary evidence only required where it adds value Exemptions for organisations which use NHSmail or have in place a relevant standard including PSN IA.

6 Hardest requirements in DSPT
Related to your health and care data processing: 95% of all staff to have data security training List of systems holding or sharing personal information (information asset register) Data Protection Impact Assessments. Understanding your data flows Understand who has access to all your systems Organisations must survey their software for unsupported systems Organisations must ensure all networking components have had their default passwords changed. Adult Social Services and Public Health.

7 Iterative development

8 What is coming? New functionality in development*
accessibility and user interface improvements expand PSN IA exemptions provide evidence for multiple organisations but not submitting public view peer benchmarking and enhanced reporting generate an action plan. * Not exhaustive

9 Incident Reporting Overview
An online tool for reporting GDPR notifiable incidents (health and care data) Applies to all organisations processing health and care personal data under contract Worked with ICO DHSC, NHS England and users Replacement of the IG SIRI Tool Guidance published and updated

10 Help and support Register
Presentation developed to be used by IG Leads. FAQs including Training Tool. DSP Toolkit Support available through. Toolkit training and update events LGA newsletter article.

11 Demonstration

12 Questions?

13


Download ppt "The session will commence at Please mute your microphone"

Similar presentations


Ads by Google