Toolkit launched to ensure patient data is handled correctly

  • 22 May 2018
Toolkit launched to ensure patient data is handled correctly

A new online self-assessment tool that enables organisations to measure their data security against national standards has been launched.

The Data Security and Protection Toolkit, which replaces the previous Information Governance toolkit, has been designed to ensure that patient data is secure.

All organisations that have access to NHS patient data and systems, including NHS trusts, primary care and social care providers and commercial third parties, must complete the toolkit to provide assurance that they are practising good data security and that personal information is handled correctly.

Their performance is measured against the National Data Guardian’s ten data security standards.

Dan Taylor, programme director for the data security centre at NHS Digital, said: “The Data Security and Protection Toolkit is a powerful tool which health and care organisations will use to assess their cyber preparedness.

“This launch marks the start of a journey, with the Toolkit forming a foundation for long-term improvements in patient data security.

“The Toolkit is part of a number of new initiatives to build public trust in the way we secure their data.”

The toolkit has been designed to be easier to use with a simpler format.

Organisations that provide health services or connect to national systems will be required to complete self-assessments annually.

The launch of the toolkit was prompted by the WannaCry ransomware attack in May 2017.

Following the attack, NHS England’s chief information officer, Will Smart, recommended a tool for assessing organisations’ cyber-defences was made available by April 2018.

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Related News

Two more Liverpool hospitals impacted by Alder Hey cyber attack

Two more Liverpool hospitals impacted by Alder Hey cyber attack

Alder Hey Children's NHS Foundation Trust has announced that the cyber attack it suffered last week has impacted two more hospitals.
Major cyber security incident declared at Merseyside hospital

Major cyber security incident declared at Merseyside hospital

A “major incident” has been declared at Wirral University Teaching Hospital NHS Foundation Trust “for cyber security reasons”.
Barts Health rolls out Cynerio cyber security platform

Barts Health rolls out Cynerio cyber security platform

Barts Health NHS Trust has rolled out Cynerio’s healthcare-focused cyber security platform across all of its sites.

1 Comments

  • This is lame.
    There is an international standard for Data Security – ISO 27001.
    Although this is mentioned in the document, this should be the default.

    NHS organisations should be externally audited against a meaningful standard, and not a bunch of wishy washy aspirations.

    Either security and IG matters, in which case do it properly, or do not bother doing it at all.

Comments are closed.