The NHS is harnessing the advantages of the digital revolution and is delivering leading-edge health and care solutions. Central to this, NHS Digital’s Data Security Centre (DSC) works to ensure the confidentiality, integrity, and availability of patient data, and protects clinical and business systems from vulnerabilities and threats.
The DSC offers comprehensive support, free of charge, to health and care organisations allowing them to remain focused on delivering day-to-day, local operational and clinical priorities, to effectively manage data security and to provide safe, effective patient care.
Designed to equip organisations with the knowledge, infrastructure, policy and culture to build and maintain the necessary local interventions, the DSC provides a cyclical Cyber Security Support Model to identify, fix, embed and review an organisation’s cyber security. At the same time it will support NHS organisations with the mandatory Network and Information System (NIS) compliance, Data Security Protection Toolkit completion and CQC inspection.
Starting with the Data Security Onsite Assessment, which combines an IT HealthCheck with Cyber Essentials Plus, experts will help organisations identify issues and provide initial guidance on how to overcome areas of high risk and expose vulnerabilities. After the assessment organisations will have a clear, detailed plan of action and can then choose from the suite of support services and products from the DSC. This support is designed to significantly improve their cyber security posture and maturity along with helping them achieve compliance within defined security standards while delivering local operational and clinical priorities.
For technical weaknesses and issues, specialist suppliers will provide a proactive response to identified issues, focussing on existing technology and systems and providing recommended fixes while actively supporting the organisation to deliver the required changes. At the same time, if required, the DSC will help organisations develop a cyber-specific risk review comprising a clear and uniformed framework from which they can, importantly, integrate security into existing organisational risk reporting.
To maintain and develop an effective cyber secure organisation it is vital to embed cyber security into policies, processes and culture. To achieve this a team of experts can be deployed on-site to provide a tailored suite of services to support operational readiness into the day-to-day ways of working at every level.
The model encourages a re-assessment to validate the improvements that have been made as a result of this support model. Where additional improvements and support is required the DSC is always available to continually support all health and care organisations and will provide additional support as necessary to ensure organisations continuously improve.
While the services are free, the DSC understands than before committing to assessment and review it is vital to have senior-level buy in and approval. To aid this, the DSC provides GCHQ Certified Board-level Cyber Security training. This comprehensive and engaging training explores the leadership challenge of cyber and data security in health and care, aligning it to your organisational objectives.
Each organisation will have different requirements, likely to include the need for a mix of technical solutions and operational/policy improvement and the Cyber Security Support Model is only part of the services provided by the DSC. Find out more at www.digital.nhs.uk/services/data-security-centre
To register for an onsite assessment or to find out more about the other, free support services, please contact the DSC directly firstname.lastname@example.org