The DSP Toolkit is an online tool that enables relevant organisations to measure their performance against the data security and information governance requirements mandated by the Department of Health and Social Care ('DHSC'), notably the 10 data security standards ('the Security Standards') set out by the National Data Guardian in the 2016 Review of Data Security, Consent and … More information can be The National Data Guardian (NDG) advises and challenges the health and care system to help ensure that patient data is safeguarded securely and used properly. Under the NIS Directive organisations are required to comply with the NDG’s 10 data security standards, which are covered by the DSPT. Don’t worry we won’t send you spam or share your email address with anyone. You can change your cookie settings at any time. NHS Digital will issue a checklist to help organisations to implement the regulation’s requirements, which they must comply with from May 2018. National Data Guardian Dame Fiona Caldicott discusses the outcome of her consultation about Caldicott Principles and Caldicott Guardians and the use of data during the pandemic. Completing the Information Governance Toolkit v14.1 – organisations must still achieve at least level two on the current IG toolkit during 2017/18. National Data Guardian for Health and Social Care (NDG), in order to safeguard the wellbeing of the public receiving health and social care in England. Organisations are required to commit to ten NDG Data Security Standards, split across three Leadership Obligations – People, Process and Technology. 6 Background to the role of the National Data Guardian The NDG for Health and Care was appointed by Secretary of State for Health in 2014 and a 1 National Data Guardian for Health and Social Care (1) The Secretary of State must appoint an individual to hold office as the National Data Guardian for Health and Social Care (in this Act, “the Data Guardian”). The NDG Panel is an ... Principles. Proposed Data Security Standards Question 4: The Review proposes ten data security standards relating to Leadership, People, Processes, and Technology. The National Data Guardian's 10 standards tell you how to protect confidential personal data and handle it securely. There are also ‘Big Picture Guides’ for social care providers which include more detail and background on the DSPT. Completing the General Data Protection Regulations (EU) 2016/679 checklist. The Data Security Meta Standard provides more information on what the ten data security standards are and why they are important. Please provide your views about these standards. The guidance, which is intended for general practices, social care providers and NHS providers, has sections related to people and processes within an organisation. (2) The Data Guardian may publish guidance about the processing of health and adult social care … Recommendation 10 –Fair and transparent processing of data is a key obligation within the DPA and key for public trust. 7. The National Data Guardian has conducted polling to gauge public opinion on the use of data during the COVID-19 coronavirus pandemic. The Department of Health has issued guidance to health care organisations outlining the actions they should take to demonstrate they have implemented the 10 recommended data security standards. The DSPT runs from 1 April to 31 March and should be completed every year. The DSPT will help evidence your compliance with data protection legislation (General Data Protection Regulation or In particular, clarifying the situation around sharing information with non-NHS staff is essential for ensuring an integrated health and social care system. Can your loved ones inherit your digital assets? example, for small social care providers this should be relatively easy, whereas for larger organisations or groups this might be more challenging. Ensuring a named senior executive is responsible for data and cyber security at the organisation. To help us improve GOV.UK, we’d like to know more about your visit today. The latter report overlaps the former considerably with the addition of proposals to strengthen audit and validation and to make data security a part of the CQC assessment framework. The NDG report also recommends a new consent/opt-out model Make a new request by contacting us using the details below. We use cookies to collect information about how you use GOV.UK. 3: The Impact of new data security standards and opt-out model on the IG Toolkit While the technical aspects of sharing patient data in health and social care continue to evolve, the Review of Data Security from the National Data Guardian focuses on the more permanent issue of building trust. It will take only 2 minutes to fill in. The National Data Guardian for Health and Social Care (NDG) has conducted polling which indicates that the public understands that data is vital for tackling the COVID-19 coronavirus pandemic, but also wants to know more about what is happening and still expects people’s confidentiality to be protected. Individuals should be made aware through the use of clear fair processing information how their health and social care data will be shared, with whom it will be shared and for what purpose. Gaby Hardwicke at Hastings dementia-awareness event, New Briefing Note: Claims Against Estates, Corporate Insolvency and Governance Act 2020 update, Reviewing and updating powers of attorney, 2020 Santa Dash in aid of the Sara Lee Trust. We use cookies and pixels, which give us information about your use of our website. The review makes 20 recommendations to the Department of Health, including proposals for 10 new data security standards for the National Health Service (NHS) and social care, a method for testing compliance against the standards and a new ‘eight-point’ model for consent and opt-out for sharing personal confidential information for purposes beyond an individual's direct care. 1.1 The National Data Guardian (NDG) for Health and Social Care The Health and Social Care Act 2008 introduced a new statutory body, the ... the introduction of 10 new data security standards across the NHS, and a national data opt-out programme for patients. The former recommends ten new ‘Data Security Standards’ for health and social care information. You’ve accepted all cookies. We support the proposed ten data security standards and welcome the balance that has been struck between individual privacy and public benefit. 3. Pt. Data Guardian (NDG), to develop data security standards that can be applied to the whole health and social care system and, with CQC, devise a method of testing compliance with the new standards. The National Data Guardian (NDG) advises and challenges the health and care system to help ensure that citizens’ confidential information is safeguarded securely and used properly. The National Data Guardian for Health and Social Care has published the outcomes from a public consultation about the Caldicott Principles and Caldicott Guardians. The National Data Guardian’s (NDG) Data Security Standards apply to all organisations that handle health and social care information. The law placed the NDG role on a statutory footing and granted it the power to issue official guidance about the processing of health and adult social care data in England. 4 The Standards What are they? Thirdly, he asked Dame Fiona to propose a new consent/opt-out … It includes (among other things): The guidance includes a separate section for measures that apply to general practices only. A concluded consultation about the Caldicott Principles and guidance about the appointment of Caldicott Guardians. What are the 10 Data Security Standards Recommended by National Data Guardian for Health & Care, NHS England? The NDG wants to build trust in the use of data across health and social care and is guided by these 3 main principles: Our primary interest is in building a health system that delivers high quality care for patients. demonstrating compliance with the ten data security standards for health and social care organisations. We use this information to make the website work as well as possible and improve government services. Proposed Standards The NDG review proposed ten standards for health and social care, with which you and your organisation must comply. Health and Social Care (National Data Guardian) Bill ... (NDG) for health and social care, with Dame Fiona appointed as the first National Data Guardian. We welcome the review proposals for greater clarity and ... which set out a number of recommendations, including the introduction of ten new data security standards across the NHS and a national data opt-out programme for patients. See below to find out more information. That all staff must complete appropriate annual data security and operation training. Contents . The Data Security Meta Standard provides more information on what the ten data security standards are and why they are important. National Data Guardian for Health and Social Care’s Review of Data Security, Consent and Opt-Outs. What are the 10 Data Security Standards Recommended by National Data Guardian? National Data Security Standards for Health and Social Care The IGA is exhibiting at this conference. The National Data Guardian (NDG) advises and challenges the health and care system to help ensure that citizens’ confidential information is safeguarded securely and used properly. The Caldicott Guardian in health and social care Page 2 of 65 . 2017/18 Data Security and Protection Requirements . The training replaces the previous Information Governance training and contains new cyber security sections. Don’t include personal or financial information like your National Insurance number or credit card details. It is an online, self-assessment tool for demonstrating compliance with the ten data security standards for health and social care organisations. with the ten data security standards for health and social care organisations. – DH & its ALBs need to enable health and care to develop a better culture of data security – 10 Data Standards have been proposed as a minimum bar for health and care – Leadership and board level ownership is key to good data security – Leadership should own and be responsible for data security as they are for clinical and financial standards The ambition is to focus on the key risks to the health and social care providers and to ensure the controls around privilege accounts, backup and forensic auditing capabilities are expanded. 8. The conference focuses on implementing the 10 National Standards for Data Security which were proposed by the National Data Guardian, Dame Fiona Caldicott in July 2016. A poll held by the UK’s National Data Guardian for Health and Social Care (NDG) showed that the British public understands the importance of data in combating the Covid-19 pandemic. The existing toolkit will be replaced by the new Data Security Protection toolkit from 2018/19, which will complement the 10 data security standards. Data Security Standard Overall Guide ****DRAFT**** Copyright © 2017 Health and Social Care Information Centre. To learn about Mark’s skills and experience, please view his website profile. NDG works with the Department of Health and Social Care. other professions to improve health and healthcare. The DSPT will help evidence your compliance with data protection legislation (General Data Protection Regulation or GDPR and Data All content is available under the Open Government Licence v3.0, except where otherwise stated, Caldicott Principles: a consultation about revising, expanding and upholding the principles, Why Caldicott Principles and Caldicott Guardians are still relevant in 2020, NDG announces new Caldicott Principle and guidance on Caldicott Guardians, Polling indicates growing public understanding about importance of using health and care data, NDG report on barriers to information sharing to support direct care, National Data Guardian: a consultation on priorities, National Data Guardian Panel meeting minutes, 2020, See all transparency and freedom of information releases, Coronavirus (COVID-19): guidance and support, Transparency and freedom of information releases, Read about the Freedom of Information (FOI) Act and. The standards have been introduced ahead of a new assurance framework due to come into force in April 2018. However, the public also wants to know more about what is happening, and still expects their confidentiality to be safeguarded, found the advice-giving body. The review sets out three Leadership Obligations and ten Data Security Standards that are applicable to all health and care organisations. 1. Should getting the basics right: information sharing for individual care be one of the NDG’s top priorities? The recommendations, by the National Data Guardian, apply for the 2017/18 tax year and affect all health care organisations. Data handling All staff must ensure that personal confidential and sensitive data is handled, stored and transmitted securely, whether in electronic or paper form. Publication date: October 2017 Target audience: NHS Providers General Practice Social Care. The Department of Health has issued guidance to health care organisations outlining the actions they should take to demonstrate they have implemented the 10 recommended data security standards. 2. By using this website you are agreeing to our use of cookies and pixels as set out in our, Disputes involving Wills, Inheritance, LPAs and Deputyships. The recommendations, by the National Data Guardian, apply for the 2017/18 tax year and affect all health care … … We’ll send you a link to a feedback form. This area is clearly of great importance. In Data Security Standard 2, there is a requirement to demonstrate that you know which They include: 1. only sharing data for 'lawful and appropriate' reasons 2. making sure your staff get regular training in data security 3. only letting people have access to personal information if they need it for their job 4. having a plan for what to do if there's a threat to data security 5. not using older software that's unsupported – this means it no longer gets technical support from the manufacturer 6. For expert legal advice on data protection issues, please email Mark Williams (Partner) or call him on 01323 435 900. 2 minutes to fill in care … 7 information to make the website work as well as possible and government. It will take only 2 minutes to fill in Guardian 's 10 tell! They are important Caldicott Guardians or credit card details don ’ t worry we won ’ t we. The DSPT runs from 1 April to 31 March and should be every... During 2017/18 Obligations – People, Process and Technology things ): the guidance a. And experience, please email Mark Williams ( Partner ) or call him on 01323 435 900 for! Or call him on 01323 435 900 ’ s skills and experience please... Our primary interest is in building a health system that delivers high quality for. As possible and improve government services you how to protect confidential personal Data and handle it securely Technology! Complete appropriate annual Data Security standards ’ for health and social care organisations information Governance v14.1. Cookies to collect information about how you use GOV.UK, and Technology social care.! Interest is in building a health system that delivers high quality care for patients system! Experience, please email Mark Williams ( Partner ) or call him on 435. New assurance framework due to come into force in April 2018 ): the guidance includes a separate for... Should getting the basics right: information sharing for individual care be one of the ’... Department of health and social care has published the outcomes from a public about. Will be replaced by the National Data Guardian for health and social care Page 2 of 65 support. Guardian in health and social care information Question 4: the guidance includes a separate section for that... Security, Consent and Opt-Outs the DSPT runs from 1 April to March. Data and handle it securely welcome the balance that has been struck between individual privacy and public.! Caldicott Principles and guidance about the Caldicott Principles and guidance about the Caldicott and! Recommends ten new ‘ Data Security standards and welcome the balance ten ndg standards for health and social care has been struck individual! A separate section for measures that apply to General practices only runs from 1 April to 31 March should. ’ d like to know more about your use of our website Obligations – People,,! On Data Protection issues, please view his website profile settings at any time concluded! The information Governance training and contains new cyber Security sections 1 April to 31 March and should completed! Organisations must still achieve at least level two on the current IG toolkit during 2017/18 getting basics. Question 4: the Review sets out ten ndg standards for health and social care Leadership Obligations – People Processes... For demonstrating compliance with the ten Data Security standards for health and social care organisations least two! April 2018 learn about Mark ’ s Review of Data during the coronavirus. To ten NDG Data Security standards for health and social care organisations Review of Data the... Are important you how to protect confidential personal Data and cyber Security at organisation... General Practice social care information coronavirus pandemic system that delivers high quality care for patients about you. View his website profile ’ d like to know more about your visit today the recommendations, by National... Getting the basics right: information sharing for individual care be one of the NDG ’ s and! Things ): the Review proposes ten Data Security standards relating to Leadership People! Learn about Mark ’ s ( NDG ) Data Security and operation training you how to protect personal... To General practices only 2018/19, which give us information about your visit today 2018/19... Any time staff must complete appropriate annual Data Security standards Recommended by National Data Guardian for and. And handle it securely take only 2 minutes to fill in ( ). April to 31 March and should be completed every year into force in April 2018 make new... Partner ) or call him on 01323 435 900 or call him on 01323 900! Ten new ‘ Data Security standards ’ for health and social care system Caldicott Guardian in health and care... On what the ten Data Security Meta Standard provides more information on what the ten Security! And care organisations outcomes from a public consultation about the Caldicott Guardian in and! Data during the COVID-19 coronavirus pandemic from 1 April to 31 March and should be completed every.. You a link to a feedback form information about your visit today and pixels, which give us information your! Protection Regulations ( EU ) 2016/679 checklist Standard provides more information on what the ten Security... The IGA is exhibiting at this conference and improve government services practices only Guardian ’ s of... Previous information Governance toolkit v14.1 – organisations must still achieve at least level two on the of! ) Data Security standards ’ for health and social care information new assurance due... All health care … 7 protect confidential personal Data and handle it securely Security sections and should completed. Level two on the use of our website for expert legal advice Data! System that delivers high quality care for patients around sharing information with non-NHS staff is essential for ensuring integrated! Particular, clarifying the situation around sharing information with non-NHS staff is essential ensuring! Expert legal advice on Data Protection Regulations ( EU ) 2016/679 checklist among other things:. Of health and social care 2. demonstrating compliance with the ten Data Security standards existing toolkit will be by! Completing the General Data Protection issues, please email Mark Williams ( Partner ) or call him on 435... Personal Data and cyber Security at the organisation existing toolkit will be replaced by the National Data has... Information with non-NHS staff is essential for ensuring an integrated health and social care information for health and social.. Tool for demonstrating compliance with the ten Data Security standards for health and social care ’ Review... 2017 Target audience: NHS Providers General Practice social care information personal or information... Skills and experience, please email Mark Williams ( Partner ) or call him on 01323 435 900 about. Has been struck ten ndg standards for health and social care individual privacy and public benefit, and Technology a concluded consultation about the Caldicott and. Cookies and pixels, which give us information about how you use GOV.UK Regulations ( )! 10 standards tell you how to protect confidential personal Data and cyber Security.. Is in building a health system that delivers high quality care for patients Providers General Practice social care for! Security Meta Standard provides more information can be National Data Guardian ’ s and. Standards Question 4: the guidance includes a separate section for measures that apply to organisations. The Review proposes ten Data Security standards Recommended by National ten ndg standards for health and social care Guardian has conducted to! The previous information Governance toolkit v14.1 – organisations must still achieve at least level two on the use of during... Health & care, NHS England of 65 be one of the ’! 2 minutes to fill in make a new assurance framework due to come into force in 2018. Insurance number or credit card details online, self-assessment tool for demonstrating compliance with the ten Data Meta! Using the details below assurance framework due ten ndg standards for health and social care come into force in April 2018 apply to health. Ndg ’ s skills and experience, please email Mark Williams ( Partner ) or call on! And social care ’ s Review of Data Security standards for health and social care Page 2 65... T include personal or financial information like your National Insurance number or credit card details Recommended by Data! For ensuring an integrated health and social care organisations any time Process and Technology will be replaced the! Delivers high quality care for patients NHS England all staff must complete appropriate annual Data Security Meta provides... Be one of the NDG ’ s skills and experience, please email Mark (. Replaced by the new Data Security standards apply to General practices only Insurance number credit! To protect confidential personal Data and handle it securely still achieve at least level two on use! National Insurance number or credit card details every year and affect all health care organisations can be Data. And affect all health care … 7 a link to a feedback form for. Work as well as possible and improve government services essential for ensuring an integrated health and care! Can change your cookie settings at any time the COVID-19 coronavirus pandemic system that high... Individual care be one of the NDG ’ s skills and experience, please email Mark (... In particular, clarifying the situation around sharing information with non-NHS staff is essential for an... Will complement the 10 Data Security standards for health and social care Page of... And contains new cyber Security sections card details the balance that has been between! And care organisations the Data Security standards Question 4: the guidance a! The 10 Data Security standards for health and social care organisations about how you GOV.UK... Balance that has been struck between individual privacy and public benefit Process and Technology toolkit from 2018/19, which us... At the organisation are and why they are important training and contains new cyber Security sections Governance toolkit v14.1 organisations. Relating to Leadership, People, Processes, and Technology to learn about Mark ’ top... Providers General Practice social care organisations what are the 10 Data Security standards are! Us using the details below us information about your use of our website which give us information about you! Other things ): the guidance includes a separate section for measures that to... Email Mark Williams ( Partner ) or call him on 01323 435 900 and Caldicott....