Department of Health
Government responds on cyber security and data
Plans to strengthen NHS and social care organisations against cyber attacks and protect patient data.
On 12 July 2017, the government announced that investment in data and cyber security will be boosted above £50 million - and include a new £21 million capital fund for major trauma centres - as part of its response to reviews and consultation feedback on these issues.
Your Data: Better Security, Better Choice, Better Care is the government’s response to the:
- National Data Guardian for Health and Care’s Review of Data Security, Consent and Opt-Outs
- public consultation on that review
- Care Quality Commission’s Review ‘Safe Data, Safe Care’
It sets out that the government accepts the recommendations in both the National Data Guardian review and the Care Quality Commission review.
‘Your Data: Better Security, Better Choice, Better Care’ announces that, to strengthen the safeguarding of information, the National Data Guardian’s position will be put on a statutory footing and stronger sanctions will be introduced by May 2018 to protect anonymised data, including severe penalties for negligent or deliberate re-identification of individuals.
It also announces plans to:
- give patients and the public more access to, and control over, their personal data
- build confidence in the importance of secure data to provide better individual care and treatment
- support research and planning across the health system
To mitigate the immediate risks with cyber security, NHS Digital is supporting local organisations by:
- broadcasting alerts about cyber threats
- providing a hotline for dealing with incidents
- sharing best practice across the health and care system
- carrying out on-site assessments.
Work is underway in parallel to determine the fastest and most cost effective way to support the NHS to move from unsupported operating systems, including Windows XP.
The NHS contract has been changed so that NHS organisations are formally required to adopt data security standards as recommended by the independent National Data Guardian for Health and Care, including:
- security training for staff
- annual reviews of processes
- extensive contingency plans to respond to threats to data security
Health Minister Lord O’Shaughnessy said:
The NHS has a long history of safeguarding confidential data, but with the growing threat of cyber-attacks including the WannaCry ransomware attack in May, this government has acted to protect information across the NHS.
Only by leading cultural change and backing organisations to drive up security standards across the health and social care system can we build the resilience the NHS needs in the face of a global threat.
Latest News from
Department of Health
World Alzheimer's Day: could we create a world without dementia?21/09/2017 15:15:15
Health Secretary Jeremy Hunt discusses what the UK is doing in the fight against dementia, and the importance of partnership.
London turns the tide on an 8 year surge of gonorrhoea21/09/2017 12:25:00
A new report from PHE shows that new cases of gonorrhoea in Londoners dropped by 19% in 2016 compared with figures from 2015.
Exporting NHS innovation at NHS Expo 201718/09/2017 12:24:00
Healthcare UK raising the profile and appeal of exporting healthcare services overseas.
PHE experts to aid recovery on storm hit British overseas territories18/09/2017 10:20:00
Public Health England (PHE) staff to support health protection work and aid recovery efforts in UK Overseas Territories in the Caribbean.