Reading news.jpg

NHS England to Replace IG Toolkit in 2018: What PMs Need to Know

Last week NHS England revealed that the Information Governance (IG) Toolkit will be replaced in April 2018. This is part of a new approach to measuring progress against 10 data security standards for general practice set out by Dame Fiona Caldicott. We’ve picked out some key information for primary care managers about the IG toolkit and its replacement!

The new requirements state that all GP practice in England must name a partner, board member or equivalent senior employee as being responsible for data and cyber security in the practice. This will also need to be implemented by April 2018, when the new Data Security and Protection Toolkit (DSP Toolkit) replaces the Information Governance Toolkit (IG Toolkit).

Practices will need to implement these changes to meet the data security and protection requirements set out in their contract. The CQC will monitor how closely practices follow the 10 standards as part of their inspection process, considering it as part of the ‘Well Led’ element of their inspections.

The 10 data security requirements have been recommended by Dame Fiona Caldicott, the National Data Guardian for Health and Care. Here’s a closer look at the standards and what they mean for general practices:
 

  1. All staff ensure that all personal confidential data is handled, stored and transmitted securely. Personal confidential data is only shared for lawful and appropriate purposes. 

  2. All staff understand their responsibilities under the National Data Guardian’s Data Security Standards, including their personal accountability for deliberate or avoidable breaches. 

  3. All staff complete appropriate annual data security training and pass a mandatory test.
     
  4. Personal confidential data is only accessible to staff who need it for their current role. All access to personal confidential data on IT systems can be attributed to individuals.
     
  5. Processes are reviewed at least annually to identify and improve processes which have caused breaches or near misses.
     
  6. Cyber-attacks against services are identified and resisted and CareCERT security advice is responded to. Action is taken immediately following a data breach or a near miss.
     
  7. A continuity plan is in place to respond to threats to data security, including significant data breaches or near misses, and it is tested once a year as a minimum.
     
  8. No unsupported operating systems, software or internet browsers are used within the IT estate.
     
  9. A strategy is in place for protecting IT systems from cyber threats which is based on a proven cyber security framework such as Cyber Essentials. This is reviewed at least annually.
     
  10. Suppliers are held accountable via contracts for protecting the personal confidential data they process and meeting the National Data Guardian’s Data Security Standard.
     

For GP practices, some requirements will be implemented by the commissioner of the GP IT & GP Information Governance Support Service (Clinical Commissioning Group (CCG) or NHS England Regional) on their behalf.

For more information, take a look at the DoH document 2017/18 Data Security and Protection Requirements. Do you think these changes will lead to improvements? Let us know your thoughts in the comment section below.


Comments

No Comments

Leave a Comment

Categories

Upcoming Events

There are currently no events scheduled.

Jobs

Practice Business Manager - Manchester

Closing Date: 9 March 2018

Salary: £48,514 (pro rata, 34hrs)

Practice Manager - Runcorn

Closing Date: 9 March 2018

Salary: Dependent on experience

Practice Manager - Harrow, North West London

Closing Date: 26 February 2018

Salary: In the range of £42,000- £55,000 per annum (depending on experience)

Practice Business Manager - Exeter, Devon

Closing Date: 23 February 2018

Salary: Competitive

Business Manager - Manchester

Closing Date: 23 February 2018

Salary: Up to 44k dependant on experience

2 x Practice Manager - London

Closing Date: 28 February 2018

Salary: Competitive and negotiable depending on experience

Practice Business Manager - Manchester

Closing Date: 9 March 2018

Salary: £48,514 (pro rata, 34hrs)

Practice Manager - Runcorn

Closing Date: 9 March 2018

Salary: Dependent on experience

Practice Business Manager - SW1W, London

Closing Date: 28 February 2018

Salary: £50,000pa

Practice Manager - SW16, London

Closing Date: 14 March 2018

Salary: Competitive

Practice Manager - Harrow, North West London

Closing Date: 26 February 2018

Salary: In the range of £42,000- £55,000 per annum (depending on experience)

PRACTICE/BUSINESS MANAGER - Poringland, Near Norwich

Closing Date: 22 March 2018

Salary: In the region of £40K plus depending on experience

Practice Manager - HA8, London

Closing Date: 2 March 2018

Salary: TBC

Business Manager - Manchester

Closing Date: 23 February 2018

Salary: Up to 44k dependant on experience

Practice Manager - Winchester, Hampshire

Closing Date: 23 February 2018

Salary: c. £45,000-£55,000 p/a

Practice Operations Supervisor - Fleet, Hampshire

Closing Date: 23 February 2018

Salary: Up to £30k per annum depending on experience

Practice Manager - Reading, Berkshire

Closing Date: 23 February 2018

Salary: c. £45,000-£50,000pa

Practice Business Manager - Exeter, Devon

Closing Date: 23 February 2018

Salary: Competitive

Practice Manager - Harrow, North West London

Closing Date: 26 February 2018

Salary: In the range of £42,000- £55,000 per annum (depending on experience)

What others are viewing now

Latest Forum Posts

Fetching latest posts...