Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Standard Introduction for Health and Social Care Organisations

Published byFlora Douglas Modified over 6 years ago

Similar presentations

Presentation on theme: "Secure Standard Introduction for Health and Social Care Organisations"— Presentation transcript:

1 Secure Email Standard Introduction for Health and Social Care Organisations
09 June 2014 Clive Star

2 Background Developed to support the secure exchange of sensitive information between Health and Social Care Organisations using secure services Builds on the Information Governance Toolkit organisations already complete with some additional enhancements on a few of the individual baseline controls Developed with a potential to step up to meet Public Sector accreditation requirements

3 Scope Applies to health, public health & social care organisations in England Under the 2012 Health Act, organisations must have “due regard” for standard Standard covers services for personal and sensitive data only

4 The Specification The Secure standard is available at: Contains: The Information Standards Notice The Specification The Baseline Control Set

5 Principles Aligned to ISO 27001 Independent accreditation
Supports insourced and outsourced systems Organisation compliance System/Service provider compliance Clinical safety approval for the service Organisations with Public Sector (HMG) certification do not need to accredit to this standard as well

6 Health & Care Conformance
Evidence of a security risk assessment for the service i.e. to consider whether is contains personal & sensitive data or not One of either the Information Governance Toolkit (IGT) / Public Services Network (PSN) Code of Connection or an Information Security Management System (ISMS) conforming to ISO 27001 Published policies and procedures for the use of secure using mobile devices Evidence provided by the service provider that they have met this standard. Clinical safety approval for the service Published policies for the use of with insecure systems

7 Interoperability - How it will work
Secure will communicate via the Government Secure Intranet (GSi) / PSN infrastructure All services will need to conform to pan-government standards The HSCIC will create and administer 3 domains: @orgname.nhs.net – NHSmail @orgname.secure.nhs.uk – Secure NHS systems TBC – Secure care systems

8 IT Services that meet the Standard
Health and Social Care using .nhs.net - NHSmail Local Government / Social Services .gcsx.gov.uk Central Government .gsi.gov.uk, .gse.gov.uk, gsx.gov.uk Criminal and Justice .cjsm.net, .scn.gov.uk, .pnn.police.uk Military .mod.uk

9 Next Steps Determine if your service contains personal or sensitive data Register with so we can include you in future targeted updates Seek evidence of conformance to health & care requirements Ensure service conforms to supplier aspects of standards. If you host your own you are the supplier Self-certify conformance. Good practice is to publish this, as with NHSmail: (

Download ppt "Secure Standard Introduction for Health and Social Care Organisations"

Similar presentations

A Joint Code of Practice Objectives and Summary Presentation

A Joint Code of Practice Objectives and Summary Presentation
Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.

Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.
Secure Email Standard Introduction for Health and Social Care Organisations 09 June 2014 Clive Star 1.

Secure Standard Introduction for Health and Social Care Organisations 09 June 2014 Clive Star 1.
Secure Email Standard Introduction for IT Suppliers 09 June 2014 Clive Star 1.

Secure Standard Introduction for IT Suppliers 09 June 2014 Clive Star 1.
Common Assessment Framework for Adults Demonstrator Site Programme Event to Support Expressions of Interest.

Common Assessment Framework for Adults Demonstrator Site Programme Event to Support Expressions of Interest.
Future of Payment by Results (PbR) PCT network – 19 Feb 2007.

Future of Payment by Results (PbR) PCT network – 19 Feb 2007.
Conformity Assessment Practical Implications InterAgency Committee on Standards Policy June 2007 Gordon Gillerman Conformity Assessment Advisor Homeland.

Conformity Assessment Practical Implications InterAgency Committee on Standards Policy June 2007 Gordon Gillerman Conformity Assessment Advisor Homeland.
1 GCSX and NHS Anna Smith Implementation & Service Delivery Manager, Government Connect October 2010.

1 GCSX and NHS Anna Smith Implementation & Service Delivery Manager, Government Connect October 2010.
First Practice - Information Security Management System Implementation and ISO 27001 Certification.

First Practice - Information Security Management System Implementation and ISO Certification.
Information Governance in Commissioning Mental Health Commissioners Collaborative.

Information Governance in Commissioning Mental Health Commissioners Collaborative.
NHS England & Customer Contact Centre FOI Introduction 2013.

NHS England & Customer Contact Centre FOI Introduction 2013.
ISO. ISO 9000 is a family of standards for quality management systems. ISO 9000 is maintained by ISO, the International Organization for Standardization.

ISO. ISO 9000 is a family of standards for quality management systems. ISO 9000 is maintained by ISO, the International Organization for Standardization.
WHY CONFORMITY ASSESSMENT?. What is conformity assessment?  Conformity assessment is the name given to processes that are used to demonstrate that a.

WHY CONFORMITY ASSESSMENT?. What is conformity assessment?  Conformity assessment is the name given to processes that are used to demonstrate that a.
Certification Approaches EAC Meeting Miami, FL August 2008 Gordon Gillerman Conformity Assessment Advisor Homeland Security National Institute of Standards.

Certification Approaches EAC Meeting Miami, FL August 2008 Gordon Gillerman Conformity Assessment Advisor Homeland Security National Institute of Standards.
2008 New York - Member Forum Council for Responsible Jewellery Practices, Ltd. Overview of CRJP.

2008 New York - Member Forum Council for Responsible Jewellery Practices, Ltd. Overview of CRJP.
© 2013 Cambridge Technical CommunicatorsSlide 1 ISO/IEC 27001 Standard for Information Security Management Systems.

© 2013 Cambridge Technical CommunicatorsSlide 1 ISO/IEC Standard for Information Security Management Systems.
HIT Policy Committee Information Exchange Workgroup NwHIN Conditions for Trusted Exchange Request For Information (RFI) May 15, 2012 1.

HIT Policy Committee Information Exchange Workgroup NwHIN Conditions for Trusted Exchange Request For Information (RFI) May 15,
Workshop BEWAG Entity in charge of Maintenance Brussels, 01 st of December 2010 23/11/2010J-M DECHAMPS.

Workshop BEWAG Entity in charge of Maintenance Brussels, 01 st of December /11/2010J-M DECHAMPS.
NHS Connecting for Health A National Framework For Implementing Electronic SAP Summary of Recommendations.

NHS Connecting for Health A National Framework For Implementing Electronic SAP Summary of Recommendations.
1 Understanding CQC registration Summer 2012. 2 Introduction to CQC.

1 Understanding CQC registration Summer Introduction to CQC.

Similar presentations

Ads by Google