Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Email Standard Introduction for Health and Social Care Organisations 09 June 2014 Clive Star 1.

Published byJaida Bentley Modified over 9 years ago

Similar presentations

Presentation on theme: "Secure Email Standard Introduction for Health and Social Care Organisations 09 June 2014 Clive Star 1."— Presentation transcript:

1 Secure Email Standard Introduction for Health and Social Care Organisations 09 June 2014 Clive Star 1

2 Background Developed to support the secure exchange of sensitive information between Health and Social Care Organisations using secure email services Builds on the Information Governance Toolkit organisations already complete with some additional enhancements on a few of the individual baseline controls Developed with a potential to step up to meet Public Sector accreditation requirements

3 Scope Applies to health, public health & social care organisations in England Under the 2012 Health Act, organisations must have “due regard” for standard Standard covers email services for personal and sensitive data only

4 The Specification The Secure email standard is available at: http://www.isb.nhs.uk/documents/isb-1596/amd-34-2012http://www.isb.nhs.uk/documents/isb-1596/amd-34-2012 Contains: –The Information Standards Notice –The Specification –The Baseline Control Set

5 Principles Aligned to ISO 27001 Independent accreditation Supports insourced and outsourced systems Organisation compliance System/Service provider compliance Clinical safety approval for the email service Organisations with Public Sector (HMG) certification do not need to accredit to this standard as well

6 Health & Care Conformance Evidence of a security risk assessment for the email service i.e. to consider whether is contains personal & sensitive data or not One of either the Information Governance Toolkit (IGT) / Public Services Network (PSN) Code of Connection or an Information Security Management System (ISMS) conforming to ISO 27001 Published policies and procedures for the use of secure email using mobile devices Evidence provided by the email service provider that they have met this standard. Clinical safety approval for the email service Published policies for the use of email with insecure systems

7 Interoperability - How it will work Secure email will communicate via the Government Secure Intranet (GSi) / PSN infrastructure All email services will need to conform to pan- government standards The HSCIC will create and administer 3 domains: –@orgname.nhs.net / @nhs.net – NHSmail –@orgname.secure.nhs.uk – Secure NHS systems –TBC – Secure care systems

8 IT Services that meet the Standard Health and Social Care using –.nhs.net - NHSmail Local Government / Social Services –.gcsx.gov.uk Central Government –.gsi.gov.uk,.gse.gov.uk, gsx.gov.uk Criminal and Justice –.cjsm.net,.scn.gov.uk,.pnn.police.uk Military –.mod.uk http://systems.hscic.gov.uk/nhsmail/secure

9 Next Steps Determine if your email service contains personal or sensitive data Register with nhs-mail2@nhs.net so we can include you in future targeted updatesnhs-mail2@nhs.net Seek evidence of conformance to health & care requirements Ensure email service conforms to supplier aspects of standards. If you host your own email you are the supplier Self-certify conformance. Good practice is to publish this, as with NHSmail: ( http://systems.hscic.gov.uk/nhsmail/emailstandards). http://systems.hscic.gov.uk/nhsmail/emailstandards

Download ppt "Secure Email Standard Introduction for Health and Social Care Organisations 09 June 2014 Clive Star 1."

Similar presentations

Www.e-envoy.gov.uk Interoperability at the Pan-European Level John Borras Assistant Director Technology Policy.

Interoperability at the Pan-European Level John Borras Assistant Director Technology Policy.
DIP Futures Project and Police & Crime Commissioners West Midlands DIP Clinic 13 June 2012 Richard Jolley Reducing Reoffending Unit Home Office.

DIP Futures Project and Police & Crime Commissioners West Midlands DIP Clinic 13 June 2012 Richard Jolley Reducing Reoffending Unit Home Office.
Jeff Wallbank KPSN Partnership Development Manager How will the PSN change the shape of the Public Sector and the ways in which it delivers services.

Jeff Wallbank KPSN Partnership Development Manager How will the PSN change the shape of the Public Sector and the ways in which it delivers services.
Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.

Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.
Corporate Records Management (Practitioner) Information Governance Policy Team NHS Connecting for Health.

Corporate Records Management (Practitioner) Information Governance Policy Team NHS Connecting for Health.
Regional DNACPR Policy Steve Barnard, Head of Clinical Governance, North West Ambulance Service NHS Trust

Regional DNACPR Policy Steve Barnard, Head of Clinical Governance, North West Ambulance Service NHS Trust
Secure Email Standard Introduction for IT Suppliers 09 June 2014 Clive Star 1.

Secure Standard Introduction for IT Suppliers 09 June 2014 Clive Star 1.
The EU self-regulation of online behavioural advertising May 2014.

The EU self-regulation of online behavioural advertising May 2014.
Presentation by Rachel Su’a

Presentation by Rachel Su’a
Regulators’ Code July 2014. Regulators’ Code A statutory Code Came into effect in April 2014, replacing the Regulators’ Compliance Code All local authorities.

Regulators’ Code July Regulators’ Code A statutory Code Came into effect in April 2014, replacing the Regulators’ Compliance Code All local authorities.
Common Assessment Framework for Adults Demonstrator Site Programme Event to Support Expressions of Interest.

Common Assessment Framework for Adults Demonstrator Site Programme Event to Support Expressions of Interest.
Corporate Records Management (Practitioner) Information Governance Policy Team NHS Connecting for Health.

Corporate Records Management (Practitioner) Information Governance Policy Team NHS Connecting for Health.
Data linking – Project update 15 th May 2012 – Homecare & SDS event Atlantic Quay Ellen Lynch & Euan Patterson.

Data linking – Project update 15 th May 2012 – Homecare & SDS event Atlantic Quay Ellen Lynch & Euan Patterson.
National Patient Safety Alerting System (NPSAS) Patient Safety Domain NHS England Publications Gateway Ref No. 01127.

National Patient Safety Alerting System (NPSAS) Patient Safety Domain NHS England Publications Gateway Ref No
Slides to accompany the Adult Social Care Letter on National Data Collections to Local Authorities March 2014 1 Developed by the HSCIC / ZBR communications.

Slides to accompany the Adult Social Care Letter on National Data Collections to Local Authorities March Developed by the HSCIC / ZBR communications.
Cyber Security & Critical Controls Chris Few Industry Enabling Services CESG February 2011 © Crown Copyright. All rights reserved.

Cyber Security & Critical Controls Chris Few Industry Enabling Services CESG February 2011 © Crown Copyright. All rights reserved.
Review of Public Health in Scotland Heather Cowan Policy Lead Scottish Government.

Review of Public Health in Scotland Heather Cowan Policy Lead Scottish Government.
NHS European Office Accessing EU structural funding Michael Wood, European Policy Manager 14 th August.

NHS European Office Accessing EU structural funding Michael Wood, European Policy Manager 14 th August.
Prepared and presented by Paul French AJA Registrars Operations Director AJA are a multi-accredited International Certification Body based in Portishead.

Prepared and presented by Paul French AJA Registrars Operations Director AJA are a multi-accredited International Certification Body based in Portishead.
Www.england.nhs.uk Assuring Transformation Section 251s Process overviews 6-Nov-14.

Assuring Transformation Section 251s Process overviews 6-Nov-14.

Similar presentations

Ads by Google