Working with partners such as the Department of Health and Social Care, NHSX and the National Cyber Security Centre, we offer health and care cyber security support and advice and guidance to the whole system, delivered through a range of centrally-funded products and services.
In doing so the NHS can remain focused on day-to-day, local operational and clinical priorities and provide safe, effective and efficient patient care.
The Data Security Centre
Cyber threats are constantly evolving and always present, so digital health and care organisations must remain prepared and ready to respond. We provide a range of specialist services that help health and care organisations manage cyber risk and to recover in the event of an incident.
The NHS was affected by a cyber attack in May 2017, known as WannaCry, with at least 80 NHS trusts and a further 603 primary care and other organisations infected – a reminder of the vulnerability of inadequately updated IT systems, which can directly impact patient care.
It’s critical that the health and care system acts to minimise the impact on essential front-line services.
The Data Security Centre works to ensure that patient data and information is stored in systems that are safe and secure. We do this by providing services, guidance and support to health and care organisations.
We also:
- Monitor security threats to IT systems and networks and help organisations respond to these threats, through defence and incident management
- Provide the national response to system-wide security incidents
- Offer information security consultancy and help with security issues in system design and development
- Set and review standards on IT security for the health and care sector
- Provide guidance and advice for people working in health and care
- are revising and developing a selection of services following the government response to the review of data-security, consent and opt-outs by National Data Guardian Dame Fiona Caldicott
The Data Security Centre is not a regulator. Instead, we act as an enabler, assisting (rather than policing) leaders and employees across the system to deliver better data security within their health and care organisations.