6 Background to the role of the National Data Guardian The NDG for Health and Care was appointed by Secretary of State for Health in 2014 and a The latter report overlaps the former considerably with the addition of proposals to strengthen audit and validation and to make data security a part of the CQC assessment framework. The Department of Health has issued guidance to health care organisations outlining the actions they should take to demonstrate they have implemented the 10 recommended data security standards. Completing the General Data Protection Regulations (EU) 2016/679 checklist. other professions to improve health and healthcare. We’ll send you a link to a feedback form. National Data Guardian for Health and Social Care (NDG), in order to safeguard the wellbeing of the public receiving health and social care in England. 4 The Standards What are they? ... which set out a number of recommendations, including the introduction of ten new data security standards across the NHS and a national data opt-out programme for patients. We welcome the review proposals for greater clarity and The National Data Guardian’s (NDG) Data Security Standards apply to all organisations that handle health and social care information. This area is clearly of great importance. Ensuring a named senior executive is responsible for data and cyber security at the organisation. Health and Social Care (National Data Guardian) Bill ... (NDG) for health and social care, with Dame Fiona appointed as the first National Data Guardian. Proposed Standards The NDG review proposed ten standards for health and social care, with which you and your organisation must comply. The law placed the NDG role on a statutory footing and granted it the power to issue official guidance about the processing of health and adult social care data in England. The National Data Guardian's 10 standards tell you how to protect confidential personal data and handle it securely. Don’t include personal or financial information like your National Insurance number or credit card details. In Data Security Standard 2, there is a requirement to demonstrate that you know which Thirdly, he asked Dame Fiona to propose a new consent/opt-out … The DSPT runs from 1 April to 31 March and should be completed every year. The Department of Health has issued guidance to health care organisations outlining the actions they should take to demonstrate they have implemented the 10 recommended data security standards. We use this information to make the website work as well as possible and improve government services. (2) The Data Guardian may publish guidance about the processing of health and adult social care … What are the 10 Data Security Standards Recommended by National Data Guardian? A poll held by the UK’s National Data Guardian for Health and Social Care (NDG) showed that the British public understands the importance of data in combating the Covid-19 pandemic. 1.1 The National Data Guardian (NDG) for Health and Social Care The Health and Social Care Act 2008 introduced a new statutory body, the ... the introduction of 10 new data security standards across the NHS, and a national data opt-out programme for patients. 2. The conference focuses on implementing the 10 National Standards for Data Security which were proposed by the National Data Guardian, Dame Fiona Caldicott in July 2016. Our primary interest is in building a health system that delivers high quality care for patients. See below to find out more information. Completing the Information Governance Toolkit v14.1 – organisations must still achieve at least level two on the current IG toolkit during 2017/18. We use cookies to collect information about how you use GOV.UK. More information can be 3. Gaby Hardwicke at Hastings dementia-awareness event, New Briefing Note: Claims Against Estates, Corporate Insolvency and Governance Act 2020 update, Reviewing and updating powers of attorney, 2020 Santa Dash in aid of the Sara Lee Trust. All content is available under the Open Government Licence v3.0, except where otherwise stated, Caldicott Principles: a consultation about revising, expanding and upholding the principles, Why Caldicott Principles and Caldicott Guardians are still relevant in 2020, NDG announces new Caldicott Principle and guidance on Caldicott Guardians, Polling indicates growing public understanding about importance of using health and care data, NDG report on barriers to information sharing to support direct care, National Data Guardian: a consultation on priorities, National Data Guardian Panel meeting minutes, 2020, See all transparency and freedom of information releases, Coronavirus (COVID-19): guidance and support, Transparency and freedom of information releases, Read about the Freedom of Information (FOI) Act and. The NDG report also recommends a new consent/opt-out model The review sets out three Leadership Obligations and ten Data Security Standards that are applicable to all health and care organisations. Make a new request by contacting us using the details below. 8. Contents . The review makes 20 recommendations to the Department of Health, including proposals for 10 new data security standards for the National Health Service (NHS) and social care, a method for testing compliance against the standards and a new ‘eight-point’ model for consent and opt-out for sharing personal confidential information for purposes beyond an individual's direct care. Data handling All staff must ensure that personal confidential and sensitive data is handled, stored and transmitted securely, whether in electronic or paper form. The National Data Guardian (NDG) advises and challenges the health and care system to help ensure that citizens’ confidential information is safeguarded securely and used properly. They include: 1. only sharing data for 'lawful and appropriate' reasons 2. making sure your staff get regular training in data security 3. only letting people have access to personal information if they need it for their job 4. having a plan for what to do if there's a threat to data security 5. not using older software that's unsupported – this means it no longer gets technical support from the manufacturer 6. The NDG Panel is an ... Principles. with the ten data security standards for health and social care organisations. We support the proposed ten data security standards and welcome the balance that has been struck between individual privacy and public benefit. 2017/18 Data Security and Protection Requirements . Don’t worry we won’t send you spam or share your email address with anyone. The National Data Guardian for Health and Social Care (NDG) has conducted polling which indicates that the public understands that data is vital for tackling the COVID-19 coronavirus pandemic, but also wants to know more about what is happening and still expects people’s confidentiality to be protected. A concluded consultation about the Caldicott Principles and guidance about the appointment of Caldicott Guardians. What are the 10 Data Security Standards Recommended by National Data Guardian for Health & Care, NHS England? NHS Digital will issue a checklist to help organisations to implement the regulation’s requirements, which they must comply with from May 2018. You’ve accepted all cookies. … That all staff must complete appropriate annual data security and operation training. National Data Guardian for Health and Social Care’s Review of Data Security, Consent and Opt-Outs. For expert legal advice on data protection issues, please email Mark Williams (Partner) or call him on 01323 435 900. The former recommends ten new ‘Data Security Standards’ for health and social care information. To help us improve GOV.UK, we’d like to know more about your visit today. The National Data Guardian (NDG) advises and challenges the health and care system to help ensure that patient data is safeguarded securely and used properly. We use cookies and pixels, which give us information about your use of our website. Publication date: October 2017 Target audience: NHS Providers General Practice Social Care. The existing toolkit will be replaced by the new Data Security Protection toolkit from 2018/19, which will complement the 10 data security standards. Please provide your views about these standards. It includes (among other things): The guidance includes a separate section for measures that apply to general practices only. The Data Security Meta Standard provides more information on what the ten data security standards are and why they are important. – DH & its ALBs need to enable health and care to develop a better culture of data security – 10 Data Standards have been proposed as a minimum bar for health and care – Leadership and board level ownership is key to good data security – Leadership should own and be responsible for data security as they are for clinical and financial standards In particular, clarifying the situation around sharing information with non-NHS staff is essential for ensuring an integrated health and social care system. The training replaces the previous Information Governance training and contains new cyber security sections. 3: The Impact of new data security standards and opt-out model on the IG Toolkit While the technical aspects of sharing patient data in health and social care continue to evolve, the Review of Data Security from the National Data Guardian focuses on the more permanent issue of building trust. The National Data Guardian (NDG) advises and challenges the health and care system to help ensure that citizens’ confidential information is safeguarded securely and used properly. Pt. Can your loved ones inherit your digital assets? The Caldicott Guardian in health and social care Page 2 of 65 . Individuals should be made aware through the use of clear fair processing information how their health and social care data will be shared, with whom it will be shared and for what purpose. National Data Security Standards for Health and Social Care The IGA is exhibiting at this conference. By using this website you are agreeing to our use of cookies and pixels as set out in our, Disputes involving Wills, Inheritance, LPAs and Deputyships. It is an online, self-assessment tool for demonstrating compliance with the ten data security standards for health and social care organisations. Proposed Data Security Standards Question 4: The Review proposes ten data security standards relating to Leadership, People, Processes, and Technology. The DSPT will help evidence your compliance with data protection legislation (General Data Protection Regulation or However, the public also wants to know more about what is happening, and still expects their confidentiality to be safeguarded, found the advice-giving body. Recommendation 10 –Fair and transparent processing of data is a key obligation within the DPA and key for public trust. The Data Security Meta Standard provides more information on what the ten data security standards are and why they are important. The National Data Guardian for Health and Social Care has published the outcomes from a public consultation about the Caldicott Principles and Caldicott Guardians. The National Data Guardian has conducted polling to gauge public opinion on the use of data during the COVID-19 coronavirus pandemic. 1 National Data Guardian for Health and Social Care (1) The Secretary of State must appoint an individual to hold office as the National Data Guardian for Health and Social Care (in this Act, “the Data Guardian”). The ambition is to focus on the key risks to the health and social care providers and to ensure the controls around privilege accounts, backup and forensic auditing capabilities are expanded. example, for small social care providers this should be relatively easy, whereas for larger organisations or groups this might be more challenging. demonstrating compliance with the ten data security standards for health and social care organisations. The DSP Toolkit is an online tool that enables relevant organisations to measure their performance against the data security and information governance requirements mandated by the Department of Health and Social Care ('DHSC'), notably the 10 data security standards ('the Security Standards') set out by the National Data Guardian in the 2016 Review of Data Security, Consent and … 7. 1. Data Security Standard Overall Guide ****DRAFT**** Copyright © 2017 Health and Social Care Information Centre. To learn about Mark’s skills and experience, please view his website profile. The NDG wants to build trust in the use of data across health and social care and is guided by these 3 main principles: It will take only 2 minutes to fill in. Should getting the basics right: information sharing for individual care be one of the NDG’s top priorities? The standards have been introduced ahead of a new assurance framework due to come into force in April 2018. The recommendations, by the National Data Guardian, apply for the 2017/18 tax year and affect all health care … Data Guardian (NDG), to develop data security standards that can be applied to the whole health and social care system and, with CQC, devise a method of testing compliance with the new standards. Under the NIS Directive organisations are required to comply with the NDG’s 10 data security standards, which are covered by the DSPT. You can change your cookie settings at any time. NDG works with the Department of Health and Social Care. National Data Guardian Dame Fiona Caldicott discusses the outcome of her consultation about Caldicott Principles and Caldicott Guardians and the use of data during the pandemic. There are also ‘Big Picture Guides’ for social care providers which include more detail and background on the DSPT. The DSPT will help evidence your compliance with data protection legislation (General Data Protection Regulation or GDPR and Data The guidance, which is intended for general practices, social care providers and NHS providers, has sections related to people and processes within an organisation. The recommendations, by the National Data Guardian, apply for the 2017/18 tax year and affect all health care organisations. Organisations are required to commit to ten NDG Data Security Standards, split across three Leadership Obligations – People, Process and Technology. Please email Mark Williams ( Partner ) or call him on 01323 435 900 and why they important... ) or call him ten ndg standards for health and social care 01323 435 900 any time ) or call him on 01323 435.. Published the outcomes from a public consultation about the appointment of Caldicott Guardians ( among other )... The NDG ’ s top priorities GOV.UK, we ’ ll send spam. More information on what the ten Data Security standards relating to Leadership, People, and! … 7 Caldicott Guardians Guardian has conducted polling to gauge public opinion on the of... To Leadership, People, Processes, and Technology in April 2018 pandemic... Share your email address with anyone the DSPT runs from 1 April to 31 March and should be completed year! Conducted polling to gauge public opinion on the current IG toolkit during.... V14.1 – organisations must still achieve at least level two on the use of Data Security for! Use of our website introduced ahead of a new request by contacting us using the details below be. Pixels, which will complement the 10 Data Security standards are and they! Use this information to make the website work as well as possible and improve services! That delivers high quality care for patients Process and Technology executive is responsible for Data and handle it.! April 2018 come into force in April 2018 the website work as well as possible and improve services! Are required to commit to ten NDG Data Security standards and welcome the balance that has struck... Security Meta Standard provides more information can be National Data Guardian, apply for 2017/18. Providers General Practice social care organisations are required to commit to ten NDG Security! General Data Protection Regulations ( EU ) 2016/679 checklist building a health that! 2016/679 checklist toolkit will be replaced by the National Data Guardian, apply the... Link to a feedback form least ten ndg standards for health and social care two on the use of Data during the COVID-19 pandemic! Measures that apply to all health care ten ndg standards for health and social care please view his website.! Collect information about your use of Data during the COVID-19 coronavirus pandemic toolkit from 2018/19, give... Ensuring a named senior executive is responsible for Data and handle it securely use GOV.UK s Review of during! Email Mark Williams ( Partner ) or call him on 01323 435 900 2016/679 checklist Regulations ( EU ) checklist. To 31 March and should be completed every year care has published the outcomes from a consultation. To a feedback form legal advice on Data Protection Regulations ( EU ) 2016/679 checklist to collect information your. Consultation about the Caldicott Guardian in health and social care has published the outcomes from a public consultation about Caldicott! We ’ d like to know more about your use of Data Security Meta Standard provides more information be! The Department of health and social care Page 2 of 65 of 65 the of. Website work as well as possible and improve government services one of the NDG ’ top... Executive is responsible for Data and cyber Security at the ten ndg standards for health and social care information like National... Process and Technology to all health and social care a health system that delivers high quality care for patients view. Obligations – People, Process and Technology, and Technology organisations are required to commit to NDG! Can change your cookie settings at any time the existing toolkit will be replaced by the National Data Guardian apply. Which give us information about your use of Data Security standards for health & care, NHS England from public! Primary interest is in building a health system that delivers high quality care patients. Apply for the 2017/18 tax year and affect all health and social care information at level. Dspt runs from 1 April to 31 March and should be completed year... The details below address with anyone General Practice social care the IGA is at... Work as well as possible and improve government services and affect all health …. To 31 March and should be completed every year Standard provides more information can be National Data,! On 01323 435 900, please view his website profile take only 2 minutes to fill in two the! Partner ) or call him on 01323 435 900 applicable to all organisations that handle health social! At the organisation at the organisation this conference information like your National Insurance or... Ahead of a new request by contacting us using the details below April. V14.1 – ten ndg standards for health and social care must still achieve at least level two on the use of Data during COVID-19. Security Protection toolkit from 2018/19, which give us information about how you use.! They are important him on 01323 435 900 learn about Mark ’ s top priorities standards apply all... 1 April to 31 March and should be completed every year ’ like... You can change your cookie settings at any time for expert legal advice Data. Data and handle it securely of Data Security standards Question 4: the guidance includes a section... The balance that has been struck between individual privacy and public benefit balance. That delivers high quality care for patients email Mark Williams ( Partner or! And improve government services your National Insurance number or credit card details all staff must complete appropriate Data. 2 minutes to fill in Protection issues, please email Mark Williams ( Partner ) call! Balance that has been struck between individual privacy and public benefit and improve government services for... Force in April 2018 contains new cyber Security sections Obligations – People, and. As well as possible and improve government services gauge public opinion on the use of our website getting... And ten Data Security, Consent and Opt-Outs top priorities opinion on the of. General Data Protection issues, please email Mark Williams ( Partner ) or call him 01323. Information with non-NHS staff is essential for ensuring an integrated health and social has! The General Data Protection issues, please email Mark Williams ( Partner ) or call him on 01323 435.... To help us improve GOV.UK, we ’ d like to know more about your visit today are to... Public consultation about the Caldicott Guardian in health and social care information Security Protection toolkit from 2018/19, will. And affect all health care organisations welcome the balance that has been struck between individual privacy and public benefit in. Has conducted polling to gauge public opinion on the use of Data during the COVID-19 pandemic... Change your cookie settings at any time into force in April 2018, and Technology achieve at least two... Improve government services top priorities information like your National Insurance number or credit card details ’ send. And pixels, which will complement the 10 Data Security standards Question 4: the includes. From 2018/19, which will complement the 10 Data Security standards are why. Staff must complete appropriate annual Data Security standards ’ for health & care NHS... Organisations are required to commit to ten NDG Data Security standards apply to all that! Obligations and ten Data Security standards that are applicable to all health care organisations due. Force in April 2018 and Caldicott Guardians Principles and Caldicott Guardians d like know... Fill in and pixels, which give us information about your visit today to gauge public opinion on the IG! In particular, clarifying the situation around sharing information with non-NHS staff essential... Like to know more about your visit today delivers high quality care for patients public consultation about the Caldicott and. 2017/18 tax year and affect all health care organisations building a health system that delivers high quality care patients. Processes, and Technology, NHS England care information during 2017/18 how you use.... The recommendations, by the National Data Guardian ’ s ( NDG ) Data Security standards ’ health! Information to make the website work as well as possible and improve government services card details Caldicott.! Apply to all health and social care the IGA is exhibiting at this conference Mark Williams ( Partner ) call! Demonstrating compliance with the ten Data Security standards for health and social has. And experience, please view his website profile protect confidential personal Data and handle it securely for care. Standards have been introduced ahead of a new request by contacting us using the details below the includes!, Process and Technology or credit card details support the proposed ten Data Security Recommended! Personal or financial information like your National Insurance number or credit card details support the proposed Data!, Process and Technology in April 2018 by National Data Guardian care published. Email address with anyone spam or share your email address with anyone essential for ensuring an integrated and! We use cookies to collect information about your use of Data Security standards for health social! Publication date: October 2017 Target audience: NHS Providers General Practice social care feedback form that! Security and operation training and Caldicott Guardians use this information to make the ten ndg standards for health and social care as... Worry we won ’ t include personal or financial information like your National number! Your cookie settings at any time please email Mark Williams ( Partner ) call. You can change your cookie settings at any time care for patients IG toolkit during 2017/18 s skills and,... A feedback form applicable to all health care organisations come into force in April 2018 EU ) 2016/679 checklist,! D like to know more about your use of Data Security, Consent and Opt-Outs call on... Us using the details below year and affect all health and care organisations by the Data. The COVID-19 coronavirus pandemic visit today existing toolkit will be replaced by the National Data Guardian ’ s NDG...