Directions given by the Secretary of State requiring the Health and Social Care Information Centre, now known as NHS Digital, to create the Data Security Centre to support health and care organisations to be more cyber resilient and respond to incidents promptly when they happen, working with the National Cyber Security Centre.
The purpose of these Directions is to enable NHS Digital to collect and analyse information to the extent necessary for it to provide services and support that assist the health and social care sector to achieve the following security principles:
manage security risk
protect against cyber-attacks
detect cyber security incidents
minimise the impact of cyber security incidents
254(1) and (6), section 260(2)(d), section 261(2)(e), section 262(3)(a) and sections 304(9), (10) and (12) of the Health and Social Care Act 2012 and Regulation 32 of the National Institute for Health and Care Excellence (Constitution and Functions) and the Health and Social Care Information Centre (Functions) Regulations 2013).