The government has agreed the 10 data security standards, which are on page 53, and has slightly amended standard 6 on cyber security to strengthen it further. The full implementation plan is on page 65.
NHS England has ensured that the 10 data security standards are reflected as requirements for the NHS standard contract and General Medical Services (GMS) Contract General Medical Services (GMS) Contract requirement, which came into force in April 2017. The CQC consultation on new inspection frameworks for GPs and adult social care is open until 8 August 2017 and the frameworks are planned to be published later in the year. Read the current CQC frameworks.
To build local performance and boost capability, NHS Digital has established the Data Security Centre which provides a number of services including CareCERT, supporting health and care organisations to secure their own cyber resilience and respond to cyber incidents.
NHS Digital has already produced and is testing the alpha version of the redesigned Information Governance Toolkit, as recommended by the NDG and CQC reviews. It is centred on assuring local implementation of the NDG's 10 data security standards. The new Information Governance Toolkit will be in place by April 2018 and will incentivise organisations to report near misses. If you want to be kept informed of progress on the redesigned IG Toolkit, email firstname.lastname@example.org.