Data and cyber security: protecting information and data in health and care


Our Data Security Centre supports health and care to keep patient information and computer systems safe.

Top Tasks

View the latest cyber and data security policy and good practice guidance from NHS Digital's data security centre.

Sign up for security threat bulletins and emergency notifications.

Go to the CareCERT information sharing portal (requires N3 connection) to see previous threat bulletins and emergency notifications.

Our Data Security Centre works to make sure patient data and information is used securely and safely, through the services, guidance and support we give to health and care organisations. We:

  • monitor security threats to IT systems and networks and help organisations respond to these threats, through defence and incident management
  • provide the national response to system-wide security incidents, such as the cyber attack on 12 May 2017
  • offer information security consultancy and help with security issues in system design and development
  • set and review standards on IT security for the health and care sector
  • provide guidance and advice for people working in health and care
  • are revising and developing a selection of services following the Government Response to the review of data-security, consent and opt-outs by National Data Guardian Dame Fiona Caldicott

Data Security Centre: live reporting on cyber security threats in health and care

We monitor intelligence on threats and security incidents and assess how they might affect health and care. We help health and care organisations respond to cyber attacks quickly and effectively to minimise impact. Severe threat notifications and recommended actions are sent out to our 10,000+ contacts immediately. Medium severity threat notifications are sent out in a weekly bulletin. All threats are published on our information sharing portal.

Sign up to get updates from NHS Digital on the latest cyber security threats

Guidance and good practice for IT security in health and care

We provide cyber and data security policy and good practice guidance for IT in health and care. We set and review standards for health and care on specialist subjects like:

Further information