The NHS was affected by a cyber attack in May 2017, known as WannaCry, with at least 80 NHS trusts and a further 603 primary care and other organisations infected – a reminder of the vulnerability of inadequately updated IT systems, which can directly impact patient care.
It’s critical that the health and care system acts to minimise the impact on essential front-line services.
The Data Security Centre works to ensure that patient data and information is stored in systems that are safe and secure. We do this by providing services, guidance and support to health and care organisations.
- monitor security threats to IT systems and networks and help organisations respond to these threats, through defence and incident management
- provide the national response to system-wide security incidents
- offer information security consultancy and help with security issues in system design and development
- set and review standards on IT security for the health and care sector
- provide guidance and advice for people working in health and care
- are revising and developing a selection of services following the government response to the review of data-security, consent and opt-outs by National Data Guardian Dame Fiona Caldicott
The Data Security Centre is not a regulator. Instead, we act as an enabler, assisting (rather than policing) leaders and employees across the system to deliver better data security within their health and care organisations.