What’s next.

Continued progress in reinventing the relationship between people and technology.

×

Five steps toward NHS cyber security compliance

There are a bewildering number of guidelines and rules when it comes to meeting NHS cyber security, safety, privacy and risk management for any organisation working in the UK healthcare sector. For example, the documentation alone required to set up as a software vendor to the NHS can be daunting. Depending on the size of your company and the resources available to you, some of these certifications may seem too complex to put in place. However, if you take them one at a time, getting the right certifications is important and will pay off in the long run. Here are my top five tips for healthcare software providers:

By
Black key locked in to represent NHS cyber security compliance

1. Start as you mean to go on

Make sure you have clear company policy documents covering staff and employment practice, and that you can prove that the policies are working – this gets more important as you ascend the heights of Information Governance (IG) compliance.

2. Get the basics right

Register with the Information Commissioners Office where there is lots of information helping you get your GDPR and Data Processing agreements and policies in place. It is important to conduct Privacy Impact Assessments for your software externally and your processes internally. Make sure your staff are regularly trained on Information Governance and you can prove it. Also make sure you are registered on the Organisation Data Service with your primary contracting entity. It is also a good idea to sign up for Cyber Essentials (Plus)

3. Make sure you comply with DCB0129

This lesser known guideline kicks in when you start processing patient data, or you are involved in decision support or telehealth. This involves performing Clinical Risk Management on all changes and new features in your software. It is a development task resulting in a Safety Case document showing the risk analysis before and after changes and should be released in line with your regular release notes.

4. Comply with Data Security and Protection Toolkit

Complying a data security and protection toolkit is a more involved process and one which starts you on the road to having ISO27001. This online questionnaire requires you to evidence all processes and procedures relating to Data Security and protection. If you have done the above properly then you should have these processes in place such as internal governance policies, staff contracts and training and physical and cyber security. Most NHS Trusts will require this as the basic standard for working with patient data.

5. Meet ISO27001

This usually satisfies most security related queried from the NHS. Depending on how organised you have been in the previous sections this could be a relatively simple certification. Alternatively, it can be a time consuming task if you are a large, disparate organisation. Scope here is everything – define this well and save lots of time. In my experience it is easier for smaller companies to achieve this if they have the processes in place already and it is economically viable. This is especially relevant if you are hosting a solution into the NHS or if you provide services from abroad. You must be externally certified for all related processes and IG policies as well as security management systems, physical security, business continuity, incident reporting and so on. My advice is to create a definitive security document encompassing all the certifications here for each client. They will never doubt your security again.

Read full article

More from the editor

Dragon speech recognition has a long and distinguished history
Dragon speech recognition has a long and distinguished history
How much security do health IT vendors really need?
The 2040 vision needs a data revolution driven by better recording of clinical information
A fraud prevention success story from Royal Bank of Scotland
The winning proof of digital transformation
Why agent satisfaction is the new KPI contact centers should pay attention to
How AI can give a new dimension to the patient-doctor relationship
How clinical speech recognition technology delivers on the plan
Practical steps and best practices based on the experiences of leading organisations
Finding a voice for your brand that builds credibility and trust with your customers
From Nuance Healthcare International CCIO Simon Wallace
2019 is the year we’ll start to see a lot of the AI startups fade away.
With Nuance acquisition of Winscribe and introduction of new transcription services
And the role technology has in helping them overcome these
With secure, cloud-based clinical speech recognition
Driven by consumerism and unrelenting pressures on NHS resources
Demand for cloud-based, AI-powered clinical documentation platforms is growing globally
Results of a study at South Tees Hospitals NHS Foundation Trust
The growing importance of mobile and cloud solutions in healthcare
Three fundamental considerations to reap the long-term benefits
How clinical speech recognition supports clinicians on-the-go
Change management, training and the new wave of millennials are keys to success
Using conversational AI to solve problems worth saving
Not all PDF software license models are created equal.
Artificial intelligence (AI) shows hope for powering new models of care
Diagnostic mammograms and other sophisticated AI-powered imaging options offer life-saving
With mounting pressures, radiologists need better diagnostic solutions to meet their needs
Results-driven radiology workflows means working the way radiologists do
Ensuring patient data confidentiality in health and social care with GDPR
Dragon speech recognition has a long and distinguished history
Male doctor pointing at different medical features
The 2040 vision needs a data revolution driven by better recording of clinical information
The winning proof of digital transformation
How clinical speech recognition technology delivers on the plan
UK health tech predictions 2019
From Nuance Healthcare International CCIO Simon Wallace
The important role of allied health professionals in documenting patient care
And the role technology has in helping them overcome these
Demand for cloud-based, AI-powered clinical documentation platforms is growing globally
Three fundamental considerations to reap the long-term benefits
Millennials-will-drive-inevitable-adoption-of-speech-recognition-in-nhs
Change management, training and the new wave of millennials are keys to success
Using conversational AI to solve problems worth saving
radiology
Results-driven radiology workflows means working the way radiologists do
Dragon speech recognition has a long and distinguished history
Learn how RBS works with Nuance to prevent fraud in their contact centers.
A fraud prevention success story from Royal Bank of Scotland
Why agent satisfaction is the new KPI contact centers should pay attention to
fraud prevention
Practical steps and best practices based on the experiences of leading organisations
Nuance shares 2019 technology predictions
2019 is the year we’ll start to see a lot of the AI startups fade away.
With secure, cloud-based clinical speech recognition
Results of a study at South Tees Hospitals NHS Foundation Trust
two business men working together in front of a laptop, discussing workplace productivity
Not all PDF software license models are created equal.
Diagnostic mammograms and other sophisticated AI-powered imaging options offer life-saving
gdpr in healthcare
Ensuring patient data confidentiality in health and social care with GDPR
Black key locked in to represent NHS cyber security compliance
How much security do health IT vendors really need?
Male nurse and boy using stethoscope
How AI can give a new dimension to the patient-doctor relationship
trusting brand voice with customer experience
Finding a voice for your brand that builds credibility and trust with your customers
With Nuance acquisition of Winscribe and introduction of new transcription services
Speedy-technology-adoption-in-healthcare-depends-on-people-and-process
Driven by consumerism and unrelenting pressures on NHS resources
doctor-examining-results-via-mobile
The growing importance of mobile and cloud solutions in healthcare
Case study describing how clinical speech recognition supports mobile health workforce in community and mental health
How clinical speech recognition supports clinicians on-the-go
Artificial intelligence (AI) shows hope for powering new models of care
With mounting pressures, radiologists need better diagnostic solutions to meet their needs
Show more articles