What’s next:
Healthcare

×

Five steps toward NHS cyber security compliance

There are a bewildering number of guidelines and rules when it comes to meeting NHS cyber security, safety, privacy and risk management for any organisation working in the UK healthcare sector. For example, the documentation alone required to set up as a software vendor to the NHS can be daunting. Depending on the size of your company and the resources available to you, some of these certifications may seem too complex to put in place. However, if you take them one at a time, getting the right certifications is important and will pay off in the long run. Here are my top five tips for healthcare software providers:

By
Black key locked in to represent NHS cyber security compliance

1. Start as you mean to go on

Make sure you have clear company policy documents covering staff and employment practice, and that you can prove that the policies are working – this gets more important as you ascend the heights of Information Governance (IG) compliance.

2. Get the basics right

Register with the Information Commissioners Office where there is lots of information helping you get your GDPR and Data Processing agreements and policies in place. It is important to conduct Privacy Impact Assessments for your software externally and your processes internally. Make sure your staff are regularly trained on Information Governance and you can prove it. Also make sure you are registered on the Organisation Data Service with your primary contracting entity. It is also a good idea to sign up for Cyber Essentials (Plus)

3. Make sure you comply with DCB0129

This lesser known guideline kicks in when you start processing patient data, or you are involved in decision support or telehealth. This involves performing Clinical Risk Management on all changes and new features in your software. It is a development task resulting in a Safety Case document showing the risk analysis before and after changes and should be released in line with your regular release notes.

4. Comply with Data Security and Protection Toolkit

Complying a data security and protection toolkit is a more involved process and one which starts you on the road to having ISO27001. This online questionnaire requires you to evidence all processes and procedures relating to Data Security and protection. If you have done the above properly then you should have these processes in place such as internal governance policies, staff contracts and training and physical and cyber security. Most NHS Trusts will require this as the basic standard for working with patient data.

5. Meet ISO27001

This usually satisfies most security related queried from the NHS. Depending on how organised you have been in the previous sections this could be a relatively simple certification. Alternatively, it can be a time consuming task if you are a large, disparate organisation. Scope here is everything – define this well and save lots of time. In my experience it is easier for smaller companies to achieve this if they have the processes in place already and it is economically viable. This is especially relevant if you are hosting a solution into the NHS or if you provide services from abroad. You must be externally certified for all related processes and IG policies as well as security management systems, physical security, business continuity, incident reporting and so on. My advice is to create a definitive security document encompassing all the certifications here for each client. They will never doubt your security again.

Read full article

More from the editor

The 2040 vision needs a data revolution driven by better recording of clinical information
How AI can give a new dimension to the patient-doctor relationship
How clinical speech recognition technology delivers on the plan
From Nuance Healthcare International CCIO Simon Wallace
With Nuance acquisition of Winscribe and introduction of new transcription services
And the role technology has in helping them overcome these
With secure, cloud-based clinical speech recognition
Driven by consumerism and unrelenting pressures on NHS resources
Demand for cloud-based, AI-powered clinical documentation platforms is growing globally
Results of a study at South Tees Hospitals NHS Foundation Trust
The growing importance of mobile and cloud solutions in healthcare
Three fundamental considerations to reap the long-term benefits
How clinical speech recognition supports clinicians on-the-go
Change management, training and the new wave of millennials are keys to success
Using conversational AI to solve problems worth saving
Artificial intelligence (AI) shows hope for powering new models of care
Diagnostic mammograms and other sophisticated AI-powered imaging options offer life-saving
With mounting pressures, radiologists need better diagnostic solutions to meet their needs
Results-driven radiology workflows means working the way radiologists do
Ensuring patient data confidentiality in health and social care with GDPR
Amplifying human intelligence is a huge key to improving the clinician experience
Learn how AI is ensuring that experiences between clinicians and patients remain personal
Discover how AI is expanding in the healthcare industry to cut costs and save time
What opportunities will arise from the NHS phased transition to SNOMED CT
The restorative power of artificial intelligence in healthcare
Learn about how AI is revolutionising decision-making processes in the healthcare industry
The transformative power of speech-to-text technology in the medical sector
Digitisation opens door to innovation and NHS transformation
CHIME survey uncovers CIO priorities and goals
How does AI in Dragon Medical speed clinical documentation for over-worked GPs?
Over 40 per cent of AHPs go home late due to patient record keeping demands
Start with improving the clinical documentation processes
Business leaders must recognize that cybercrime is now a day-to-day business reality
AHP services are undergoing major changes leading to improvements across healthcare
How nurses are re-imaging the challenge of clinical documentation?
Humans and AI are learning to complement each other
Radiologists will direct how best to incorporate and use AI in radiology
Moving from fiction to reality is the way to meet the clinical documentation challenge
Harnessing AI for improved patient care
Maximise clinician satisfaction and return on investment – fast
AI tops Gartner list of 2018 tech predictions
The RCGP says GPs spend too much time ticking boxes and completing documentation
Be a part of our research with PracticeBusiness
Where there’s a challenge, there’s often a solution
Make it quick and easy for clinicians to capture the patient story
Top tips for implementing speech recognition in busy pathology departments
Because the ‘patient powered decade’ is almost here
The Digital Health CCIO Summer School shows the role of data in the transformation journey
Data output and analysis is big up the to do list of healthcare.
Speech recognition is improving the productivity of pathologists in the NHS
The paperless NHS has led to a ‘digital mountain of documentation’
How the burden of good patient record keeping impacts on nurses.
Removing the dictation process ensures minimised report turnaround
The healthcare industry can be significantly improved by the power of emerging technologies
With more regulations and more data its time to address the digital dilemma in healthcare
Key trends at 2017 Nuance Healthcare Partner Event
Innovations in AI could help patients manage their health away from hospitals
Applying the lessons of usability of office technology to accelerate paperless NHS
How organisations meet compliance demands with smart technology
Male doctor pointing at different medical features
The 2040 vision needs a data revolution driven by better recording of clinical information
UK health tech predictions 2019
From Nuance Healthcare International CCIO Simon Wallace
With secure, cloud-based clinical speech recognition
Results of a study at South Tees Hospitals NHS Foundation Trust
Artificial intelligence (AI) shows hope for powering new models of care
With mounting pressures, radiologists need better diagnostic solutions to meet their needs
Amplifying human intelligence is a huge key to improving the clinician experience
What opportunities will arise from the NHS phased transition to SNOMED CT
Creating change with awareness, resilience, and strength
CHIME survey uncovers CIO priorities and goals
Use a solution to help clinicians enter data into the EPR without eating into their medical time.
Start with improving the clinical documentation processes
Nurses discuss what they need from technology to help them overcome challenges of clinical documentation
How nurses are re-imaging the challenge of clinical documentation?
Examples of clinical speech recognition to meet the challenges of clinical documentation in New Zealand
Moving from fiction to reality is the way to meet the clinical documentation challenge
panorama and sunset
AI tops Gartner list of 2018 tech predictions
patient and doctor smiling at a patient record
Where there’s a challenge, there’s often a solution
Speech recognition can ensure clinical data is recorded accurately and in a timely manner
Because the ‘patient powered decade’ is almost here
Male doctor pointing at different medical features
Speech recognition is improving the productivity of pathologists in the NHS
The impact of modern pathology on the patient care quality is not to be overlooked
Removing the dictation process ensures minimised report turnaround
UK health tech predictions 2019
Key trends at 2017 Nuance Healthcare Partner Event
doctor using mobile technology and thinking about multifunction printers
How organisations meet compliance demands with smart technology
Male nurse and boy using stethoscope
How AI can give a new dimension to the patient-doctor relationship
With Nuance acquisition of Winscribe and introduction of new transcription services
Speedy-technology-adoption-in-healthcare-depends-on-people-and-process
Driven by consumerism and unrelenting pressures on NHS resources
doctor-examining-results-via-mobile
The growing importance of mobile and cloud solutions in healthcare
Case study describing how clinical speech recognition supports mobile health workforce in community and mental health
How clinical speech recognition supports clinicians on-the-go
radiology
Results-driven radiology workflows means working the way radiologists do
Learn how AI is ensuring that experiences between clinicians and patients remain personal
The restorative power of artificial intelligence in healthcare
The transformative power of speech-to-text technology in the medical sector
How does AI in Dragon Medical speed clinical documentation for over-worked GPs?
Business leaders must recognize that cybercrime is now a day-to-day business reality
Granfather and his niece playing with a tablet which connects to artificial intelligence
Humans and AI are learning to complement each other
patient and doctor at the hospital
Harnessing AI for improved patient care
Male nurse and boy using stethoscope
The RCGP says GPs spend too much time ticking boxes and completing documentation
NHS Digital must do its homework on clinical documentation
Make it quick and easy for clinicians to capture the patient story
Digitising the NHS and role of data
The Digital Health CCIO Summer School shows the role of data in the transformation journey
Female nurse taking an old woman's blood pressure
The paperless NHS has led to a ‘digital mountain of documentation’
scientist using interactive board
The healthcare industry can be significantly improved by the power of emerging technologies
Young boy throwing a paper airplane
Innovations in AI could help patients manage their health away from hospitals
How clinical speech recognition technology delivers on the plan
The important role of allied health professionals in documenting patient care
And the role technology has in helping them overcome these
Demand for cloud-based, AI-powered clinical documentation platforms is growing globally
Three fundamental considerations to reap the long-term benefits
Millennials-will-drive-inevitable-adoption-of-speech-recognition-in-nhs
Change management, training and the new wave of millennials are keys to success
Using conversational AI to solve problems worth saving
Diagnostic mammograms and other sophisticated AI-powered imaging options offer life-saving
gdpr in healthcare
Ensuring patient data confidentiality in health and social care with GDPR
Discover how AI is expanding in the healthcare industry to cut costs and save time
Learn about how AI is revolutionising decision-making processes in the healthcare industry
The marriage of digital histopathology and radiology speeds NHS innovation and transformation
Digitisation opens door to innovation and NHS transformation
The important role of allied health professionals in documenting patient care
Over 40 per cent of AHPs go home late due to patient record keeping demands
Physical therapist stretching mans leg
AHP services are undergoing major changes leading to improvements across healthcare
Radiologists will direct how best to incorporate and use AI in radiology
hands and fingers
Maximise clinician satisfaction and return on investment – fast
Be part of our research into the digital patient
Be a part of our research with PracticeBusiness
Top tips for implementing speech recognition in busy pathology departments
Data output and analysis is big up the to do list of healthcare.
How the burden of good patient record keeping impacts on nurses.
How the burden of good patient record keeping impacts on nurses.
young pensive doctor holding a clipboard looking out of the window
With more regulations and more data its time to address the digital dilemma in healthcare
Applying the lessons of usability of office technology to accelerate the paperless NHS
Applying the lessons of usability of office technology to accelerate paperless NHS
Show more articles