| answer text |
<p>The Department published <em>Your Data: Better Security, Better Choice, Better
Care </em>in July 2017 in which the Government accepted the 10 Data Security Standards
recommended by the National Data Guardian, Dame Fiona Caldicott. The document sets
out the steps National Health Service trusts are expected to take to improve their
cyber security resilience. Data Security Standard 8 specifically states that no unsupported
operating systems, software or internet browsers are used within the IT estate.</p><p>
</p><p>NHS Digital published in May 2017 <em>Unsupported Platforms – Good Practice
Guide </em>giving trusts technical guidance on how to upgrade software and improve
cyber security.</p><p> </p><p>In October 2017, the Department followed up by publishing
the <em>2017/18 Data Security and Protection Requirements</em>. This document sets
out the steps all health and care organisations will be expected to take in 2017/18
to demonstrate that they are implementing the 10 Data Security Standards, prior to
a new assurance framework coming into place from April 2018.</p><p> </p><p>In 2015,
NHS Digital established CareCERT to provide national cyber support to health and care
organisations. This support includes cyber alerts with advice on software updates,
direct support when cyber incidents occur, and also on-site support to assess local
vulnerabilities to improve local resilience and mitigate the impact of future cyber
incidents.</p><p> </p><p>The above mentioned reports are attached.</p>
|
|
