NEWS
Code
of Practice for Information
Security
Management
The
Department of Health has recently published the comprehensive
'Code
of Practice for Information Security Management‘ — a document
that
replaces the guidance previously issued by the NHS Executive
Information
Management Centre and the NHS Information Authority.
This
new publication is a fundamental Code of Practice for all
organisations
that access or process NHS information, including
Social
Care and third party organisations such as commercial,
voluntary,
social housing, etc. The Information
Governance
Toolkit
determines the compliance requirements for
healthcare
organisations;
all organisations will be required to complete
and
submit a Statement of Compliance (SoC) with the elements
defined
in the IGT in order to establish or maintain a connection
to
the
NHS
network,
N3.
We
understand that NHS Trusts will also have to submit an acceptable
SoC
by March 2008 to replace the NHSnet Code of Connection, which
has
been used in a caretaker role for N3.
The
Code of Practice for Information Security Management can be
downloaded at:
www.dh.gov.uk/en/publicationsandstatistics/publications/
publicationspolicyandguidance/dh_074142
Good
practice guides, which replace the System Operation notices
previously
produced by the NHS IA, are available from the NHS CfH
Information
Governance team at: http://wwn.connectingforhealth.nhs.uk/igsecurity/gpg
(N3
connection
required).
Hytec
can advise on all aspects of the new NHS Code of Practice,
IGT,
GPGs and also all aspects of the new UK government IA strategy.
|
