Data protection and cyber security elearning for care workers
Date: Tuesday 12 December 2023
As a care provider, you’ll have a plan to ensure your business can continue if you’re affected by severe weather, a power outage or medication shortages. But what if you don’t have access to the data you store and share?
We’ll be producing a series of articles for Cyber Security Awareness Month, and this week we share insights and advice on building data and cyber security into your business continuity plan.
We have created a cyber security continuity plan which you can download and adapt for your organisation. The plan considers six different scenarios that could affect your access to digital systems and outlines ways to reduce your risk and to respond if any of those scenarios occur.
Here’s a quick summary:
A really key issue is to consider the ‘supply chain’.
Your business is likely to be part of a complex digital supply chain – including the tech companies that supply and manage the software systems you use, partners in other health or care organisations that access or share digital systems with you, and of course the clients, families and staff whom you contact.
As a member of that chain, you need to ensure that your own cyber security arrangements are in place. One of the most comprehensive ways of checking this is to use the Data Security and Protection Toolkit (DSPT) at least once a year. This free, official self-assessment tool will guide you through the policies, procedures and practices you should have in place – and it will provide you with a DSPT status which indicates if you are meeting national data standards. It’s a great source of evidence to share with your supply chain partners.
It is also your responsibility to check the potential risks that third parties may bring to your care service. Think about what systems you rely on external companies to provide, and how your service could be affected if they fell victim to a cyber-attack.
You should check their cyber security arrangements. So for example, do they have an up-to-date DSPT or Cyber Essentials Plus in place? Also check the contracts you have with them – do they cover cyber security issues? And remember, good suppliers will work with you to discuss their responsibilities.
You should also think about how you back up your data, or how you could temporarily replace a key part of your service that you rely on.
Download and adapt our data and cyber security business continuity template plan.
Visit our web pages on cyber security to get guidance and support for your care service.
Follow the NHS Digital Keep I.T Confidential campaign and learn more about cyber security and how you can get involved.
Run your own campaign at ease by utilising the free resources on offer for social care.Back to News