By Rob Muddiman on 20 Jul 2016
The Care Quality Commission will include data security audits when carrying out inspections at GP practices. The new security standards have been approved by the health secretary, Jeremy Hunt.
Two data reports were commissioned by Jeremy Hunt last year. One from the National Data Guardian (NDG) to set new data security standards for health and social care, the other from the CQC to analyse the existing levels of data security across the NHS.
Data security auditing for safe data and safe care in all health care settings has been “strengthened” due to recommendations from the CQC report. It also recommended, “clear ownership and responsibility for data security” to the standard of clinical and financial management and accountability. The CQC also said that it would begin inspecting data security against the new security standards imposed in the NDG report.
The new data security standards set out in the NDG report include identifying and addressing risks such as:
- Default passwords
- Inactive accounts
- Unsupported operating systems
A new opt-out option is proposed to make clear how people’s health and care information will be used and in what circumstances they can opt out.
Overall, this will help to ensure the public can make informed choices about how their data is used in the hands of GP practices.
Dame Fiona Caldicott, National Data Guardian, said: My recommendations centre on trust. Building public trust for the use of health and care data means giving people confidence that their private information is kept secure and used in their interests.
“Citizens have a right to know how their data is safeguarded. They should be included in conversations about the potential benefits that responsible use of their information can bring.”
TPP Healthcare are experts in recruiting for temporary and permanent support staff for General Practices. If you would like to discuss recruitment for NHS experienced Receptionists or Secretaries, please do get in touch on 020 7198 6080 or email firstname.lastname@example.org