NHS Digital’s Data Security Centre (DSC) has produced guidance to help health and care organisations raise their levels of cyber security through educating staff in good practice.
Named Keep I.T. Confidential, it provides a series of assets that can be downloaded from its website, with an emphasis on educating staff on the impact of data and cyber security on patient safety and care.
It is aimed at improving employees’ knowledge of data and cyber security practices which can be adopted in their everyday work, and embedding a culture of cyber security throughout the NHS.
The campaign materials have been designed to support NHS trusts and other healthcare organisations to run their own cyber security campaigns in a way that suits them and their organisations locally.
It highlights key cyber security threats and the actions that staff can take to mitigate risk, including weak passwords, phishing scams and emails, tailgaters at NHS sites, unlocked screens and devices, and social engineering to manipulate people into divulging confidential or personal information.
Rob Shaw, deputy chief executive of NHS Digital, said: “Cyber security is the responsibility of all NHS staff and we want to inspire a cultural change by supporting health and care organisations to embed it in their daily best practice.
“To do this, we need to support all NHS staff on the direct impact of data security on patient care, and the steps they can take personally to reduce this threat.
“We know how busy NHS staff are so we are helping them to understand the importance of data security and how it can impact on and benefit their working lives, including patient care.
“NHS organisations are vast and diverse so Keep I.T. Confidential can be tailored to suit the individual needs of health and care providers and their staff.”
The DSC provides a range of specialist services that help health and care organisations manage cyber risk and recover in the event of an incident.
Image from iStock