
Description
- Your organisation is required to provide annual training on topics such as:
- The Data Protection Act
- The Freedom of Information Act
- The adoption of technology – building and maintaining public trust in how we use and share information
- Information security policy and procedure
- This presentation provides an overview and guidance and good practice on the above topics.
- Author: NHS Digital (Data Security Centre and External IG Delivery)
- Duration: Approx. 1 hour
Course Information
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Proin ac augue vel arcu fermentum efficitur. Nullam sollicitudin, sapien non fermentum iaculis, turpis neque accumsan nisl, a gravida eros mauris vel lacus. Fusce convallis tortor non justo bibendum, a feugiat ipsum ultrices. Donec sit amet nulla ac ligula volutpat aliquet.
Getting Started
Learning Objectives
Safe Data, Safe Care
What is GDPR
Section 1
Why is data security important in Health & Care
Section 2
Confidentiality, Integrity, Availability
Scenario
Summary
Information and the law
Types of information
Section 3
Types of Information
The Value of Information
Common Law Duty of Confidentiality
The Caldicott Principles
Confidentiality – Good Practice
Confidentiality – Informing People
Confidentiality – Sharing Information for Care
Confidentiality – Sharing Information for Non-Care
Data Protection
Rights of Individuals
Section 4
Data Protection – Good Practice 1
Data Protection – Good Practice 2
Section 5
The Freedom of Information Act 2000
Handling FOI Requests
Section 6
Activity – Can you recognise a valid request
Record Keeping – Good Practice
Scenario
Summary
Avoiding Threats to Data Security
Section 7
Social Engineering
The Fake ICT Department
Social Engineering – What you can do
Email Phishing & Malware
Phishing – What to do
Macros
Malware
Good Practice – Setting Passwords
Good Practice – Locking Devices
Good Practice – Removable Drives
Good Practice – Untrusted Websites
Good Practice – Mobile Devices
Good Practice – Mobile Devices (Continued)
Good Practice – Disposal of Confidential Information
Good Practice – Clear Desks
Summary
Section 8
Breaches & Incidents
Different Types of Incident
Most Reported Breaches in Health & Care
Incidents Using Technology
Consequences of Breaches & Incidents
Reporting Incidents
Postal Breach
Postal Checklist
Email Breach
Email Checklist
Phone Breach
Phone Checklist
Fax Breach
Fax Checklist
Data Security Risks 1
Data Security Risks 2
Summary
Module Summary
Resources
References
Section 9
Assessment