Information Governance Toolkit (NHS IGT) Compliance Services
The Department of Health contractually requires all suppliers to NHS organisations to complete an annual information governance assessment. This assessment is known as the NHS Information Governance Toolkit (NHS IG Toolkit) which is used to measure their compliance with the law and central data security guidance.
Its purpose is to assure the Board of the organisation and others, that confidential information is handled correctly and protected from unauthorised access, loss, damage and destruction.
Information published by the ICO (Information Commissioners Office) revealed there were 184 reported data security incidents involving healthcare organisations during Q4 2015.
Healthcare organisations have a common law duty of care and a statutory obligation to ensure personal data is adequately protected. Data security incidents can have many causes including human negligence, inadequate IT controls cyber-attacks, lack of staff training, poor physical controls, insufficient policies/procedures and others.
The effect of a data security incident on an organisation can be significant, causing loss of revenue through contract cancellation, damage to brand and reputation, and also the potential financial impact from fines received from regulatory bodies such as the ICO.
These risks can be significantly reduced by implementing and maintaining a key set of both technical and procedural safeguards which following a risk-based approach and careful planning, is financially accessible to most organisations, which is outlined within the NHS IGT.
JAW Consulting UK have significant experience assisting both primary health-care providers, and suppliers to the NHS with meeting compliance with the NHS IGT. Our consultants can work with you to measure your level of compliance, and then provide an appropriate level of support to enable you to meet the NHS IGT standard.
With a strong understanding of the healthcare sector, our data security consultants will work with you measuring your level of compliance, and then provide an appropriate level of support to enable you to progress toward submission of the NHS IGT assessment, demonstrating to peers and external auditors the correct data security measures are in place.