Cyber security is a key issue across the NHS, with the number and complexity of cyber attacks increasing. I am sure you are aware that on the 25th May 2018 the new General Data Protection Regulation (GDPR) becomes law and whilst this is a year away were you aware that NHS Trust board members can be held personally responsible?
There will be substantial organisational changes required and a review of your processes will be required making your Trust more efficient and enabling you to provide better and safer care.
Most people aren’t aware of the penalties that are associated to GDPR; did you know if you are found to not be compiling with the regulations the following sanctions could be imposed:
- A written warning for first and non-intentional non-compliance
- Regular periodic data protection audits
- Fines up to 20,000,000 EUR or up to 4% of the annual worldwide turnover of the preceding financial year in case of an enterprise, whichever is greater (Article 83, Paragraph 5 & 6) as Trusts hold sensitive information
- Board directors can be held personally responsible
Ideal have identified how to get your Trust ready and have created an initial engagement proposition to enable your Trust to kick start the process:
Ideal has developed a series of services to maximise business cyber security, working together with a Trust to ensure that the people, processes and systems which comprise the Trust’s cyber security defences are robust, up-to-date, and compliant with current legislation.