Take a look at these short films that show how employers have started to meet some of the challenges of information sharing.
- Lessons in integrated working - the Living well project, Cornwall
- New systems for information sharing - the heathland project, Cumbria
- Advice from data sharing experts The Centre for Excellence for Information Sharing and the Information Governance Alliance explain how they can support employers in this area.
To help ensure you comply with data protection laws, you might appoint a data protection worker in your service.
As part of your GDPR requirements you might need to appoint a data protection officer – this depends on the type of organisation you are and how you process data and information. Download our guide to see if you do, and if so, what their role involves.
If you don’t need to appoint an officer, you might want to consider appointing a data protection champion to ensure your service complies with GDPR. Our guide explains more about this role.
NHS Digital have designed an online ‘Data security and protection toolkit’ (DSPT) - a self-assessment tool for data security which supports organisations in demonstrating:
- good data security to the CQC as part of the key lines of enquiry (KLOEs)
- compliance with the expected data security standards for health and social care for holding, processing or sharing personal data
- readiness to access secure health and care digital methods of information sharing, such as NHSmail and Summary Care Records (a summary of GP information about an individual) and local information sharing solutions.
The Department for Health and Social Care recommends that all social care providers complete the DSPT as they will hold, process or share personal data.
NHS Digital are offering a series of online events for social care providers about the toolkit, starting in October. Find dates and book here.
Digital Social Care has also produced guidance to support completion of the toolkit, including information on ‘entry level’ compliance – a stepping stone to achieving the ‘standards met’ level. Take a look at the information for social care providers.
When you work digitally, there’s the risk of cyber-attacks so it’s important that you have security measures in place.
Cyber security is the name for the safeguards taken to avoid or reduce any disruption from an attack on data, computers or mobile devices.
Security breaches with digital information can be more severe than with paper records as information can be distributed more easily and to a far wider audience.
Cyber-breaches are costly – in terms of expense, recovery time and through damage to reputation. All staff must be aware of how to implement protective measures.
Read more about cyber security and how to improve it
The Information Commissioner has written a myth-busting blog about GDPR compliance being an ongoing journey, and one where the Information Commissioners Office (ICO) will be a ‘fair and proportionate’ regulator.
If you need any help, the Information Commissioners Office (ICO) has a helpline aimed at small and medium-sized enterprises and charities. Call 0303 123 1113 and select option 4.