NHS Digital has launched a campaign to raise staff awareness around basic cyber security.
The Keep I.T. Confidential campaign aims to educate staff across the NHS on common-sense IT security practice and the impact of data and cyber security on patient safety.
It includes practical steps that staff can adopt into their everyday work, such as setting secure passwords, keeping computers and other devices locked and being aware of phishing and email scams.
Launched by NHS Digital’s Data Security Centre (DSC), the campaign materials have been designed to help NHS trusts and other healthcare organisations run their own cyber security campaigns in a way that suits them locally.
Rob Shaw, Deputy Chief Executive of NHS Digital, said: “Cyber security is the responsibility of all NHS staff and we want to inspire a cultural change by supporting health and care organisations to embed it in their daily best practice.
“To do this, we need to support all NHS staff on the direct impact of data security on patient care, and the steps they can take personally to reduce this threat.”
Keep I.T. Confidential highlights key cyber security threats and the actions that staff can take to mitigate risk in these areas.
NHS Digital said the campaign “reinforces the message that data security is an extension of patient confidentiality and good patient care”.
In addition to IT security, it also aims to raise awareness around ‘tailgating’ – when an unauthorised person follows someone else into a secure NHS site – and social engineering whereby individuals are manipulated into divulging sensitive information.
“We know how busy NHS staff are so we are helping them to understand the importance of data security and how it can impact on and benefit their working lives, including patient care,” said Shaw.
“NHS organisations are vast and diverse so Keep I.T. Confidential can be tailored to suit the individual needs of health and care providers and their staff.”
Last month, NHS Digital announced plans to roll out a range of new IT security services to help NHS organisations protect themselves against cyber-attacks.