An article in the 18 February 2010 issue of the Health Service journal (HSJ) looks data security and information governance.
According to the author, Simon Charlton at Weightmans, in the six months to May 2009 the Information Commissioner’s Office took action against 14 NHS organisations and wrote to the Department of Health requesting that the NHS as a whole improves its data security immediately.
Simon recommends that information governance officers and managers in NHS organisations should look at Cross Government Actions: mandatory minimum measures, a seven page document from the Cabinet Office. This is a set of mandatory minimum measures to protect information that is based around risk assessment.
Simon concludes his article by stating that “There is an urgent need for information governance to be taken seriously at board level and a need for sufficient importance and resources to be allocated to it.” This, he says, has been a common criticism in various investigation reports and until boards take the issue seriously “data leaks will continue, which can lead to embarrassment, loss of reputation and sanctions.”