QCS, the leading provider of content, guidance and standards for the health care sector, calls on social care providers, who haven’t already done so, to complete the Data Security and Protection Toolkit (DSPT) ahead of the 30 June deadline.
The call follows a spate of high profile cyber-attacks that have highlighted the importance of data security, including the infiltration of Ireland’s National Health Service (HSE) by hackers in mid-May.
Statistics provided by the National Cyber Security Centre show it handled 723 incidents within the NHS related to coronavirus with its Active Cyber Defence Unit detecting over 120 phishing campaigns using NHS branding, up from 36 similar incidents in 2019.
Leah Cooke, QCS’s Content Operations Manager (pictured), said: “To safeguard their businesses, from cyber-attack, while social care providers should follow the steps outlined in the NCSC’s Small Business Guide and the Cyber Security for Small Organisations and Charities e-learning guide, the best form of defence is to complete the Data Security and Protection toolkit.
“It is not too late, and having studied the DSPT in great detail, I can vouch for the fact that the DSPT is an excellent resource, which will provide registered managers and staff with an all-round holistic knowledge and understanding of the pervasive and numerous cyber threats that they’re likely to encounter. But not only this, it is the best way to build a robust culture of cyber security throughout an organisation – as everyone in a care home – including admin staff, activity teams, chefs, cleaners and third-party contractors – can benefit.
“The DSPT is a key building block in inculcating such a culture. But, it is just the first step in raising awareness throughout an organisation. Frontline managers and senior staff still need to lay a vital role in ensuring that knowledge is cascaded down to all staff that work for the care provider. Group awareness sessions can help reinforce the importance of digital hygiene, and on the rare occasions that mistakes are made, the culture shouldn’t be one of blame, but of openness.
“With such a culture in place, everyone in the care home should subconsciously be aware of the basic requirements. Tasks such as creating strong passwords, changing them regularly and keeping anti-virus software up-to-date should come naturally. If they do, that’s when you know that a culture of cyber security has been deeply embedded within your organisation.”
For more information visit: https://www.dsptoolkit.nhs.uk/