These days, organisations face a range of evolving cyber threats. The healthcare sector has a particularly hard time, as it needs to deal with more risks than most.
Not only do OES (operators of essential services) such as NHS organisations and their partners face the same automated attacks as organisations everywhere else but they also have to defend themselves against more sophisticated attacks.
In response to this increased threat, healthcare organisations must comply with both the GDPR (General Data Protection Regulation) and the DSP (Data Security and Protection) Toolkit, which superseded the IG (Information Governance) Toolkit in April 2018.
Furthermore, in May 2018, the NIS Directive (Directive on security of network and information systems) was enacted into UK law as the NIS Regulations. The NIS Regulations apply to most healthcare providers and look to achieve a high, common level of network and information security and aim to allow OES to continue to provide vital services in the event of a cyber incident.
- The applicability of the DSP Toolkit and its scope;
- How the DSP Toolkit differs from the IG Toolkit and how organisations can comply with the new requirements;
- The scope and requirements of the NIS Regulations; and
- How to plan and coordinate both compliance projects.