IT Governance urges health and social care companies to safeguard patient records with Cyber Essentials


IT Governance, the leading cyber security consultancy firm and CREST-accredited certification body, is urging health and social care companies to safeguard their data and ensure that patient records are kept safe by certifying to the UK Government-backed Cyber Essentials or Cyber Essentials Plus schemes.
This comes in response to IBM’s 2016 Cyber Security Intelligence Index, which claims that over 100 million healthcare records around the world were compromised only last year. 
Alan Calder, the founder and chief executive officer of IT Governance, said: “IBM’s findings prove that health and social care companies are compelling targets for cyber attacks due to the sensitive information they hold. As a result, organisations within this industry need to ensure that patient records are kept safe and control measures are implemented to prevent cyber attacks that could compromise client records.”
According to the National Data Guardian report, “All health and social care organisations should provide evidence that they are taking action to improve cyber security, for example through the ‘Cyber Essentials’ scheme.”
Cyber Essentials is a UK Government-backed scheme that can help organisations achieve a basic level of cyber security by implementing a series of security controls that can prevent “around 80% of cyber threats”. Certification to the scheme proves that the organisation has taken a proactive approach to information security and protecting their clients’ personal and sensitive information. 
The National Data Guardian Report and the Care Quality Commission Report recommend that organisations use new data security standards, a method to test compliance against these standards, and a new consent/opt-out model for data sharing in relation to patient confidential data.
“To date, the Cyber Essentials scheme has been successfully implemented across 47 health and social care organisations. To prevent cyber threats, organisations often opt for the IG Toolkit, which is a well understood and embedded across the health sector, but the self-assessment nature of the IG Toolkit creates doubt in its reliability,” Alan Calder continued.
Organisations within the health and social care sector looking to prioritise cyber security and certify to the Cyber Essentials scheme can opt for any of IT Governance’s packaged solutions: Do It Yourself, Get A Little Help and Get A Lot Of Help.
For more information about IT Governance’s Cyber Essentials packaged solutions, please visit the website, contact our consultancy team direct at, or call us on +44 (0)845 070 1750.
This website uses cookies. View our cookie policy