NHS takes unpopular BS 7799



Mike Simons

The NHS has formally adopted the BS 7799 code of practice for information security and laid down a tight deadline for its...



Mike Simons

The NHS has formally adopted the BS 7799 code of practice for information security and laid down a tight deadline for its implementation.

Health organisations have been told that by June they will have to compare existing practices against the national standard and produce a compliance audit by December.

This is a huge challenge. BS 7799 is the security standard for government departments, but last autumn, two years after its launch, Computer Weekly revealed that only 37 UK organisations have gained accreditation.

A key component of the new NHS strategy will be a full public key infrastructure (PKI) that will be available for use across the NHS by April 2002.

The NHS' failure to deliver secure communications has been a major source of frustration in recent years, and this may continue if there is any problem with the PKI development.

A new cryptography strategy warns that any organisation considering an interim solution must ensure that any strategy has "an appropriate fit with expected cryptographic standards" or is "capable of cost-effective replacement or upgrade".

mike.simons@rbi.co.uk

This was last published in January 2001

Read more on Antivirus, firewall and IDS products

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close