lolloj - Fotolia

HSCIC launches cyber security service for health and care

The Health and Social Care Information Centre sets up cyber security service as sexual health clinic accidentally releases patients’ information

The Health and Social Care Information Centre (HSCIC) has set up a cyber security service to manage risks to data in health and care.

The care computing emergency response team (CareCERT) aims to enhance cyber resilience across health and social care.

The CareCERT service will begin launching functionality in a phased approach from autumn this year, with the full go live in January 2016.

Funded by the Cabinet Office’s national cyber security programme, CareCERT will provide incident response expertise for managing cyber security incidents and be a central source of security intelligence. It will also provide best practice and guidance for organisations, as well as supporting the analysis of emerging and future threats.

Rob Shaw, HSCIC director of operations and assurance services said he hoped that CareCERT will be a “valuable resource for the health and social care sector, providing best practice guidance to support organisations to keep their information safe and secure”.

“The service will monitor for system wide threats and will then ensure that appropriate actions are developed, supporting continued security across the sector,” said Shaw.

The news comes as the London-based 56 Dean Street clinic – which provides HIV testing and sexual health services – had to issue an apology earlier this week after sending out a newsletter disclosing the names and emails of nearly 800 people.

The clinic set up a helpline for people affected by the breach and has promised to launch a full investigation. According to the Guardian, the information commissioner’s office is aware of the incident and is making inquiries into the breach.

Health secretary Jeremy Hunt also announced yesterday that the Care Quality Commission will launch a review of NHS organisations’ data security standards. He added that the breach was “completely unacceptable”.

Read more on Healthcare and NHS IT