Key Standards and Guidance for Healthcare

When investigating and designing new cloud solutions within the healthcare sector, there are multiple important standards, principles and guidelines to consider regarding security, access, permissions and controls. This interactive page highlights the standards that, from our experience, are the most relevant, and how our people, processes and technology can help you comply with them.

The three standards:

NHS Digital, Data and Technology Standards

The NHS digital, data and technology standards framework, which is currently in draft format, describes the new expectations around the use of data, interoperability, and design standards within the NHS. This has an impact across all NHS organisations and within the supplier community to strive to achieve these more demanding standards. UKCloud always takes a proactive approach to data security and we have reviewed our services keeping in mind the new draft standards published by NHS Digital.

Download PDF

Data Security Standards (including the Data Security Protection Toolkit)

All NHS digital, data and technology services should achieve the Data Security Standards (DSS) required through the Data Security and Protection Toolkit (DSPT), which is made up of ten standards. The DSPT retains the general principle that organisations should demonstrate that they can be trusted with the confidentiality and security of personal information. It also supports organisations to meet the requirements of new legislation including the likes of the General Data Protection Regulation (GDPR) and Network and Information Systems (NIS) Directive. It is important to note that the DSPT will continue to evolve over time to reflect emerging threats, changing policy and future legislative requirements.

Download PDF