logging in or signing up IGSoC hfish Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 24 Category: Education License: All Rights Reserved Like it (0) Dislike it (0) Added: December 26, 2011 This Presentation is Public Favorites: 0 Presentation Description information governance statement of compliance Comments Posting comment... Premium member Presentation Transcript Information Governance Statement of Compliance (IGSoC): Information Governance Statement of Compliance (IGSoC) By: Nazli Durrani Information Security Lead – NHS CFHIntroduction: Introduction The Information Governance Statement of Compliance is the agreement between NHS Connecting for Health and Approved Service Recipients* (ASRs) that sets out the terms and conditions for use of NHS CFH services including the N3 network in order to protect the integrity of those services. The IG SoC process sets out a set of security related requirements which must be satisfied for an organisation to be able to provide assurances in respect of safeguarding the N3 and information assets which may be accessed. What is it? Do I need to complete the IGSoC? Any organisation wishing to connect directly to the N3 network to use NHS CFH digital services needs to complete the IG SoC process. One IG SoC needs to be completed per independent legal entity i.e. the N3 connection owner or if you want to procure an N3 connection. * ASR – Those organisations directly connected to the N3 network (the N3 connection owner) and being recipients of NHS CFH services e.g. Choose & Book, NHS Mail etc.Responsibilities: Responsibilities The IG SoC process includes obligations for ASRs to maintain and preserve the information security principles of confidentiality, integrity, security, availability and accuracy of personal data used in the services provided to them e.g. by frequently deploying anti-virus checking software. It is therefore the responsibility of every ASR utilising these services to safeguard the information. By requiring that ASRs achieve the information governance standards incorporated in the terms and conditions of the IG SoC, NHS CFH can help to ensure appropriate safeguards are in place to protect NHS CFH services for all users. It is essential that those organisations sharing services with ASRs e.g. in the case of partnerships between NHS organisations (the ASR) and social care organisations work as efficiently to uphold the principles of information security. It is the responsibility of every ASR wishing to exchange data with their business partners (by allowing that partner to access their N3 connection) to ensure their business partner has the necessary information security / governance compliance controls and activities in place and are regularly maintained. * ASR – Those organisations directly connected to the N3 network (the N3 connection owner) and being recipients of NHS CFH services e.g. Choose & Book, NHS Mail etc.IG SoC Process Components: IG SoC Process Components To become an ASR*, an organisation must satisfy each component of IG SoC process. Each component is broken down into a series of requirements / clauses. The IG SoC process varies for different organisation types… NHS Organisations need to complete the components listed below: : The IG SoC Declaration* The Information Governance Toolkit (IGT)* NON- NHS Organisations (inc. Social Care) need to complete: The application form ( assessed by NHS CFH) The IG SoC Declaration* The Information Governance Toolkit (IGT)* A Logical Connection Architecture (LCA) document (assessed by NHS CFH) * Self assessments * ASR – Those organisations directly connected to the N3 network (the N3 connection owner) and being recipients of NHS CFH services e.g. Choose & Book, NHS Mail etc.IG SoC Completion Progress: IG SoC Completion Progress Total Number of IG SoC applications* *Those organisations with an existing N3 connection or have recently procured an N3 connection Over 10,000 Total Number of IG SoC applications approved** ** Those organisations whom have met the required information governance standards as defined in the IG SoC circa 9000 Organisation Types whom have successfully completed the IG SoC process Strategic Health Authorities Universities Pharmacies Opticians Local Authorities (12) Mental Health Trusts Hospices GPs Ambulance trusts Acute AggregatorsPowerPoint Presentation: High level review ProcessTimescales: Timescales Timescales for an N3 connection are dependant upon how long it takes the organisation to reach the required standards for each of the components of the IG SoC. An organisation to complete the IG SoC process is dependent upon i) the size of the organisation (ii) resource fuel for each IG SoC component (iii) the organisations’ information security / governance maturity Internal NHS CFH processing of each component of the IG SoC can take up to 3 weeks BT N3 quote a lead time of 3 months from placing the order for the N3 connection to its installation If an organisation e.g. a council wants to access the N3 / NHS CFH digital services via an NHS organisation’s N3 connection (i.e. an indirect connection) they must approach the NHS Organisation to arrange for this access.Benefits of the IG SoC process model: Benefits of the IG SoC process model A standard model for allowing organisations to assess their own Information security / governance arrangements and take necessary action. Allows for effective information sharing and defines responsibilities. Allows the identification and management of risk for organisations / data owners The IG SoC component requirements are aligned with theCabinet Office / Legal and Regulatory requirements Continuous Information Governance / Security Improvements for all ASRsIG SoC Contacts: IG SoC Contacts Website: http://www.connectingforhealth.nhs.uk/systemsandservices/infogov/igsoc Queries: Email: Exeter.helpdesk@nhs.net Phone: 01392 251 289Status of work on harmonising with GoCo : Status of work on harmonising with GoCo Overview NHS CFH have recently been focussing on exploring the potential for utilising GCSX as a route to N3 rather than just secure email from gcsx mailboxes to nhs.net mailboxes. This means connecting the GCSX network gateway to the N3 network gateway. Clearly it seems sensible to aim for one connection into Govt. to allow shared business processes to be improved Progress Research of the application processes for connectivity for GCSX & N3 Reviews of application harmonisation for both the N3 and GCSX so that organisations do not have to complete multiple application processes for access to Govt. networks. Research into the level of work required to get integration from both the application process and the feasibility of technical integration.Questions?: Questions? You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
IGSoC hfish Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT lite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 24 Category: Education License: All Rights Reserved Like it (0) Dislike it (0) Added: December 26, 2011 This Presentation is Public Favorites: 0 Presentation Description information governance statement of compliance Comments Posting comment... Premium member Presentation Transcript Information Governance Statement of Compliance (IGSoC): Information Governance Statement of Compliance (IGSoC) By: Nazli Durrani Information Security Lead – NHS CFHIntroduction: Introduction The Information Governance Statement of Compliance is the agreement between NHS Connecting for Health and Approved Service Recipients* (ASRs) that sets out the terms and conditions for use of NHS CFH services including the N3 network in order to protect the integrity of those services. The IG SoC process sets out a set of security related requirements which must be satisfied for an organisation to be able to provide assurances in respect of safeguarding the N3 and information assets which may be accessed. What is it? Do I need to complete the IGSoC? Any organisation wishing to connect directly to the N3 network to use NHS CFH digital services needs to complete the IG SoC process. One IG SoC needs to be completed per independent legal entity i.e. the N3 connection owner or if you want to procure an N3 connection. * ASR – Those organisations directly connected to the N3 network (the N3 connection owner) and being recipients of NHS CFH services e.g. Choose & Book, NHS Mail etc.Responsibilities: Responsibilities The IG SoC process includes obligations for ASRs to maintain and preserve the information security principles of confidentiality, integrity, security, availability and accuracy of personal data used in the services provided to them e.g. by frequently deploying anti-virus checking software. It is therefore the responsibility of every ASR utilising these services to safeguard the information. By requiring that ASRs achieve the information governance standards incorporated in the terms and conditions of the IG SoC, NHS CFH can help to ensure appropriate safeguards are in place to protect NHS CFH services for all users. It is essential that those organisations sharing services with ASRs e.g. in the case of partnerships between NHS organisations (the ASR) and social care organisations work as efficiently to uphold the principles of information security. It is the responsibility of every ASR wishing to exchange data with their business partners (by allowing that partner to access their N3 connection) to ensure their business partner has the necessary information security / governance compliance controls and activities in place and are regularly maintained. * ASR – Those organisations directly connected to the N3 network (the N3 connection owner) and being recipients of NHS CFH services e.g. Choose & Book, NHS Mail etc.IG SoC Process Components: IG SoC Process Components To become an ASR*, an organisation must satisfy each component of IG SoC process. Each component is broken down into a series of requirements / clauses. The IG SoC process varies for different organisation types… NHS Organisations need to complete the components listed below: : The IG SoC Declaration* The Information Governance Toolkit (IGT)* NON- NHS Organisations (inc. Social Care) need to complete: The application form ( assessed by NHS CFH) The IG SoC Declaration* The Information Governance Toolkit (IGT)* A Logical Connection Architecture (LCA) document (assessed by NHS CFH) * Self assessments * ASR – Those organisations directly connected to the N3 network (the N3 connection owner) and being recipients of NHS CFH services e.g. Choose & Book, NHS Mail etc.IG SoC Completion Progress: IG SoC Completion Progress Total Number of IG SoC applications* *Those organisations with an existing N3 connection or have recently procured an N3 connection Over 10,000 Total Number of IG SoC applications approved** ** Those organisations whom have met the required information governance standards as defined in the IG SoC circa 9000 Organisation Types whom have successfully completed the IG SoC process Strategic Health Authorities Universities Pharmacies Opticians Local Authorities (12) Mental Health Trusts Hospices GPs Ambulance trusts Acute AggregatorsPowerPoint Presentation: High level review ProcessTimescales: Timescales Timescales for an N3 connection are dependant upon how long it takes the organisation to reach the required standards for each of the components of the IG SoC. An organisation to complete the IG SoC process is dependent upon i) the size of the organisation (ii) resource fuel for each IG SoC component (iii) the organisations’ information security / governance maturity Internal NHS CFH processing of each component of the IG SoC can take up to 3 weeks BT N3 quote a lead time of 3 months from placing the order for the N3 connection to its installation If an organisation e.g. a council wants to access the N3 / NHS CFH digital services via an NHS organisation’s N3 connection (i.e. an indirect connection) they must approach the NHS Organisation to arrange for this access.Benefits of the IG SoC process model: Benefits of the IG SoC process model A standard model for allowing organisations to assess their own Information security / governance arrangements and take necessary action. Allows for effective information sharing and defines responsibilities. Allows the identification and management of risk for organisations / data owners The IG SoC component requirements are aligned with theCabinet Office / Legal and Regulatory requirements Continuous Information Governance / Security Improvements for all ASRsIG SoC Contacts: IG SoC Contacts Website: http://www.connectingforhealth.nhs.uk/systemsandservices/infogov/igsoc Queries: Email: Exeter.helpdesk@nhs.net Phone: 01392 251 289Status of work on harmonising with GoCo : Status of work on harmonising with GoCo Overview NHS CFH have recently been focussing on exploring the potential for utilising GCSX as a route to N3 rather than just secure email from gcsx mailboxes to nhs.net mailboxes. This means connecting the GCSX network gateway to the N3 network gateway. Clearly it seems sensible to aim for one connection into Govt. to allow shared business processes to be improved Progress Research of the application processes for connectivity for GCSX & N3 Reviews of application harmonisation for both the N3 and GCSX so that organisations do not have to complete multiple application processes for access to Govt. networks. Research into the level of work required to get integration from both the application process and the feasibility of technical integration.Questions?: Questions?