NHS Now Have Guidance on Use of Public Cloud
Published: January 22, 2018
NHS Digital has recently published a guidance document that informs NHS and social care organisations how to use public cloud services securely.
The document will help organisations with their approach to offshoring and the use of public cloud services.
Key takeaways from the guidance document include:
- NHS and social care providers can use cloud computing services for NHS data.
- This data must only be hosted within the UK, European Economic Area (EEA) – a country deemed adequate by the European Commission, or within the US, which is covered by Privacy Shield.
- Using National Cyber Security Essentials as a guide, local Senior Information Risk Owners (SIROs) should be fulfilled with the appropriate security arrangements, in conjunction with Data Protection Officers and Caldicott Gardens.
- Regularly updated advice is available from the Information Commissioner’s Office.
- There are also changes to data protection laws, including the General Data Protection Regulation (GDPR) from 25 May 2018 – this includes restrictions on the transfer of personal data outside the European Union. The ICO’s GDPR guidance can be found here.
View the full guidance document here.
This guidance document sees NHS Digital meet some of their goals, which include: ensuring everyone’s data is protected, and supporting organisation to get the best from technology, data and information.
Embracing cloud technology may help health and social care organisations to benefit from more productivity, better security and cost savings.
As a Gold Partner, we work closely with the likes of Microsoft, who deliver Azure, a secure public cloud with datacentres in the UK and Europe.
If you would like help with migrating to the cloud, we can provide licensing, advice and migration services; please call +44 (0) 1364 654100 for more information.