Skip to main content

Data Security Standard 6 - Responding to incidents

Date Published:
28 September 2023

Current Chapter

Data Security Standard 6 - Responding to incidents

View all

Next Chapter

Incident reporting (6.1.1)

This guidance relates to the 2023-24 (version 6) standard. 

Overview

Cyber-attacks against services are identified and resisted and CareCERT security advice is responded to. Action is taken immediately following a data breach or a near miss, with a report made to senior management within 12 hours of detection.
All staff are trained in how to report an incident, and appreciation is expressed when incidents are reported. Sitting on an incident, rather than reporting it promptly, faces harsh sanctions. The Board understands that it's ultimately accountable for the impact of security incidents, and bears the responsibility for making staff aware of their responsibilities to report upwards. Basic safeguards are in place to prevent users from unsafe internet use. Anti-virus, anti-spam filters and basic firewall protections are deployed to protect users from basic internet-borne threats.

Please refer to further note on professional judgement, auditing and UK GDPR.

Last edited: 28 September 2023 11:07 am

Chapters

  1. Data Security Standard 6 - Responding to incidents
  2. Incident reporting (6.1.1)
  3. The incident reporting system (6.1.1)
  4. Incident management system (6.1.1)
  5. An informed and empowered audience (6.1.1)
  6. Notifying local leaders, national bodies and individuals of a data breach (6.1.2, 6.1.3)
  7. End point anti-virus (6.2.1 - 6.2.9)
  8. Always on, always connected, always up to date (6.2.3 - 6.2.4)
  9. Blocking web malicious content (6.2.5)
  10. Email server software (6.2.6 - 6.2.9)
  11. Acting upon known vulnerabilities (6.3.1 - 6.3.5)
  12. NHS Cyber Alerts Service (6.3.2)
  13. Repeat data security incidents (6.3.5)
  14. Monitoring (6.3.4)
  15. Fraud (6.3.4)