Part of Data Security Standard 6 - Responding to incidents
An informed and empowered audience (6.1.1)
It is important that staff have sufficient knowledge to enable them to identify breaches, near misses and unacceptable behaviour and to know the tell-tale signs of what is irregular and what is acceptable behaviour.
This can be through training (as detailed in Data Security Standard 3), however organisational norms, culture, policies, processes and procedures have a profound influence.
As well as knowing what an incident or breach looks like, or what a potential breach could be, staff should feel empowered and encouraged to report breaches, near misses and problem processes.
High levels of incident reporting in the past have often been perceived negatively and reporting has not been encouraged due to organisations not having a clear process and showing a lack of commitment to support individuals who report incidents.
The NDG review stated that near misses, hazards and insecure behaviours must all be reported without fear of recrimination, and that people should be encouraged to provide this valuable intelligence.
These include:
- culture change
- improved handling of cases
- measures to support good practice
- particular measures for vulnerable groups
- extending the legal protection
This is especially a factor when incidents are reported using an existing incident reporting system, such as an IT service desk where the staff managing the incident system also manage major systems that are likely to come into focus during an incident investigation (such as a Patient Administration System or Windows Active Directory administrator).
It is recognised that this is a particular challenge for smaller organisations where staff can have multiple roles.
Last edited: 28 September 2023 10:52 am