HealthCare Information Security and Privacy Practitioner (HCISPP) Briefing Paper. Piloted by the Cyber Security Programme

Size: px
Start display at page:

Download "HealthCare Information Security and Privacy Practitioner (HCISPP) Briefing Paper. Piloted by the Cyber Security Programme"

Transcription

1 HealthCare Information Security and Privacy Practitioner (HCISPP) Briefing Paper Piloted by the Cyber Security Programme Published August 2015

2 2 Copyright 2015, Health and Social Care Information Centre. All rights reserved.

3 We are the trusted national provider of high-quality information, data and IT systems for health and social care. Author: Dayam McIntosh Project Manager, Cyber Security Programme Health and Social Care Information Centre Responsible Manager: Dan Taylor, Cyber Security Programme Head Version: Date of publication: 12 th August Copyright 2015, Health and Social Care Information Centre. All rights reserved.

4 Contents 1. About the Pilot Pilot details Pilot benefits 6 2. About the Course 6 Examinations 7 Ongoing Continuing Professional Development About (ISC)² - the Training Supplier Evaluation 8 3. How to get involved? The purpose of expressions of interest process Entry criteria Expressions of Interest dates 11 How will someone with HCISPP help our organisation? 11 4 Copyright 2015, Health and Social Care Information Centre. All rights reserved.

5 1. About the Pilot This pilot aims to qualify 100 members of staff in key positions in the field of information security. It also seeks to evaluate such a tailored qualification to see if this, or one like it, could be rolled out further across health and care. The pilot also aims to do the following: Ensure that key staff have a greater awareness of, and a relevant qualification in, Cyber Security related governance. To test the viability and suitability of the HCISPP certification programme for further roll out and/or endorsement by HSCIC to health and social care organisations. To empower health and social care with more in depth knowledge on cyber threats, vulnerability management, reporting and protocols in operational areas with patient/client recording systems or developing services. This pilot is part of the Cyber Security Programme hosted by the HSCIC. We are working in partnership with the Department of Health to deliver a Cabinet Office and HM Treasury funded programme designed to build the awareness and capability of the health and social care sector in terms of Cyber Security and threat management. The need to do this is also backed up further as a deliverable in the NIB Framework and in the HSCIC Business Strategy , both of which centre around ensuring the patient/customer record is kept safe within our care. HSCIC has already trained a number staff in Information Security related qualifications with a training supplier called (ISC)², one of which is the HCISPP which has been tailored to suit the Health and Care sector. Before the programme can make further recommendations we need to gain a clear understanding of what is needed. 1.1 Pilot details HSCIC is offering a free course, exam and certification in information security and privacy. These elements will be free for participants as part of the pilot. HSCIC must spend money wisely. Although we recognise travel, subsistence and lunch are often bonuses to such events we would like to ensure a level of joint commitment is gained by health and social care employers and participants. Travel, subsistence and lunch will not be provided. Beverages will be provided throughout the classroom dates show. 5 Copyright 2015, Health and Social Care Information Centre. All rights reserved.

6 Here are some quick fire facts about this pilot:. Output: 100 Courses and examinations of 100 Health and Social Care Staff Pilot delivery start & end: 19 th October to 11 th December 2015 Venues: Leeds, Manchester, Birmingham, Reading, London Classroom based learning: 4 consecutive days Monday to Thursday Examinations: 3 hour examination at a local Pearson s UK Test centre Friday Travel and subsistence: HSCIC will not pay for the travel or subsistence of participants. Course costs: The course, exam and certification are all free to participants and their organisations Ongoing certification and membership: HSCIC will not fund any continuing development or membership fees linked to recertification. Standard practice dictates that the individual have the option themselves to pick up such costs cost (12 months after successful certification) Beverages: Beverages will be supplied. Lunch will not be supplied, participants should bring their own, or use nearby facilities 1.2 Pilot benefits The pilot aims to realise the following benefits: Increased effectiveness of security and the ability to adapt to change Increased vigilance of cyber and security space Improved health and social care sector s ability to learn from experiences, mistakes and successes of peers Identification of job roles key to making cyber security more effective Improved ability to implement future plans and guidance among set groups of staff across health and social care Improved knowledge on protecting health and social care networks Find Cyber Champions embedded throughout health and social care, installing foundations that can be further developed Provide access to subject and sector specific knowledge 2. About the Course The HealthCare Information Security and Privacy Practitioner (HCISPP) certification from (ISC)² is the only credential that provides healthcare employers with industry-leading validation of your foundational knowledge, experience, and commitment to addressing security and privacy concerns 6 Copyright 2015, Health and Social Care Information Centre. All rights reserved.

7 within healthcare. As a HealthCare Information Security and Privacy Practitioner, you are the front-line defence for protecting health and care information. The course aims to improve the overall experience and quality of care patients receive by helping you to recognise the risks and potential consequences of exposed sensitive data and using the proper security and privacy controls to protect it. There is a growing need for security and privacy practitioners who possess the foundational knowledge and experience necessary to protect this sensitive information. That is where the HCISPP comes in. The HCISPP certification is the ideal credential for those with the core knowledge and experience needed to implement, manage, or assess the appropriate security and privacy controls of a healthcare organization. HCISPP draws from a comprehensive, up-to-date, global common body of knowledge and ensures practitioners know the best practices and techniques to protect organizations and sensitive data against emerging threats and breaches. Examinations The examinations will be held at Pearson UK Test centres. As this is a security related certification identifying and checking participant standards is more focussed. So, on exam day: Participants are required to produce two suitable pieces of Identification such as a passport for example. See page 28 of the Exam Outline for more details. Participants must also agree to a the (ISC)² Candidate Background Qualifications, a Code of Ethics and a Non-Disclosure Agreement. The exam itself is for 3 hours and is 125 multiple choice questions. The exam has a save function giving participants the ability to save and go back to questions throughout. To pass, participants need to score 700 points or above out of a possible 1000 points. Ongoing Continuing Professional Development The HCISPP certification lasts 3 years so long as participants continue to develop their skills in line with (ISC)² Continuing Professional Education (CPE), 7 Copyright 2015, Health and Social Care Information Centre. All rights reserved.

8 also known as Continuing Professional Development. This includes training or qualifications linked to the domains that form HCISPP. These relate to: Healthcare Industry Regulatory Environment Privacy and Security in Healthcare Information Governance and Risk Management Information Risk Assessment Third-Party Risk Management There is also an annual membership fee payable by participants to (ISC)², which is usual with most leading qualifications payable after 12 months of passing the exam. 2.1 About (ISC)² - the Training Supplier Inspire. Secure. Certify. International Information System Security Certification Consortium, Inc., (ISC)², is the global, not-for-profit leader in educating and certifying information security professionals throughout their careers. (ISC)² are recognized for Gold Standard certifications and world class education programmes. (ISC)² provides vendor-neutral education products, career services, and Gold Standard credentials to professionals in more than 160 countries. We take pride in our reputation built on trust, integrity, and professionalism. And we re proud of our membership an elite network that has over 100,000 certified industry professionals worldwide. For more information https://www.isc2.org/aboutus/default.aspx 2.2 Evaluation The pilot will fully evaluate the way that the course was run as well as the content and delivery. Along with evaluating the course delivery, we would also like to know how you will use the knowledge. This is important should there be a comprehensive update to the learning materials or exam in the future to make them more fit for health and social care. We have tried to include some of this in the expression of interest process. The pilot also aims to conduct a series of short case studies on volunteers who successfully pass their exam to get qualitative perspective of how the pilot went. 8 Copyright 2015, Health and Social Care Information Centre. All rights reserved.

9 3. How to get involved? Check the entry criteria to ensure you meet our requirements, then simply complete and the Expression of Interest form to 3.1 The purpose of expressions of interest process The Project will undertake a longlist and then shortlist process to ensure the following: To ensure there is the desired type of participants on the course. To ensure there is a representative cross section of health and social care staff present. To find out what interest the potential participant has in this subject. To find out what role the participant holds and where the course subject matter fits in. To ensure no more than 2 participants from any one organisation attends the course. To gain permission from the participants employer to attend the course. To get a level of buy-in for the participants employer via sharing the name of a sponsor within each organisation. 3.2 Entry criteria Here are the criteria we will be using to eventually shortlist 100 participants. After this process we will contact everyone on or shortly after the closing date - 30 th September 2015: (1) Participants must have 2 years of continuous health and social care experience. (2) Participants must work in one of the following organisation types: a. Department of health or other national health or social care agency b. NHS trusts c. Clinical Commissioning Group s, Clinical Support Unit s and NHS England Area Teams d. Councils with Adult Social Care and/or Public Health Responsibilities e. GP practices or groups f. Registered care homes or care providers (3) Participants must tell us why they are suitable for the course by listing current or active projects, programmes or operations. 9 Copyright 2015, Health and Social Care Information Centre. All rights reserved.

10 (4) Preferred participants are those who have some influence or responsibility for data processing, data warehousing or accurate recording in areas where large volumes of health and social care patient/customer personal identifiable data is stored. (This doesn t mean that we are looking for people who specifically work within ICT. Clinical managers or practitioner managers who make decisions about data processing or recording are also suitable for this qualification.) Other areas include: Those who have access and/or responsibility for the day to day security of large quantities of health or social care personal identifiable and/or sensitive data Those who have access and/or responsibility for the day to day recording of large quantities of health or social care personal identifiable and/or sensitive data in practice Those who are responsible for high levels of data processing Those in a staffing group typically associated with being responsible for information security, or being part of it. Manager and supervisors of data quality and play a part in internal cyber threat detection Managers of functions that are developing, creating or transforming new services. New knowledge may influence the security of such systems or services. (5) Specific job titles of interest: a. Chief Information Officers b. Senior Information Risk Owners c. Caldicott Guardians d. Head of Information Governance or Information Governance Managers e. Privacy Managers f. Information Security Managers g. Information Management and Technology Managers h. Programme/Project Managers involved in system build of redevelopment i. System Developers j. Client Information System or Network Managers k. Compliance Managers - in similar areas as programme/project managing 10 Copyright 2015, Health and Social Care Information Centre. All rights reserved.

11 l. Data Quality Managers m. Clinical informatics specialist Managers n. Service desk Managers o. Head of Patient/Customer Records departments (6) Participants must state how this certification will help their organisation. 3.3 Expressions of Interest dates Open to entries Immediately Closing date for entries 30 th September s letting potential participants know they have been successful or not 5 th October 2015 How will someone with HCISPP help our organisation? As above the pilot is targeting individuals who are close to data processing, data warehousing and in areas where personal confidential data (PCD) is stored. Again this is so that we lay the foundations for health and social care to take Cyber Security with the importance it is due as well as implement such knowledge and skills in practice. The main benefits to organisations are: Solidify front-line defence with staff who are certified healthcare information security and privacy practitioners. To partly help organisations to demonstrate the organisation s proactive commitment to minimizing the risk of breaches. Increase confidence that participants can do the job right. In time, mitigate risk by starting the process of ensuring third-parties that handle PCD have the right checks and balances in place in term s information security. Increase organisational integrity in the eyes of clients and other stakeholders. Ensure practitioners stay current on emerging and changing technologies as well as security and privacy issues related to these technologies through the continuing professional education requirements. So in summary we want to enable people who will be able to influence and promote cyber security as well as set the foundations we need to take cyber security further. Our aim is to: 11 Copyright 2015, Health and Social Care Information Centre. All rights reserved.

12 Ensure that every citizen s data is protected We want to do that with the sector and are providing this as a further opportunity to develop even better relations with Health and Social Care organisations. 12 Copyright 2015, Health and Social Care Information Centre. All rights reserved.

13 Published by the Health and Social Care Information Centre Cyber Security Programme For further information Copyright 2015 Health and Social Care Information Centre. All rights reserved. This work remains the sole and exclusive property of the Health and Social Care Information Centre and may only be reproduced where there is explicit reference to the ownership of the Health and Social Care Information Centre. This work may not be re-used by NHS and government organisations without permission. 13 Copyright 2015, Health and Social Care Information Centre. All rights reserved.

The Next Generation of Security Leaders

The Next Generation of Security Leaders The Next Generation of Security Leaders In an increasingly complex cyber world, there is a growing need for information security leaders who possess the breadth and depth of expertise necessary to establish

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Version: 4 Bodies consulted: Caldicott Guardian, IM&T Directors Approved by: MT Date Approved: 27/10/2015 Lead Manager: Governance Manager Responsible Director: SIRO Date

More information

Information and technology for better care. Health and Social Care Information Centre Strategy 2015 2020

Information and technology for better care. Health and Social Care Information Centre Strategy 2015 2020 Information and technology for better care Health and Social Care Information Centre Strategy 2015 2020 Information and technology for better care Information and technology for better care Health and

More information

All CCG staff. This policy is due for review on the latest date shown above. After this date, policy and process documents may become invalid.

All CCG staff. This policy is due for review on the latest date shown above. After this date, policy and process documents may become invalid. Policy Type Information Governance Corporate Standing Operating Procedure Human Resources X Policy Name CCG IG03 Information Governance & Information Risk Policy Status Committee approved by Final Governance,

More information

KO41(b) Dental Written Complaints. A guide to completing the Dental section of the NHS written complaints collection SCCI SUPPORTING.

KO41(b) Dental Written Complaints. A guide to completing the Dental section of the NHS written complaints collection SCCI SUPPORTING. KO41(b) Dental Written Complaints A guide to completing the Dental section of the NHS written complaints collection 28 April 2015 We are the trusted national provider of high-quality information, data

More information

Cyber Security Consultancy Standard. Version 0.2 Crown Copyright 2015 All Rights Reserved. Page 1 of 13

Cyber Security Consultancy Standard. Version 0.2 Crown Copyright 2015 All Rights Reserved. Page 1 of 13 Cyber Security Consultancy Standard Version 0.2 Crown Copyright 2015 All Rights Reserved Page 1 of 13 Contents 1. Overview... 3 2. Assessment approach... 4 3. Requirements... 5 3.1 Service description...

More information

NATIONAL INFORMATION BOARD

NATIONAL INFORMATION BOARD NATIONAL INFORMATION BOARD Paper Ref: NIB 0403-009 BOARD PAPER National Information Board Leadership Meeting MARCH 2015 Title: Work stream 4: Build and sustain public trust: Deliver roadmap to consent

More information

Version Number Date Issued Review Date V1 25/01/2013 25/01/2013 25/01/2014. NHS North of Tyne Information Governance Manager Consultation

Version Number Date Issued Review Date V1 25/01/2013 25/01/2013 25/01/2014. NHS North of Tyne Information Governance Manager Consultation Northumberland, Newcastle North and East, Newcastle West, Gateshead, South Tyneside, Sunderland, North Durham, Durham Dales, Easington and Sedgefield, Darlington, Hartlepool and Stockton on Tees and South

More information

NHS Procurement Dashboard: Overview

NHS Procurement Dashboard: Overview NHS Procurement Dashboard: Overview November 2013 You may re-use the text of this document (not including logos) free of charge in any format or medium, under the terms of the Open Government Licence.

More information

HR ADVISOR JUNE 2015

HR ADVISOR JUNE 2015 HR ADVISOR JUNE 2015 About Us With a history reaching back more than a century, King Edward VII s Hospital is dedicated to offering its patients the most up to date treatment facilities in the UK. Together

More information

Information Governance Framework and Strategy. November 2014

Information Governance Framework and Strategy. November 2014 November 2014 Authorship : Committee Approved : Chris Wallace Information Governance Manager CCG Senior Management Team and Joint Trade Union Partnership Forum Approved Date : November 2014 Review Date

More information

A Guide to the Cyber Essentials Scheme

A Guide to the Cyber Essentials Scheme A Guide to the Cyber Essentials Scheme Published by: CREST Tel: 0845 686-5542 Email: admin@crest-approved.org Web: http://www.crest-approved.org/ Principal Author Jane Frankland, Managing Director, Jane

More information

ESKISP6046.02 Direct security architecture development

ESKISP6046.02 Direct security architecture development Overview This standard covers the competencies concerned with directing security architecture activities. It includes setting the strategy and policies for security architecture, and being fully accountable

More information

ISO 27001 Information Security Management Services (Lot 4)

ISO 27001 Information Security Management Services (Lot 4) ISO 27001 Information Security Management Services (Lot 4) CONTENTS 1. WHY LEICESTERSHIRE HEALTH INFORMATICS SERVICE?... 3 2. LHIS TECHNICAL ASSURANCE SERVICES... 3 3. SERVICE OVERVIEW... 4 4. EXPERIENCE...

More information

Information Governance Strategy

Information Governance Strategy Information Governance Strategy THCCGCG9 Version: 01 The information governance strategy outlines the CCG governance aims and the key objectives of its governance policies. The Chief officer has the overarching

More information

Information: To Share or not to Share. Government Response to the Caldicott Review

Information: To Share or not to Share. Government Response to the Caldicott Review Information: To Share or not to Share Government Response to the Caldicott Review September 2013 You may re-use the text of this document (not including logos) free of charge in any format or medium, under

More information

Policies for: Information Governance Information Quality Information Management Information Security. Version Control Version: 0.1

Policies for: Information Governance Information Quality Information Management Information Security. Version Control Version: 0.1 Policies for: Information Governance Information Quality Information Management Information Security Approved by: None this version Date approved: Name of originator/author: Ade Oduntan, Mike Hellier,

More information

Information Governance Management Framework

Information Governance Management Framework Information Governance Management Framework Responsible Officer Author Business Planning & Resources Director Governance Manager Date effective from October 2015 Date last amended October 2015 Review date

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Version Version 1 Ratified By Date Ratified PROPOSED FOR APPROVAL 15/11/12 Author(s) Responsible Committee / Officers Date Issue November 2012 Review Date November 2013 Intended

More information

Information Governance Strategy :

Information Governance Strategy : Item 11 Strategy Strategy : Date Issued: Date To Be Reviewed: VOY xx Annually 1 Policy Title: Strategy Supersedes: All previous Strategies 18/12/13: Initial draft Description of Amendments 19/12/13: Update

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Information Governance Policy Issue Date: June 2014 Document Number: POL_1008 Prepared by: Information Governance Senior Manager Insert heading depending on Insert line heading

More information

Information Governance Policy Version - Final Date for Review: 1 October 2017 Lead Director: Performance, Quality and Cooperate Affairs

Information Governance Policy Version - Final Date for Review: 1 October 2017 Lead Director: Performance, Quality and Cooperate Affairs Information Governance Policy Version - Final Date for Review: 1 October 2017 Lead Director: Performance, Quality and Cooperate Affairs NOTE: This is a CONTROLLED Document. Any documents appearing in paper

More information

Security Transcends Technology

Security Transcends Technology INTERNATIONAL INFORMATION SYSTEMS SECURITY CERTIFICATION CONSORTIUM, INC. Career Enhancement and Support Strategies for Information Security Professionals Paul Wang, MSc, CISA, CISSP Paul.Wang@ch.pwc.com

More information

The Cambridge Executive MBA - Seeking Employer Support

The Cambridge Executive MBA - Seeking Employer Support - Seeking Employer Support An Executive MBA is a programme designed for people who have excelled in their career to date and have proved their ambition and drive to succeed and wish to invest in their

More information

Which MPA Assurance Review?

Which MPA Assurance Review? Which MPA Assurance? A guide to choosing which MPA Assurance s to include in the Integrated Assurance and Approvals Plan for your Major Project Version 1.0 March 2012 Copyright and contacts Crown copyright

More information

Graduate Training Profile

Graduate Training Profile Training Position Training Allowance/ Bursary Period of Training Hours/Days Required Placement Organisation Responsible to Special Requirements How to Apply Closing Date NHS Graduate Management Trainee

More information

Information Governance Policy

Information Governance Policy Information Governance Policy Document Number 01 Version Number 2.0 Approved by / Date approved Effective Authority Customer Services & ICT Authorised by Assistant Director Customer Services & ICT Contact

More information

Development. London, with regular travel across England and Wales

Development. London, with regular travel across England and Wales Job Description Job title: Salary grade: Responsible to: Responsible for: Department: Hours of work: Post covers: Located at: Type of contract: Network Relationship Manager E Head of Network Relations

More information

CSSLP INSIGHTS WHY BECOME A CSSLP. The CSSLP Helps You: The CSSLP Helps Employers:

CSSLP INSIGHTS WHY BECOME A CSSLP. The CSSLP Helps You: The CSSLP Helps Employers: Application vulnerabilities continue to top the list of cyber security concerns. While attackers and researchers continue to expose new application vulnerabilities, the most common on application flaws

More information

Information governance in the Department of Health and the NHS

Information governance in the Department of Health and the NHS Information governance in the Department of Health and the NHS Harry Cayton, National Director for Patients and the Public, Chair, Care Record Development Board. Introduction I was asked by the Programme

More information

Profil stručnjaka za informacijsku sigurnost - certificirati se ili ne? Biljana Cerin, CISA, CISM, CGEIT, CBCP, PMP www.ostendogroup.

Profil stručnjaka za informacijsku sigurnost - certificirati se ili ne? Biljana Cerin, CISA, CISM, CGEIT, CBCP, PMP www.ostendogroup. Profil stručnjaka za informacijsku sigurnost - certificirati se ili ne? Biljana Cerin, CISA, CISM, CGEIT, CBCP, PMP www.ostendogroup.com DA! (by Global knowledge & TechRepublic) Top certifications by salary:

More information

JOB DESCRIPTION. 1. JOB TITLE: Senior Project Officer: CRM Business Relationship Management. 4. DEPARTMENT: Learning and Information Services (LIS)

JOB DESCRIPTION. 1. JOB TITLE: Senior Project Officer: CRM Business Relationship Management. 4. DEPARTMENT: Learning and Information Services (LIS) JOB DESCRIPTION 1. JOB TITLE: Senior Project Officer: CRM Business Relationship Management 2. HRMS REFERENCE NUMBER: HRMS/12234 3. ROLE CODE: SPOLIS 4. DEPARTMENT: Learning and Information Services (LIS)

More information

Chief Information Officer

Chief Information Officer Security manager Job description Job title Security manager Location Wellington Group Organisation Development Business unit / team IT Solutions Grade and salary range Pay Group 1, Pay Band 6 Reports to

More information

INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER

INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER INFORMATION GOVERNANCE AND SECURITY 1 POLICY DRAFTED BY: INFORMATION GOVERNANCE LEAD 2 ACCOUNTABLE DIRECTOR: SENIOR INFORMATION RISK OWNER 3 APPLIES TO: ALL STAFF 4 COMMITTEE & DATE APPROVED: AUDIT COMMITTEE

More information

Web Developer Recruitment Pack

Web Developer Recruitment Pack Web Developer Recruitment Pack Money Advice Trust April 2015 Contents Page 3 Page 5 Page 6 Page 7 Page 8 Page 9 Page 10 About us Advert Job description Person specification How to apply Recruitment timetable

More information

(Financial Accounting Team)

(Financial Accounting Team) Job Title: Accounting Technician (Financial Accounting Team) Job Grade: Band 3 Band 4 Directorate: Finance Job Reference Number: P02279 The Role As part of the Financial Compliance Team, you will report

More information

Helping to protect your business and your customers in the event of a data breach

Helping to protect your business and your customers in the event of a data breach Helping to protect your business and your customers in the event of a data breach Equifax Data Breach Assistance helps you respond more quickly and effectively, limiting the reputational damage to your

More information

Information Governance Policy

Information Governance Policy Policy Policy Number / Version: v2.0 Ratified by: Audit Committee Date ratified: 25 th February 2015 Review date: 24 th February 2016 Name of originator/author: Name of responsible committee/individual:

More information

Data Analysis Officer - Service Development Team

Data Analysis Officer - Service Development Team Job Title: Data Analysis Officer - Service Development Team Job Grade: Band 4-5 Directorate: Job Reference Number: Adults, Health and Community Wellbeing P01012 The Role Work closely with the Service Development

More information

Essentials of RESEARCH GOVERNANCE

Essentials of RESEARCH GOVERNANCE Promoting Good Practice in Research Essentials of RESEARCH GOVERNANCE Information for Researchers, Students and Support Staff involved in Health & Social Care Research 2005 Reproduced with the permission

More information

Business Support Service Development Manager

Business Support Service Development Manager Job Profile Job Title: Business Support Service Development Manager Date Completed: 17/12/2014 Job Reference Number: T5CS0021 Tier: Tier 5 Job Band: Band 6 Functional Area: Corporate Services Accountable

More information

Qualification Number: 601/6551/0 Purpose Statement Version 2.0 published 22 April 2016

Qualification Number: 601/6551/0 Purpose Statement Version 2.0 published 22 April 2016 Qualification Number: 601/6551/0 Purpose Statement Version 2.0 published 22 April 2016 The AAT Professional Diploma in Accounting 1 The AAT Professional Diploma in Accounting Who should choose to study

More information

Health care assistants and assistant practitioners Delegation and accountability

Health care assistants and assistant practitioners Delegation and accountability Health care assistants and assistant practitioners Delegation and accountability Nursing Standard Essential Guide NURSING STANDARD ESSENTIAL GUIDE Written by Susan Hopkins, Independent Education Adviser;

More information

Welcome to the McPin Foundation

Welcome to the McPin Foundation Welcome to the McPin Foundation About us: Thank you for your interest in our organisation and this Senior Researcher position. Our aim is to transform mental health research to place people affected by

More information

Helping you reach your potential...

Helping you reach your potential... SKILLS_2_SHARE_PROSPECTUS_2 16/6/10 08:42 Page 2 STRATEGIC AND OPERATIONAL TRAINING AND MANAGEMENT Helping you reach your potential... COURSE PROSPECTUS SKILLS_2_SHARE_PROSPECTUS_2 16/6/10 08:42 Page 3

More information

INFORMATION GOVERNANCE POLICY

INFORMATION GOVERNANCE POLICY INFORMATION GOVERNANCE POLICY Information Governance Policy_v2.0_060913_LP Page 1 of 14 Information Reader Box Directorate Purpose Document Purpose Document Name Author Corporate Governance Guidance Policy

More information

ESKISP6056.01 Direct security testing

ESKISP6056.01 Direct security testing Direct security testing Overview This standard covers the competencies concerning with directing security testing activities. It includes setting the strategy and policies for security testing, and being

More information

ESKISP6064.03 Conducts vulnerability assessment under supervision

ESKISP6064.03 Conducts vulnerability assessment under supervision Conducts vulnerability assessment under supervision Overview This standard covers the competencies required to conduct vulnerability assessments under supervision. This includes following processes for

More information

Policy Document Control Page

Policy Document Control Page Policy Document Control Page Title Title: Information Governance Policy Version: 5 Reference Number: CO44 Keywords: Information Governance Supersedes Supersedes: Version 4 Description of Amendment(s):

More information

CYBER SECURITY Audit, Test & Compliance

CYBER SECURITY Audit, Test & Compliance www.thalescyberassurance.com CYBER SECURITY Audit, Test & Compliance 02 The Threat 03 About Thales 03 Our Approach 04 Cyber Consulting 05 Vulnerability Assessment 06 Penetration Testing 07 Holistic Audit

More information

The Federation for Informatics Professionals. Working in Health and Social Care. Prospectus January 2015

The Federation for Informatics Professionals. Working in Health and Social Care. Prospectus January 2015 The Federation for Informatics Professionals Working in Health and Social Care 1 Contents 1 What is Health and Care Informatics?...3 2 What is the Federation for Informatics Professionals, Fed-IP?...4

More information

The Performance Review Standards

The Performance Review Standards The Performance Review Standards Standards of Good Regulation June 2010 The Professional Standards Authority The Professional Standards Authority for Health and Social Care is the new name for the Council

More information

Rehabilitation Network Strategy 2014 2017. Final Version 30 th June 2014

Rehabilitation Network Strategy 2014 2017. Final Version 30 th June 2014 Rehabilitation Network Strategy 2014 2017 Final Version 30 th June 2014 Contents Foreword 3 Introduction Our Strategy 4 Overview of the Cheshire and Merseyside Rehabilitation Network 6 Analysis of our

More information

Information Governance Framework

Information Governance Framework Information Governance Framework Authorship: Chris Wallace, Information Governance Manager Committee Approved: Integrated Audit and Governance Committee Approved date: 11th March 2014 Review Date: March

More information

Birmingham CrossCity Clinical Commissioning Group. Business Continuity Management Policy

Birmingham CrossCity Clinical Commissioning Group. Business Continuity Management Policy Birmingham CrossCity Clinical Commissioning Group Business Continuity Management Policy Version V1.0 Ratified by Operational Development Group Date ratified 6 th November 2014 Name of originator / author

More information

What does the NHS Constitution mean for me? Can I get involved in decisions about my care?

What does the NHS Constitution mean for me? Can I get involved in decisions about my care? What does the NHS Constitution mean for me? Can I get involved in decisions about my care? Why do we need an NHS Constitution? The NHS belongs to all of us The NHS is there for us from the moment we re

More information

1.5 The Information Governance Policy should be read in conjunction with the Information Governance Strategy.

1.5 The Information Governance Policy should be read in conjunction with the Information Governance Strategy. Title: Reference No: NHSNYYIG - 007 Owner: Author: INFORMATION GOVERNANCE POLICY Director of Standards First Issued On: September 2010 Latest Issue Date: February 2012 Operational Date: February 2012 Review

More information

Job Description. Senior Digital Fundraising Officer. Responsible for line managing (posts) n/a

Job Description. Senior Digital Fundraising Officer. Responsible for line managing (posts) n/a Job Description Job title Reporting to (post) Responsible for line managing (posts) Grade Department/section Hours of work Post covers Located at Type of contract Senior Digital Fundraising Officer Digital

More information

INFORMATION RISK MANAGEMENT POLICY

INFORMATION RISK MANAGEMENT POLICY INFORMATION RISK MANAGEMENT POLICY DOCUMENT CONTROL: Version: 1 Ratified by: Steering Group / Risk Management Sub Group Date ratified: 21 November 2012 Name of originator/author: Manager Name of responsible

More information

Information Security Policy

Information Security Policy Information Security Policy Author: Responsible Lead Executive Director: Endorsing Body: Governance or Assurance Committee Alan Ashforth Alan Lawrie ehealth Strategy Group Implementation Date: September

More information

strategic plan and implementation framework 2013-2018

strategic plan and implementation framework 2013-2018 strategic plan and implementation framework 2013-2018 contents Introduction 3 Strategic Plan 2013-2018 4 Strategic Priorities 4 2 Implementing the Plan 5 Measuring and Monitoring 5 Communicating and Reporting

More information

Toowoomba Classification level: Nurse Grade 12 (1) Salary level:

Toowoomba Classification level: Nurse Grade 12 (1) Salary level: Job ad reference: Role Title: Status: Unit / Facility Division: Hospital and Health Service: Location: DD05121953 Executive Director Nursing and Midwifery Services Permanent full time (Please note future

More information

The Operations Manager will project manage the operations, logistics, finances and people to a high and professional standard.

The Operations Manager will project manage the operations, logistics, finances and people to a high and professional standard. Operations Manager Job Description Resco Resco is an exciting venture inspired by the firm belief that every business has the opportunity to generate social impact, creating positive change in communities.

More information

MOORLAND SURGICAL SUPPLIES LTD INFORMATION GOVERNANCE POLICY

MOORLAND SURGICAL SUPPLIES LTD INFORMATION GOVERNANCE POLICY MOORLAND SURGICAL SUPPLIES LTD INFORMATION GOVERNANCE POLICY Moorland is committed to ensuring that, as far as it is reasonably practicable, the way we provide services to the public and the way we treat

More information

Communication and Engagement Strategy 2014 2017. Final Version 30 th June 2014

Communication and Engagement Strategy 2014 2017. Final Version 30 th June 2014 Communication and Engagement Strategy 2014 2017 Final Version 30 th June 2014 Contents Introduction 4 Strategic Objectives and Role of Communications 6 Communications now and by 2017 7 Communications and

More information

Electronic Palliative Care Co-Ordination Systems: Information Governance Guidance

Electronic Palliative Care Co-Ordination Systems: Information Governance Guidance QIPP Digital Technology Electronic Palliative Care Co-Ordination Systems: Information Governance Guidance Author: Adam Hatherly Date: 26 th March 2013 Version: 1.1 Crown Copyright 2013 Page 1 of 19 Amendment

More information

Vulnerability/Penetration (PEN) Testing (Lot 4) Service: 5.G5.1414.003

Vulnerability/Penetration (PEN) Testing (Lot 4) Service: 5.G5.1414.003 Vulnerability/Penetration (PEN) Testing (Lot 4) Service: 5.G5.1414.003 CONTENTS 1. WHY LEICESTERSHIRE HEALTH INFORMATICS SERVICE?... 3 2. SERVICE OVERVIEW... 3 3. OUR PEOPLE... 6 4. ORDERING AND INVOICING

More information

Delivering e-procurement Local e-gov National e-procurement Project Overarching Guide to e-procurement for LEAs

Delivering e-procurement Local e-gov National e-procurement Project Overarching Guide to e-procurement for LEAs 1. Introduction Background The National e-procurement Project (NePP) and Centre for Procurement Performance (CPP) are working to support and enable schools to meet their e- Government targets and to gain

More information

LCCI International Qualifications. Level 3 Award in Professional Ethics in Accounting and Finance. Syllabus. Effective from: 1 September 2010

LCCI International Qualifications. Level 3 Award in Professional Ethics in Accounting and Finance. Syllabus. Effective from: 1 September 2010 LCCI International Qualifications Level 3 Award in Professional Ethics in Accounting and Finance Syllabus Effective from: 1 September 2010 For further information contact us: Tel. +44 (0) 8707 202909 Email.

More information

Data Protection Policy

Data Protection Policy Data Protection Policy Responsible Officer Author Date effective from July 2009 Ben Bennett, Business Planning & Resources Director Julian Lewis, Governance Manager Date last amended December 2012 Review

More information

NSW Government Digital Information Security Policy

NSW Government Digital Information Security Policy NSW Government Digital Information Security Policy Version: 2.0 Date: April 2015 CONTENTS PART 1 PRELIMINARY... 3 1.1 Scope... 3 1.2 Application... 3 1.3 Objectives... 3 PART 2 POLICY STATEMENT... 4 Core

More information

Guide to the National Safety and Quality Health Service Standards for health service organisation boards

Guide to the National Safety and Quality Health Service Standards for health service organisation boards Guide to the National Safety and Quality Health Service Standards for health service organisation boards April 2015 ISBN Print: 978-1-925224-10-8 Electronic: 978-1-925224-11-5 Suggested citation: Australian

More information

A world of HR at your fingertips

A world of HR at your fingertips A world of at your fingertips Bradfield group 1 Contents The Bradfield Group... 4 Our Services... 11 Training... 6 Implants... 12 Leadership Courses... 7 Projects... 13 The Bradfield Certificate in Leadership...

More information

Information Governance Policy and Management Framework

Information Governance Policy and Management Framework Information Governance Policy and Management Framework Policy Number: IG01 Version: 3.0 Ratified by: Governing Body Date ratified: February 2016 Name of originator/author: Louise Chatwyn Information Governance

More information

Information Management Strategy. July 2012

Information Management Strategy. July 2012 Information Management Strategy July 2012 Contents Executive summary 6 Introduction 9 Corporate context 10 Objective one: An appropriate IM structure 11 Objective two: An effective policy framework 13

More information

NHS Jobs Delivering the future for NHS recruitment

NHS Jobs Delivering the future for NHS recruitment Briefing Since its launch in 2003, (www.jobs.nhs.uk) has become the UK s leading online recruitment service. Dedicated to providing a single point of entry to NHS employment, now provides every NHS trust

More information

The Health Foundation is an independent charity working to improve the quality of healthcare in the UK.

The Health Foundation is an independent charity working to improve the quality of healthcare in the UK. Job description Job title: Reporting to: Salary: Intern in Data Analytics (six months fixed term contract) Data Manager 17,843 per annum (pro rata) Hours per week: 37.5 The Health Foundation The Health

More information

Pol 24/15 Appendix 2. National Policing Fraud Protect Strategy

Pol 24/15 Appendix 2. National Policing Fraud Protect Strategy National Policing Fraud Protect Strategy Draft prepared by the National Police Coordinator for Economic Crime V2.1 February 2015 1 PROTECTING THE COMMUNITY FROM FRAUD Introduction: This is the draft National

More information

INFORMATION GOVERNANCE POLICY & FRAMEWORK

INFORMATION GOVERNANCE POLICY & FRAMEWORK INFORMATION GOVERNANCE POLICY & FRAMEWORK Version 1.2 Committee Approved by Audit Committee Date Approved 5 March 2015 Author: Responsible Lead: Associate IG Specialist, YHCS Corporate & Governance Manger

More information

INFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK

INFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK INFORMATION GOVERNANCE STRATEGIC VISION, POLICY AND FRAMEWORK Policy approved by: Assurance Committee Date: 3 December 2014 Next Review Date: December 2016 Version: 1.0 Information Governance Strategic

More information

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft Cyber Security and Privacy Services Working in partnership with you to protect your organisation from cyber security threats and data theft 2 Cyber Security and Privacy Services What drives your security

More information

Chief Information Security Officer

Chief Information Security Officer Principles Vision Purpose Statement Chief Information Security Officer healthalliance Purpose, Vision and Principles healthalliance provides shared services to benefit NZ health organisations. We will

More information

2015 Information Security Awareness Catalogue

2015 Information Security Awareness Catalogue Contents 2015 Catalogue Wolfpack Engagement Model 4 Campaign Drivers 6 Offerings 8 Approach 9 Engaging Content 10 Stakeholder Change Management 12 Bundles 13 Content 14 Grey Wolf -Track compliance with

More information

Standard 1. Governance for Safety and Quality in Health Service Organisations. Safety and Quality Improvement Guide

Standard 1. Governance for Safety and Quality in Health Service Organisations. Safety and Quality Improvement Guide Standard 1 Governance for Safety and Quality in Health Service Organisations Safety and Quality Improvement Guide 1 1 1October 1 2012 ISBN: Print: 978-1-921983-27-6 Electronic: 978-1-921983-28-3 Suggested

More information

NSW Government Digital Information Security Policy

NSW Government Digital Information Security Policy NSW Government Digital Information Security Policy Version: 1.0 Date: November 2012 CONTENTS PART 1 PRELIMINARY... 3 1.1 Scope... 3 1.2 Application... 3 1.3 Objectives... 3 PART 2 CORE REQUIREMENTS...

More information

NHS Constitution The NHS belongs to the people. This Constitution principles values rights pledges responsibilities

NHS Constitution The NHS belongs to the people. This Constitution principles values rights pledges responsibilities for England 21 January 2009 2 NHS Constitution The NHS belongs to the people. It is there to improve our health and well-being, supporting us to keep mentally and physically well, to get better when we

More information

Cybersecurity Credentials Collaborative (C3) cybersecuritycc.org

Cybersecurity Credentials Collaborative (C3) cybersecuritycc.org Cybersecurity Credentials Collaborative (C3) cybersecuritycc.org October 2015 Collaboration Members Certification Matters The Cybersecurity Credentials Collaborative (C3) was formed in 2011 to provide

More information

Expecting the unexpected. Business continuity in an uncertain world

Expecting the unexpected. Business continuity in an uncertain world Expecting the unexpected Business continuity in an uncertain world National Counter Terrorism Security Office (NaCTSO) The National Counter Terrorism Security Office is a police unit working to the Association

More information

DELIVERING OUR STRATEGY

DELIVERING OUR STRATEGY www.lawsociety.org.uk DELIVERING OUR STRATEGY Our three year plan 2015 2018 >2 > Delivering our strategy Catherine Dixon Chief executive Foreword Welcome to our three year business plan which sets out

More information

Business Continuity Policy and Business Continuity Management System

Business Continuity Policy and Business Continuity Management System Business Continuity Policy and Business Continuity Management System Summary: This policy sets out the structure for ensuring that the PCT has effective Business Continuity Plans in place in order to maintain

More information

Information about research

Information about research Information about research Welcome to Papworth Hospital a focus on research As a specialist centre we pride ourselves on the quality of care that we provide for our patients. Knowledge in health care

More information

Guidance. Injection: Crafts Council s business development scheme Guidelines for Applicants. Crafts Council Registered Charity Number 280956

Guidance. Injection: Crafts Council s business development scheme Guidelines for Applicants. Crafts Council Registered Charity Number 280956 Guidance Injection: Crafts Council s business development scheme Guidelines for Applicants Crafts Council Registered Charity Number 280956 01 Injection: Crafts Council s business development scheme Guidelines

More information

Safeguarding U.S. Cyber Assets with Well-Balanced, Proven Information Security Professionals

Safeguarding U.S. Cyber Assets with Well-Balanced, Proven Information Security Professionals Safeguarding U.S. Cyber Assets with Well-Balanced, Proven Information Security Professionals The U.S. government stands at a critical juncture in its cybersecurity efforts. As a country we face increasingly

More information

INTERNATIONAL SOS. Data Protection Policy. Version 1.05

INTERNATIONAL SOS. Data Protection Policy. Version 1.05 INTERNATIONAL SOS Data Protection Policy Document Owner: LCIS Division Document Manager: Group General Counsel Effective: December 2008 Revised: 2015 All copyright in these materials are reserved to AEA

More information

PUBLIC HEALTH LIMITED OPEN CALL SCHEME (LOCS) PHA202 RESEARCH BRIEFING

PUBLIC HEALTH LIMITED OPEN CALL SCHEME (LOCS) PHA202 RESEARCH BRIEFING Introduction PUBLIC HEALTH LIMITED OPEN CALL SCHEME (LOCS) PHA202 RESEARCH BRIEFING Following publication of its new national health research strategy Best Research for Best Health (DH 2006a), the Department

More information

Qualification details

Qualification details Qualification details Title New Zealand Diploma in Organisational Risk and Compliance (Level 6) Version 1 Qualification type Diploma Level 6 Credits 120 NZSCED 080317 Quality Management DAS classification

More information

Modernising Scientific Careers. Scientist Training Programme (STP) Recruitment 2012. Frequently Asked Questions

Modernising Scientific Careers. Scientist Training Programme (STP) Recruitment 2012. Frequently Asked Questions Modernising Scientific Careers Scientist Training Programme (STP) Recruitment 2012 Frequently sked Questions 1 Contents General Questions Page 1 Which Universities will be offering the accredited Masters

More information

November 2014 March 2015

November 2014 March 2015 November 2014 March 2015 April 2015 1 Executive Summary & Acknowledgements Background Aims Objectives National context Local context - Trafford School Nurse Service Methodology Project Outline Firs Primary

More information

Information Paper The Roles and Domain of the Professional Accountant in Business

Information Paper The Roles and Domain of the Professional Accountant in Business Information Paper The Roles and Domain of the Professional Accountant in Business Published by the Professional Accountants in Business Committee Professional Accountants in Business Committee International

More information

Position Description. Department: Quantitative Research Direct Reports: Project Manager/Researcher Senior Researcher

Position Description. Department: Quantitative Research Direct Reports: Project Manager/Researcher Senior Researcher Position Description Position Title: Research Director (Quantitative) Reports to: Executive Director, Research Department: Direct Reports: Project Manager/Researcher Senior Researcher Date: 03/10/2011

More information