Data and Information stored within the many Health and Social Care (HSC) information systems represents HSC’s most valuable asset so there is a need to develop an environment within which information systems and networks can be secure.
The Data Protection Act (1998) defines a legal basis for UK organisations to take steps to ensure that personal data is adequately protected by placing a legal obligation on them to do so.
HSC ICT Security Policy Version 1.19 document