Health written question – answered at on 12 October 2011.
To ask the Secretary of State for Health what assessment he has made of the adequacy of the safeguards in the Personal Demographics Service to prevent illegal access to personal information.
The Personal Demographics Service (PDS) resides within a fully private network known as N3. The service can only be accessed from within this private network or through centrally managed and assured gateways such as the secure Government network (GCSX). If an attacker manages to gain access to the national health service private N3 network they would then have to break through many separate layers of tiered architecture with each tier being protected by industry grade firewalls of different manufacture to access the database. The firewalls are supported by intrusion detection systems, and other multiple security measures which routinely monitor network traffic and alert upon detection of suspicious activity.
Local access to the PDS is controlled by local organisations and each organisation is legally responsible for compliance with the Data Protection Act and other relevant legislation. This requires that they put in place appropriate technical and organisational measures to prevent unauthorised or unlawful processing of personal data such as that held by the PDS. Organisations with access to the PDS are expected to complete and publish an annual assessment of the adequacy of their safeguards through the NHS Information Governance Toolkit.
Yes2 people think so
No1 person thinks not
Would you like to ask a question like this yourself? Use our Freedom of Information site.