National guidance has been published today, setting clear expectations for health and care businesses who want to utilize cloud services or data offshoring to store individual data.
The advice will make sure that organisations know how to use these options securely and safely, especially in the light of this fact that tighter constraints on the processing and transfer of private data are being caused through the launch of the General Data Protection Legislation (GDPR) in May.
The criteria will allow NHS organisations to profit from the flexibility and cost savings.
The document also emphasizes the benefits for businesses deciding to utilize cloud infrastructure. These include cost savings associated with not having to buy and maintain hardware and applications, and comprehensive backup and quick recovery of systems. Collectively these features cut the risk of health data not being available because of hardware failure.
It provides a more detailed explanation that will help companies comply with expected criteria when choosing to adopt these technologies. It sets out the legalities and best practice about how data ought to be saved and used.
Rob Shaw, Deputy Chief Executive in NHS Digital, stated: “It is for individual businesses to decide if they want to utilize data and cloud offshoring however there are a massive variety of benefits in doing this, for example greater data protection protection and reduced running costs when applied effectively.
“The advice being published today provides better clarity about how these technologies may be used and how data, including confidential individual data, can be securely handled.”
The guidance makes it clear the data must only be hosted within the UK, the European Economic Area, in most nations deemed sufficient from the EU, or in the US where it’s covered by the Privacy Shield.
NHS Digital has worked in partnership with the Department of Health, NHS England and NHS Development to create the advice.