DSPT 2022/2024 Question Support

  • 4.3.1 Have all the administrators of your organisation’s IT system(s) signed an agreement to hold them accountable to higher standards? The people within your organisation who are IT system administrators may have access to more information than other staff. Therefore, they need to be held accountable in a formal way to higher standards of confidentiality than others. This requirement applies to IT system administrators working in external companies who support your organisation’s IT systems This formal agreement could be part of a job description or a contract with your IT support company and/or systems supplier/s.  YES

 

  • 4.4.1 The person with responsibility for IT confirms that IT administrator activities are logged and those logs are only accessible to appropriate personnel. IT Support staff typically have high level access to systems. The activities of these users should be logged and only available to appropriate personnel.  YES

 

  • 6.2.1 Do all the computers and other devices used across your organisation have antivirus/antimalware software which is kept up to date?  This applies to all servers, desktop computers, laptop computers, and tablets. Note that antivirus software and antimalware software are the same thing – they both perform the same functions. You may need to ask your IT supplier to assist with answering this question. YES (We use Panda WatchGuard Adaptive Defence 360) .

 

  • 9.1.1 Does your organisation make sure that the passwords of all networking components, such as a Wi-Fi router, have been changed from their original passwords? Networking components include routers, switches, hubs and firewalls at all of your organisation’s locations. Your organisation may just have a Wi-Fi router. This does not apply to Wi-Fi routers for people working from home. You may need to ask your IT supplier to assist with answering this question. YES

 

  • 10.2.1 Do your organisation’s IT system suppliers have cyber security certification? YES

The attached document is the certificate for the above question.

 

Cyber Essentials Plus

Does your organisation have Cyber Essentials PLUS Certification with a scope covering all health and care data processing awarded during the last 12 Months?  NHS North West London IT , who provides the core IT support for Primary Care organisations within NWL ICB, is CE Plus certified.

 

Accessibility tools

Return to header