Information is an asset and like other important business assets it has value to an organisation and needs to be suitably protected. Information security and incident prevention protects information from a wide range of threats in order to ensure business continuity.
Confidentiality, Availability and Integrity
There are 3 essential standards crucial to Information Security which are:
Confidentiality - ensuring that information is accessible to those authorised to have access
Integrity - safeguarding and completeness of information and processing methods
Availability - ensuring that authorised users have access to information and associated assets when required
In today's competitive business environment, such information is constantly under threat from many sources. These can be internal, external, accidental or malicious.
Information Security Management: NHS Code of Practice
A Code of Pratice has been published by the Department of Health as a guide to the methods and standards of practice in the management of information security for those who work in or for the NHS. Its purpose is to identify and address security management in the processing and use of personal identifiable information and is based on current legal requirements, relevant standards and professional best practice.
To view the Information Security: NHS Code of Practice, please click here.