Healthcode, the specialists in online technology for the private healthcare sector, have been accredited by the Government-backed Cyber Essentials scheme* which aims to safeguard UK businesses from the threat of cyber criminals.
To be awarded its Cyber Essentials certificate, Healthcode passed an external evaluation to verify its systems and all end-user devices such as PCs and mobiles were robustly protected from cyber-attack and data loss. The company demonstrated its adherence to national best practice standards in five key areas:
- Ensuring secure access to networks
- Configuring systems to minimise vulnerability to cyber attack
- Restricting access to data and services to authorised users
- Ensuring all applications are equipped with the latest security updates
- Maintaining up-to-date virus and malware protection.
As a provider of managed online services to independent practitioners, hospitals including NHS Private Patient Units (PPUs) and insurers, Healthcode processes sensitive healthcare and financial data on behalf of its customers and their patients, clearing more than £3bn worth of medical invoices each year. In recognition of its responsibility, the company has always been committed to the highest standards of data protection using a range of measures including the use of a private, dedicated infrastructure which is physically located in the UK; encryption in accordance with internet banking conventions; compliance with international information security standards (ISO/IEC 27001:2013); and regular resilience testing.
Raj Patel, Healthcode’s Information Governance and Data Protection Officer, commented: “We are delighted that our rigorous approach to information security has been certified by the Cyber Essentials programme as it should give our customers further reassurance that their sensitive data is safe in our hands.
“Healthcode believe technology should protect the healthcare sector from cyber criminals and not become its Achilles heel as it did when NHS systems were hit by the WannaCry cyber-attack in 2017. This principle has also led us to develop products and services so practitioners can meet their own ethical and legal obligations to protect patient information. These include our GDPR toolkit which helps practices comply with current data protection law and healthDrive, our secure file storing and sharing tool.”
Peter Connor, Healthcode Managing Director, added: “This additional accreditation is an important step for Healthcode. As well as showing our commitment to protecting our customers’ data, we need Cyber Essentials certification so we can continue to win contracts with NHS Private Patient Units. This is an expanding part of the private healthcare market and we believe Healthcode’s secure and online services are the perfect fit for PPUs wishing to streamline their billing and administration.”
Further information
* For further information about the national Cyber Essentials scheme, visit the website at https://www.cyberessentials.ncsc.gov.uk/