Website of the Department of Health

Please note that this website has a UK government access keys system.

Main menu

Page menu

Publications

Information Security Management: NHS Code of Practice

Document type:

Guidance
Author:

Department of Health
Published date:

24 April 2007
Primary audience:

Health and social care professionals
Gateway reference:

7974
Pages:

32
Supersedes/replaces:

HSG (96)15: NHS information management and technology security manual
Copyright holder:

Crown

The Information Security Management: NHS Code of Practice is a guide to the methods and required standards of practice in the management of information security for those who work within or under contract to, or in business partnership with NHS organisations in England. It is based on current legal requirements, relevant standards and professional best practice.

This Code of Practice replaces:
HSG 1996/15 – NHS Information Management and Technology Security Manual
The Code provides a key component of information governance arrangements for the NHS. It is part of an evolving information security management framework because risk factors, standards and practice covered by the Code will change over time.
The guidelines contained within the Code of Practice apply to NHS information assets of all types.

Download Information Security Management: NHS Code of Practice (PDF, 340K)

Additional links

Ordering publications

Contact details for obtaining hard-copy DH publications.

Ordering publications

Help viewing PDFs

Help viewing PDFs

Useful tips to ensure you get the most from PDFs and the free Reader program. Topics covered include accessibility, troubleshooting and searching files.