Coventry & Warwickshire COVID-19 Portal

It is recognised in current circumstances that you have been supported to work from home. 

However, there are a number of practical issues which need to be considered and you need to ensure that you employ the same security considerations as you would when you are working from the office/practice. 

• You are responsible for ensuring the security of information within your home; this also applies to paper documents. Staff responsibilities regarding security and confidentiality continue to apply to all home workers 

• Home workers who transport equipment, i.e. laptops and/or paper documents must not leave these in an unattended vehicle at any time 

• Under no circumstance should staff send emails containing patient or staff identifiable data, or any other confidential email, to personal, unsecure email accounts (i.e. Hotmail, Yahoo, Google) 

• Removable media may be used to store and share NHS information where a specific business purpose has been identified. This must be physically protected against loss, damage, abuse or misuse, when stored and in transit 

• You will need to ensure that you have access to and know how to connect via a VPN (Virtual Private Network)

o Instructions have been sent out however if you are having difficulties please contact the IT Service Desk for advice about setting up a VPN connection – please note they are exceptionally busy so this may take a little time. Please be patient. 

o Never leave the VPN session unattended 

o Once you have finished working, ensure all applications within the VPN session are closed 

o Navigate to the start menu and disconnect the session 

o Ensure that you log out of the VPN portal - whilst we have significantly increased capacity the numbers of users have also increased significantly too

• When leaving a laptop/computer for any amount of time, either log out or lock the screen (press ‘windows’ + ‘L’ keys at the same time)

• NHSD encourage the use of videoconferencing to carry out consultations with patients and service users. This could help to reduce the spread of COVID-19. Your practice has been provided with the details to do this via AccuRX

• Where it is not possible to use IT equipment issued by your NHS IT provider, you are permitted to use personal devices. You must liaise with your IT provider to let them know that you intend to use a personal device so that they can set up a VPN connection and you must ensure that you follow all local procedures and guidance and be mindful of your responsibilities in relation to data protection where this is the case  

• Personal devices can be used to support video conferencing for consultations, mobile messaging and home working where there is no practical alternative

• When using personal devices, reasonable steps should be taken to ensure security of data, i.e. setting a strong password; using secure channels to communicate e.g. tools/apps that use encryption; and not storing personal/confidential patient information on the device unless absolutely necessary and appropriate security is in place.

• When using a personal device, check that your internet access is secure (e.g. use a VPN and/or if possible avoid public wi-fi) 

• Where there is a breach of confidentiality or loss of data or information asset, this must be reported and managed via the incident reporting process and in accordance with Incident Reporting and Information Governance policies. 

If you experience any issues please contact the ICT Service Desk on 01926 626200 or support@swft.nhs.uk

In addition, please familiarise yourself with the latest advice from the ICO and NHSD in relation to Information Governance and Data Protection: