NHS Digital have issued new guidance about the hosting of NHS and Social Care data, including guidance as to how off-shoring can be used.
This means a couple of things:
- No longer the case that data can only be stored within English data centres
- The OFFICIAL categorisation means no special security requirements are put on NHS and Social Care data over and above the usual security requirements - no ‘special snowflake’ treatment
Of course, making use of off-shoring will need all of the same risk assessments and governance frameworks in place - this does not just mean “it’s safe to store data off shore” - it means “it’s ok to store it off-shore if you can guarrantee the security just as you would on-shore”.