9. e-Learning – data security awareness – frequently asked questions

Q: Who needs to complete the data security awareness level one training?

The National Data Guardian (NDG) Review requires that all NHS staff undertake appropriate annual data security training and pass a mandatory test. This also includes non-permanent staff that have access to personal confidential information.

The NDG data standards requirements relating to staff are listed below:

  1. All staff ensure that personal confidential data is handled, stored and transmitted securely, whether in electronic or paper form. Personal confidential data is only shared for lawful and appropriate purposes.
  2. All staff understand their responsibilities under the National Data Guardian’s data security standards, including their obligation to handle information responsibly and their personal accountability for deliberate or avoidable breaches.
  3. All staff complete appropriate annual data security training and pass a mandatory test, provided through the revised information governance toolkit.

 

Q: How do I access the data security learning?

Self-registration on e-learning for healthcare (e-LfH)

Please click on the following link if you would like to register to access this learning material: https://nhsdigital.e-lfh.org.uk/

  • If you already have an account with e-LfH, sign in and search for data security to access the course.  
  • If you don’t have an account with e-LfH, click the register button and complete the registration form. You will then receive confirmation email from e-LfH. Follow the instructions in the email and once logged in, search for data security to access the course.

Organisation registration

If you are representing your organisation and would like to register a large number of employees, please follow the link below and complete the online form (survey). A member of the e-LfH support team will be in touch to discuss your requirements https://healtheducationyh.onlinesurveys.ac.uk/nhs-digital-data-security-awareness

Via the Electronic Staff Record (ESR)

If your organisation is registered with ESR with access to e-learning, please contact your local team.

 

Q: How long will it take to complete the learning?

The learning is split into four modules with an additional “welcome module”. Each module takes around 20 minutes to complete, can be completed in any order and concludes with an assessment.

 

Q: Do I get a certificate for completing the training?

The e-LfH system will record the pass marks and issue a certificate on successful completion of the five modules. The ESR system records a pass on the user’s record.

 

Q: What are the topics covered?

The topics covered in the four data security modules are:

  1. Introduction to data security awareness
  2. Introduction to the law
  3. Data security - protecting information
  4. Breaches and incidents.

Should you require more information about what is included within each module, please contact the NHS Digital contact centre: enquiries@nhsdigital.nhs.uk

 

Q: What is the pass mark?

The pass mark is 80% for each of the four modules.

 

Q. Can I only take the assessment without the need to go through all modules?

A separate assessment module has been created so that it is possible for the learner to only complete the assessment without the need to complete all other modules. A Pass or Fail mark will be recorded within the learners My Activity Reports section within the e-LfH hub. However, in order to get a certificate within the e-LfH hub, a learner must complete all five modules.

Q. Can my organisation develop a separate learning package?

Yes. The UK Caldicott Guardian Council has stated “that learning objectives are still considered met in those organisations that are adapting the e-learning package locally”. 

The UK Caldicott Guardian Council recognises there is a valid requirement to be able to adapt e-learning locally. 

Locally produced training will be reported to and signed off by the local organisation’s SIRO or Caldicott Guardian and all staff completing the training will have to achieve the 80% pass mark.

Details of the content of the Data Security Awareness Training to compare to local training are available on:

https://portal.e-lfh.org.uk/Component/Details/544182 
 

Q: How do I request administration rights for my organisation (for reporting purposes)?

Click on the following link to request administration rights:  https://millennium.kayako.com/nhsdigital/Tickets/Submit/ 

For information on the authorisation process for reporting, please visit:

http://support.e-lfh.org.uk/my-activity/reports/what-is-the-authorisation-process-for-organisations-to-run-reports-on-their-staff/

  

Q: How does my organisation obtain a SCORM (Sharable Content Object Reference Model) version so we can host the course on our own LMS?

Click the link below and fill in the online form to request access. A member of the e-LfH support team will be in touch to discuss your requirements:

https://millennium.kayako.com/nhsdigital/Tickets/Submit/

  

Q: I work for a commercial third party currently undertaking the IG Toolkit assessment and provides services to the NHS. How do I gain access to the training?

If your organisation already has an ODS code, click the link below and fill in the online form to request access. A member of the e-LfH support team will be in touch to discuss your requirements: https://millennium.kayako.com/nhsdigital/Tickets/Submit/

 

Q: My organisation does not have an ODS code, how do I apply for one?

For ODS enquiries, please call the Exeter Helpdesk: 03003 034 034 or email: exeter.helpdesk@nhs.net

 

Q: Will there be any specialist training for this offered by NHS Digital this financial year?

Additional data security accredited training is being offered by NHS Digital this year, see https://www.dsptoolkit.nhs.uk/News/42 and keep an eye out on the news page for further details as they become available.

 

Q. Is there additional training for SIRO/Caldicott Guardians?

There are no plans to provide SIRO or Caldicott Guardian training at present. 
There are workbook and powerpoint materials available here: https://www.igt.hscic.gov.uk/NewsArticle.aspx?tk=434156424042750&lnv=1&cb=eef2f1d4-4405-4e82-a711-e21978fa8340&artid=170&web=yes  

Q. Does the current level 1 content include GDPR? If not, when do you intend to update it to include GDPR?

Yes it has been updated to include GDPR. Staff are not expected to repeat this years training if they have completed it already this financial year.

 

Q: Is there a cost to access the learning?

No.

 Q: Have the data security awareness questions been incorporated into the ELearning yet?

Yes staff completing the Data Security Awareness Training via the E-LfH platform will be asked to compelte the survey questions once they have completed the training. A random sample of 5 of the 17 possible questions will be asked of staff to mimnimse the time taken. 

 Q: How can we find out what our staff have answered in the survey?

In the admin tool of the E-LfH platform you can view reports of the number of staff who have answered the different alternative on each of the question. This will allow you to integrate it with any other soures to calculate your response to the Staff Awareness questions in the Toolkit.

Contact details

For queries regarding content, please contact the NHS Digital contact centre: enquiries@nhsdigital.nhs.uk

For support with technical, registration, password or access queries, please contact e-learning for Healthcare support team: https://millennium.kayako.com/nhsdigital/Tickets/Submit/