Yorkshire and Humber Care Record is committed to protecting the data and systems to which it is responsible.
In order to measure the effectiveness of the controls and measures in place Yorkshire and Humber Care Record test against a wide range of security and data governance standards, these include:
In practise these are all interlinked and provide an efficient way of measuring the full data protection lifecycle.

Penetration Testing and Vulnerability Assessment
Yorkshire and Humber Care Record conduct a robust routine of vulnerability scanning and penetration testing of all its service offerings. This is achieved through a diverse and mixed testing portfolio ranging from in-house automated testing, manual in-house testing, and external third-party testing. Results from these tests are then fed into the Continual Service Improvement cycle in order to maintain appropriate industry-standard security protocols.

NHS Data Security and Protection Toolkit
The Data Security and Protection Toolkit is an online self-assessment tool that allows organisations to measure their performance against the National Data Guardian’s 10 data security standards.
All organisations that have access to NHS patient data and systems must use this toolkit to provide assurance that they are practising good data security and that personal information is handled correctly.