NHS England has started transitioning from using the NDG 10 data security standards as the assessment mechanism for the NHS Data Security and Protection Toolkit.

The body is moving to the Cyber Assessment Framework (CAF) because the rapidly changing landscape of technology and cyber threats requires the more advanced approach the CAF provides.

The move, which is part of the Department of Health and Social Care's cyber security strategy for health and social care: 2023 to 2030, aims to align health and care with cyber resilience standards across other sectors.

Dr Nicola Byrne, the National Data Guardian, said: ‘I fully support this transition to the CAF. It represents a positive evolution, offering organisations a more current framework for evaluating and improving their data protection and cyber resilience.

‘I remain committed to supporting NHS England in maintaining and advancing the highest standards of data security across health and care.'

NHS England said it will notify organisations when it is their turn to transition and guide them through the process.