Does training, in the sense of information governance, have any real meaning when it comes to benchmarking NHS data security?
Sure, user awareness paints part of the picture but it’s more an impressionistic landscape than a photo-realistic portrait if you ask me. Nobody did ask me, but a couple of months ago I gave my opinion anyway on the importance of awareness training when I wrote “NHS staff are both the weakest link and potentially the strongest defence when it comes to security threats. Awareness training, proper hands-on, dynamic, meaningful systems and not just some checkbox-ticking exercise, must be a mandatory part of every staff onboarding programme. CareCERT Assure, Knowledge and React programmes are all doing their bit, but I fear they won’t be enough.”