23/24 MIAA Insight Series - Digital Systems Fraud Prevention through Transactional Monitoring
NHS organisations need to understand their exposure to fraud risks and should assess themselves to understand their level of fraud risk vulnerability. This assessment should include the risks posed by Digital systems.
The NHS Data Security and Protection Toolkit (DSPT) requires, under assertion 6.3.4:
- All new digital services that are attractive to cyber criminals (such as for fraud) are implementing transactional monitoring techniques from the outset.
- Completion of an assessment of which new (implemented in the last 12 months) services are susceptible to fraud and confirmation that transactional-level monitoring has been implemented to assist in the identification of potential instances of fraudulent activity.
- Transactional monitoring should be referenced in systems / services requirements documentation.
This document outlines the steps organisations should consider when implementing transactional monitoring to help prevent digital systems fraud.
