Feral and Shadow IT systems in the NHS. 040319 - Maidstone and Tunbridge Wells NHS Trust

1. Does your Trust have a policy relating to shadow IT and feral systems? If yes, can you provide a copy of that policy?

2. Has your Trust carried out a recent audit of shadow IT and feral systems?

3. If Yes, can we have a copy of that audit? If No, will you provide an estimate of the number of such systems in your Trust?

4. If you are unable to identify ALL shadow IT and feral systems, will you explain how you intend to meet your obligations under GDPR?

5. Do you have a picture of how many feral systems adhere to NHS national data standards?

6. Are shadow systems currently covered under your trust’s Cyber Security policies and IG Toolkit?