IT managers cite cyber security as key to NHS transformation

NHS IT managers have stressed the need to bolster cyber security within healthcare in order to improve patient care and public trust in Britain’s Health Service.

According to research conducted by cyber security firm Palo Alto Networks , nine in 10 NHS IT decision-makers believe that prioritising cyber security is key to unlocking the potential of digitisation.

It suggests that building resilience against cyber-threats and educating staff in data protection would allow the NHS to make better use of new technologies, by reducing the risks associated with them.

Dave Allen, regional vice president of Western Europe at Palo Alto, said: “Digitisation can reap considerable benefits for NHS patients and staff, yet the capacity to save money and improve patient care through more seamless, digital processes is dependent on how the NHS leverages cybersecurity to maintain trust, while capitalising on its exponential data growth.”

Palo Alto’s research was based on the responses of 100 participants in August 2017. Just under half (49%) of those surveyed said that cyber security would improve operational efficiency within the NHS, with 83% saying this would deliver “substantial” cost-savings as a result.

A further 65% said that better cyber security would improve patient trust –  a quarter of IT managers believed that patients had “minimal trust” in how the NHS stores their information, while 16% felt that patients had “very little” confidence in how the NHS might use their data.

Recent research from Digital Health Intelligence found that 28% of acute NHS trusts and 16% of mental health trusts had not undertaken penetrative testing for cyber security in the last 12 months.

The same research also found that 67% of acute trusts and 77% of mental health trusts had not undertaken on-site cyber security assessments as part of the NHS Digital CareCERT Assure initiative.

While IT managers agreed on the importance of fostering a cyber-ready culture within the NHS, only 41% felt that all staff – including doctors, nurses and administrators – should receive specific cyber security training.

On the hot topic of GDPR, IT-decision makers appear confident with the upcoming changes to data protection – 83% claimed to have received guidance from senior management about compliance, while 95% say they knew what they needed to do, to comply.

Optimistically, 58% said they believed the NHS would be ready for GDPR by May 2018, and 16% felt that the NHS was already compliant. Even so, the majority of IT managers still recognised that more work needed to be done, with 77% saying their organisation’s IT systems required improvements to ensure data-handling compliance.

Allen said preventing successful cyberattacks “will be paramount in reducing disruption to medical services and improving patient trust, leading to the greater ability to use data to improve health outcomes.”