CareCERT uses SMS alerts to boost secure NHS communications for cyber incidents

NHS Digital has established an additional effective and secure system to deliver essential cyber security updates across the whole NHS.

During major security incidents, CareCERT bulletins and updates can now be sent out using short message service (SMS) alerts, following a successful pilot. Contacts in Acute, Ambulance and Mental Health Trusts, Clinical Commissioning Groups and Commissioning Support Units can receive the alerts through this additional channel.

SMS will be used to issue an alert to highlight a high severity security incident, followed by another which signpostscolleagues to NHS Digital’s external website for the latest information from CareCERT’s specialist team. CareCERT works closely with the National Cyber Security Centre (NCSC) during major incidents and analyses multiple intelligence sources to ensure that users are provided with expert guidance.

The alerts are sent using the free government alert service, GOV.UK Notify. Messages can be sent to NHS organisations across the country without the need for NHS Mail or any other national applications.

The team is also working with the National Cyber Security Centre (NCSC) to establish a professional network of IT and security professionals in health and care who could share invaluable insights during a cyber-attack in a secure online environment. .

The pilot uses the NCSC Cyber Security Information Sharing Partnership (CiSP) forum, which is already used to discuss local challenges, recommendations and good practice but has the added benefit of being able to add private groups. In the event of a large-scale incident, representatives from affected organisations can be invited to a closed group to discuss their situation in a private and secure setting, with the ability to receive intelligence that could not be openly shared.

Toby Griffiths, Innovation & Development Lead at the Data Security Centre, said: “Finding a secure way to communicate nationally with NHS organisations during a major incident was a priority for us following the WannaCry incident in May. SMS was identified as an appropriate solution following feedback from users affected by WannaCry, as it offers an additional level of resilience beyond the standard channels used for sharing CareCERT updates. We want to take that a step further by building a professional network across the NHS through online collaboration. The NCSC forum allows us to share information securely that we might not otherwise be able to share.

“CareCERT is the official source of advice, guidance and national incident response for data security in health and care.Strengthening our communications in this way will ensure that key contacts are receiving critical updates during major incidents, especially when they might not have access to their email or work computer.”

Any organisation not already signed up through CareCERT Collect should request sign-up by emailing