Plans to strengthen NHS cyber security announced

Department of Health and Social Care has announced a new multi-million pound Microsoft package to ensure NHS systems have the most up-to-date software with the latest security settings.

The deal with Microsoft will ensure all health and care organisations are using the latest Windows 10 software with up-to-date security settings to help prevent cyber attacks.

Since 2017 the government has invested £60 million to address cyber security weaknesses. A further £150 million will be spent over the next 3 years to improve the NHS’s resilience against attacks. This will include setting up a new digital security operations centre to prevent, detect and respond to incidents.

The centre will:

  • allow NHS Digital to respond to cyber attacks more quickly
  • allow local trusts to detect threats, isolate infected machines and kill the threat before it spreads

Other measures to improve cyber security include:

  • £21 million to upgrade firewalls and network infrastructure at major trauma centre hospitals and ambulance trusts
  • £39 million spent by NHS trusts to address infrastructure weaknesses
  • new powers given to the Care Quality Commission to inspect NHS trusts on their cyber and data security capabilities
  • a data security and protection toolkit which requires health and care organisations to meet 10 security standards
  • a text messaging alert system to ensure trusts have access to accurate information – even when internet and email services are down

Health and Social Care Secretary Jeremy Hunt said: “We know cyber attacks are a growing threat, so it is vital our health and care organisations have secure systems which patients trust. We have been building the capability of NHS systems over a number of years, but there is always more to do to future-proof our NHS against this threat.”