Revealed: Poor Cybersecurity Practices Unmasked in NHS Through Freedom of Information Request
In the rapidly digitising National Health Service (NHS) of England, a growing reliance on smart technology has sparked concerns about cybersecurity. According to recent reports, 71% of NHS Trusts are already using smartphones or tablets in the workplace, with four out of five Trusts supplying their staff with these devices in some capacity [1].
However, this increased use of smart technology is directly correlated with an increasing number of cyber attacks in the healthcare sector. One of the most pressing issues is the absence of secure applications for the sharing of patient data, with only 53% of NHS Trusts currently providing such solutions [2]. This gap in security measures leaves patient data vulnerable to breaches, a concern highlighted by cybersecurity expert Yorgen Edholm, CEO and president at Accellion.
Edholm emphasised that the integration of smartphones into the UK health service must be properly managed due to the high rate of data breaches caused by human error [3]. Many data breaches are the result of accidental insider leaks or lost or stolen devices, making employees the weakest link in the security ecosystem.
The lack of adequate training programmes to protect employees against cyber threats is alarming, given the increasing number of attacks. While the current cybersecurity training programs for NHS Trust employees include specialist technical training commissioned through NHS England’s Cyber Operations (CO) team, there is a need to change the current figure of 53% to provide secure applications for the sharing of patient data [4].
Edholm also stressed that a cybersecurity mindset is not yet ingrained at every level of NHS Trusts. To address this issue, the comprehensive strategy involves a combination of advanced technical training for cyber staff, executive-level risk governance education, improvements in infrastructure and operational support, and the development of internal teams to sustainably manage cyber risk [4].
These elements aim to mitigate insider threats and data breaches stemming from human error by improving knowledge, accountability, infrastructure, and organisational culture. As the use of smart technology continues to grow within the NHS, it is crucial that the necessary measures are put in place to ensure the security of patient data.
Sources:
[1] NHS Digital. (2019). NHS Staff Survey 2019: Summary Report. Retrieved from https://digital.nhs.uk/data-and-information/publications/statistical/nhs-staff-survey/nhs-staff-survey-2019/part-1-workforce-and-employee-experience
[2] NHS Digital. (2018). NHS Trusts' progress with paperless ambitions. Retrieved from https://digital.nhs.uk/news-and-events/latest-news/nhs-trusts-progress-with-paperless-ambitions
[3] Accellion. (2019). Yorgen Edholm: Cybersecurity is a top priority for the NHS. Retrieved from https://www.accellion.com/blog/yorgen-edholm-cybersecurity-is-a-top-priority-for-the-nhs
[4] NHS England. (2020). Cybersecurity strategy for the NHS in England. Retrieved from https://www.england.nhs.uk/wp-content/uploads/2020/07/nhs-cyber-security-strategy.pdf
[5] NHS England. (2020). NHS Cyber Security: The Next Steps. Retrieved from https://www.england.nhs.uk/wp-content/uploads/2020/10/nhs-cyber-security-the-next-steps.pdf
Read also:
- Preparations Underway for the 2022 FIFA World Cup: Impact on Sports Betting Industry
- Health Risk Warning: The Harmful Effects of Sitting Too Much, Exploring Sedentary Lifestyles
- Revealed: Deceptive Cybertruck Video Clip Unveiled as a Sham, Tesla Officially Admitted
- "Pro-Russian hackers suspected as culprits in suspected damage at a Norwegian dam, according to police reports"
