NHS PCS upgrade from XP in £21m cyber-security boost
Hospitals that treat people hurt in major incidents such as terrorist attacks have been given £21m by the Government to boost their cyber defences.
A network of 27 major trauma centres will receive the funding, which was announced two months after systems run by the NHS and GPS were taken down by the Wannacry ransomware, which caused thousands of appointments to be cancelled.
Hospitals receiving the new cyber-security funding include the Royal London and Manchester Royal Infirmary. Cash will be used to update their IT systems, with priority given to upgrading computers from Windows XP.
Health minister Lord O’shaughnessy said: “Only by leading cultural change and backing organisations to drive up security standards across the health and social-care system can we build the resilience the NHS needs in the face of a global threat.”
The funding is part of the Government’s response to reports into the security of patient data, published by the National Data Guardian for health and care, Dame Fiona Caldicott, and the Care Quality Commission.
NHS organisations must adopt new data-security standards, including giving patients the right to opt out of having their details shared for any purpose other than their own care.
Dame Fiona said that this would address “past failures to use patient data safely and respectfully”. She called for “an ongoing conversation” between the NHS, Government and the public to decide how personal medical data is used, so people can make more informed choices.
The Government set a deadline of March 2020 for the launch of a website that shows individuals how their data is being used.
Money will also be spent on training staff to adopt better security habits, such as not opening emails from unknown senders, and a hotline for reporting cyber-attacks.