Editorial

NHS IT: still too vulnerable to cybersecurity perils?

Tough assessment by researchers at Imperial College: “This report highlights weaknesses that compromise patient safety and the integrity of health systems”

Posted 11 July 2019 by

A new white paper written by researchers from Imperial College London’s Institute of Global Health Innovation says fresh investment in NHS cybersecurity is “urgently needed” to defend against threats that could put patient safety at risk.

Presented at the House of Lords yesterday, the report makes a number of recommendations on key areas that NHS trusts must improve upon in order strengthen their online security, including recruiting more cybersecurity professionals into IT teams, building “fire-breaks” into Trust networks so staff can isolate possibly infected systems and having clear lines of communication for receiving advice on IT security matters.

‘Russian Spy’ by Juan Limousine on Flickr (c) All Rights Reserved

It’s not just hackers, either – robotics, AI (Artificial Intelligence) and implantable medical devices could also represent new frontiers of risk, cautions the study.

Presenting the data at the House of Lords, Lord Darzi, co-director of the Institute, said: “We are in the midst of a technological revolution that is transforming the way we deliver and receive care.

“But as we become increasingly reliant on technology in healthcare, we must address the emerging challenges that arise in parallel. For the safety of patients, it is critical to ensure that the data, devices and systems that uphold our NHS and therefore our nation’s health are secure.”

Researchers note that since 2017’s WannaCry attack awareness of cyber-attack risk has significantly increased, and points to positives like an ongoing £150m investment by the government into strengthening cyber defences the creation of the new NHSX unit – but that the Service is far from out of the woods.