Cybersecurity placed at forefront by NHS to boost patient care and build trust
The National Health Service (NHS) in the UK is stepping up its efforts to improve cybersecurity, with a focus on both technical training for cyber teams and widespread education for all staff. A recent independent study by Palo Alto Networks, a next-generation security company, has highlighted the importance of this dual approach to tackling the trust gap and ensuring the safe handling of patient data.
The study, which surveyed 100 NHS IT decision-makers, revealed that only a minority of IT professionals said front-line staff receive cybersecurity training. This includes administrators (30%), doctors (11%), and nurses (6%). The lack of training has been identified as a significant concern, with human error being the leading cause of security breaches.
To address this issue, programs like Digital Care Hub’s free Data Security and Protection eLearning course are being introduced to help staff learn to spot phishing attempts, maintain strong passwords, and safeguard digital and paper data, aligned with NHS data security frameworks.
On the technical front, NHS England is actively investing in specialist cybersecurity training for its Cyber Operations (CO) staff. This includes commissioning SANS Institute courses, which provide industry-recognized certifications and advanced skills essential to mitigating cyber risks system-wide. This technical training supports retention, capability building, and reduces dependence on contractors for cyber defense.
The study also found that 95% of IT decision-makers are aware of what they need to do to comply with GDPR, and 58% think their NHS organisation will be ready for GDPR by May 2018. However, more than three-quarters (77%) realize that their organisation's IT systems still need improving to ensure data-handling compliance.
The survey's respondents believe that improving cybersecurity could allow for an additional 150 doctors and 250 nurses within the NHS. Moreover, 89% of respondents see prioritizing cyber security as key to tackling the trust gap, with 81% believing patients have a good level of trust in how the NHS uses their data, and 67% having complete trust in how the NHS stores their data.
Dave Allen, regional vice president, Western Europe, Palo Alto Networks, stated that preventing successful cyber attacks is paramount to reducing disruption to medical services and improving patient trust. He emphasized the need for a robust and widespread cybersecurity culture within the NHS, through improved training and education.
In conclusion, the improvement of cybersecurity culture in the NHS requires a comprehensive, ongoing approach that includes specialist technical training for cyber teams, organization-wide awareness to prevent cyber attacks, and accessible cyber awareness training for frontline staff to reduce human error. This dual approach is essential to protect patient data, improve patient trust, and enable digitalization to improve patient care.
- To reinforce the cybersecurity culture in the NHS and protect patient data, it's crucial to provide both specialized technical training for cyber teams and easy-to-access cyber awareness training for frontline staff, aiming to minimize human error.
- By prioritizing cybersecurity with a combined focus on technical training for cyber teams and widespread education for all staff, the NHS can potentially provide services for an additional 150 doctors and 250 nurses, increase patient trust, and facilitate digitalization for enhanced patient care.
