Big trust overhauls info strategy to meet cyber threat
- 12 January 2017
The growing threat of cybercrime is driving an information technology strategic overhaul at one country’s largest trusts.
Sheffield Teaching Hospitals NHS Foundation Trust published its latest “ambitious” 2017-2020 information technology strategy in response to significant changes in “the global, NHS and trust contexts for information and technology”.
Published in the trust’s December board papers, the draft document said cyber-attacks were the trust’s most significant digital threat.
The strategy said, “the significance of cyber security in the modern world cannot be overestimated”.
“In a healthcare setting, the effects resulting from a cyber-attack can be devastating.”
The average cost of a security breach is £600,000 to £1.5 million and the rise is ransomware attacked on the NHS was of particular concern, the strategy said.
“The infection can come from anywhere, sometimes even a trusted source, and therefore we need to be extra vigilant as a cyber-attack could be a case of life or death.”
Sheffield Teaching has already been targeted, unsuccessfully, by ransomware attacks, the strategy said.
Many trusts had been re-evaluating the cyber security in the wake of the damaging ransomware attack on Northern Lincolnshire and Goole NHS Foundation Trust in October last year.
The 'Globe2' ransomware virus took down Northern Lincolnshire and Goole’s systems for four days, which led to the cancellations of 2,800 appointments and a police investigation.
Trusts that have recently reviewed their cyber risk or strategy following the attack include; Norfolk and Norwich University Hospitals, North Tees and Hartlepool, and Cheshire and Wirral NHS foundation trusts, among others.
Digital Health News reported late last year that in 2016 alone, nearly 30 NHS trusts could have been hit by ransomware attacks, according to a Freedom of Information request from the NCC Group.
Recent Information Commissioner’s Office figures for “data security incidents”, nearly half of which come from the healthcare sector, showed reported cyber-attacks are continuing to rise in the UK.
Sheffield’s Teaching IT strategy also said that the trust wants to deliver a fully integrated electronic patient record, including patient administration, emergency department and prescribing functions integrated with maternity, theatres and orders and results systems.
Sheffield Teaching uses CSC’s Lorenzo electronic patient record, which it deployed in September 2015.
It has previously estimated the EPR project would cost £33 million over ten years, although in March last year the trust suggested challenges with booking appointments through Lorenzo would contribute to added costly under performance.
Sheffield Teaching did not respond to Digital Health News request for comment before publication.
Digital Health Intelligence: holds information on the clinical systems installed at trusts across the UK and uses this to calculate a Clinical Digital Maturity Index score. Sheffield Teaching Hospitals NHS Foundation Trust ranks 63 out of 153, with a score of 77. (requires log-in).