Big trust overhauls info strategy to meet cyber threat

  • 12 January 2017
Big trust overhauls info strategy to meet cyber threat

The growing threat of cybercrime is driving an information technology strategic overhaul at one country’s largest trusts.

Sheffield Teaching Hospitals NHS Foundation Trust published its latest “ambitious” 2017-2020 information technology strategy in response to significant changes in “the global, NHS and trust contexts for information and technology”.

Published in the trust’s December board papers, the draft document said cyber-attacks were the trust’s most significant digital threat.

The strategy said, “the significance of cyber security in the modern world cannot be overestimated”.

“In a healthcare setting, the effects resulting from a cyber-attack can be devastating.”

The average cost of a security breach is £600,000 to £1.5 million and the rise is ransomware attacked on the NHS was of particular concern, the strategy said.

“The infection can come from anywhere, sometimes even a trusted source, and therefore we need to be extra vigilant as a cyber-attack could be a case of life or death.”

Sheffield Teaching has already been targeted, unsuccessfully, by ransomware attacks, the strategy said.

Many trusts had been re-evaluating the cyber security in the wake of the damaging ransomware attack on Northern Lincolnshire and Goole NHS Foundation Trust in October last year.

The 'Globe2' ransomware virus took down Northern Lincolnshire and Goole’s systems for four days, which led to the cancellations of 2,800 appointments and a police investigation.

Trusts that have recently reviewed their cyber risk or strategy following the attack include; Norfolk and Norwich University Hospitals, North Tees and Hartlepool, and Cheshire and Wirral NHS foundation trusts, among others.

Digital Health News reported late last year that in 2016 alone, nearly 30 NHS trusts could have been hit by ransomware attacks, according to a Freedom of Information request from the NCC Group.

Recent Information Commissioner’s Office figures for “data security incidents”, nearly half of which come from the healthcare sector, showed reported cyber-attacks are continuing to rise in the UK.

Sheffield’s Teaching IT strategy also said that the trust wants to deliver a fully integrated electronic patient record, including patient administration, emergency department and prescribing functions integrated with maternity, theatres and orders and results systems.

Sheffield Teaching uses CSC’s Lorenzo electronic patient record, which it deployed in September 2015.

It has previously estimated the EPR project would cost £33 million over ten years, although in March last year the trust suggested challenges with booking appointments through Lorenzo would contribute to added  costly under performance.

Sheffield Teaching did not respond to Digital Health News request for comment before publication.

Digital Health Intelligence: holds information on the clinical systems installed at trusts across the UK and uses this to calculate a Clinical Digital Maturity Index score. Sheffield Teaching Hospitals NHS Foundation Trust ranks 63 out of 153, with a score of 77. (requires log-in).

 

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Related News

How to equip NHS staff with cyber security skills they will use

How to equip NHS staff with cyber security skills they will use

Too often, cyber security training is a seen as a burden. But it is possible to make it relevant and useful, writes Nasser Arif.
Cheshire and Merseyside ICS selects cyber security platform

Cheshire and Merseyside ICS selects cyber security platform

Cheshire and Merseyside Integrated Care System has selected a healthcare cyber security platform from Cynerio to strengthen its defences.
How to find your inner ‘cyber defender’

How to find your inner ‘cyber defender’

A "back to basics" and "honest" approach to personal cyber security can help NHS staff make larger improvements at work, writes Nasser Arif.