Committee claims one recommendation from a draft review of Wannacry could cost £1bn

  • 26 January 2018
Committee claims one recommendation from a draft review of Wannacry could cost £1bn

NHS Improvement has been told that implementing just one recommendation included in an NHS England draft report on learning from the Wannacry cyber-attack will cost £1 billion.

Minutes from a meeting of NHS Improvement’s technology and data assurance committee in December reveal NHS England CIO, Will Smart, presented a “draft lessons learned review” following the attack in May and included recommendations.

The committee’s papers note that “to implement the first recommendation as set out in the review would cost £1 billion”, though the details of what the recommendation are not revealed.

The committee then states this unknown recommendation is considered a “core patient safety issue” by NHS England and the funding for it “would have to be found”.

“There had been a suggestion that the funding allocated to the Paperless 2020 programme should be used for this purpose but doing so would mean cancelling the balance of the Paperless 2020 programme,” the minutes add.

The Paperless 2020 programme set aside £1.3bn of government funding to go towards making the NHS paperless to the point at the point of care.  Cancelling the already limited national investments in clinical systems that are most likely to directly benefit patient care would be contentious.

The call for funding is likely to partly to modernise and bootstrap the infrastructure and software run across all parts of the NHS, through investment in networks and the latest version of operating and application software.  Smart is known to be currently in negotiations for a new Enterprise Wide Agreement with Microsoft and negotiations are also underway for a national cloud licensing deal.

The idea of reallocating funds away from the programme had previously been brought up at an NHS Improvements board meeting, which was also attended by Smart.

Minutes from the meeting suggest that funds have already started to be reallocated, and that

“The Board discussed the Paperless 2020 programme,” it states.

“It was noted that there was not sufficient funding for the programme, and that this situation had been exacerbated by the requirement to fund cybersecurity investment from the Paperless 2020 programme budget.”

A previous report by the National Audit Office (NAO) revealed that simple measures could have been taken to protect the NHS from the global cyber-attack.

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Related News

Two more Liverpool hospitals impacted by Alder Hey cyber attack

Two more Liverpool hospitals impacted by Alder Hey cyber attack

Alder Hey Children's NHS Foundation Trust has announced that the cyber attack it suffered last week has impacted two more hospitals.
Major cyber security incident declared at Merseyside hospital

Major cyber security incident declared at Merseyside hospital

A “major incident” has been declared at Wirral University Teaching Hospital NHS Foundation Trust “for cyber security reasons”.
Barts Health rolls out Cynerio cyber security platform

Barts Health rolls out Cynerio cyber security platform

Barts Health NHS Trust has rolled out Cynerio’s healthcare-focused cyber security platform across all of its sites.

1 Comments

  • Sadly that number seems to be same as Carillion’s missing zero’s
    Have read the
    “NHS Improvement’s technology and data assurance committee ”
    Need to align financial allocations to cover capital and revenue cost and allowed to deliver over a sensible time frame not in Q4 .
    Hardware purchase aligned to a long term Digital IT security .
    We had Win XP
    Now, we need to NOT ignore the demise of win7 jan 2020. 500 working days
    Any central mandates on this? otherwise we will be in the same position we have software on diagnostic devices right now , isolated from Networks because suppliers have not been given notice .
    All digital eggs in one OS nest ?

Comments are closed.