NHS Digital Academy hailed as ‘important mechanism’ for cyber security

  • 12 February 2018
NHS Digital Academy hailed as ‘important mechanism’ for cyber security

The NHS Digital Academy will be a “really important mechanism” for improving cyber security within the organisation, NHS England’s CIO has said.

Will Smart was summoned to speak to at NHS England’s board meeting on 8 February to discuss his ‘lessons learned’ review of the WannaCry cyber-attack, which took place in May 2017.

Smart’s report, which was released last week, lists 22 recommendations for the future, including the appointment of a chief information and security officer (CISO) and a dedicated cyber security lead across the entire English NHS.

The board’s newly-appointed national medical director, Professor Stephen Powis, brought up the topic of the NHS Digital Academy and how it could benefit cyber security.

The academy, which opened its doors for applications in November, aims to train 300 NHS digital leaders over the next three years.

Smart confirmed to the board that the first ‘cohorts’ of the academy have been selected and are made up of clinicians and non-clinicians.

“The Digital Academy is a really important mechanism and can take cybersecurity that one step further,” Smart added.

Another recommendation was for local boards to appoint a data security lead. Members questioned whether cyber security was seen as enough of a priority by NHS trusts.

Vice chairman and commissioning committee chair, David Roberts, questioned if trusts had “got the message” of the importance of the issue and whether it was being taken seriously enough.

Roberts also asked what was being done to ensure the NHS’ “weak spots” would not be exploited by hackers again.

In response, Smart reiterated that impact assessments have been carried out at 200 organisations since the WannaCry attack, with a further 25 scheduled “between now and the end of the financial year”.

The impact assessments were brought up at the Public Accounts Committee earlier this week, with NHS Digital’s deputy chief executive Rob Shaw confirming that all of the 200 trusts inspected had failed.

Smart told the board that a “high bar” had been set for the assessments and that if they failed one section, they were automatically failed overall.

“We are only as strong as our weakest link,” Smart said.

“I have not spoken to every chief executive within the NHS, but the ones I have spoken to are taking cyber security very seriously.”

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Related News

Digital Health Christmas Coffee Briefing 🎄

Digital Health Christmas Coffee Briefing 🎄

Our Christmas Coffee Briefing features festive-themed news, including a story from NHS Highland about how virtual care can make a difference.
Digital Health’s 2024 Review: Top 10 news stories

Digital Health’s 2024 Review: Top 10 news stories

Digital Health News has picked out the 10 news stories that sparked the most conversations in the sector in 2024.
NHS England launches digital clinical safety standards review

NHS England launches digital clinical safety standards review

NHS England has launched a review of digital clinical safety standards, requesting input from NHS stakeholders and IT manufacturers.

1 Comments

  • i’ve no doubt that better qualified and more knowledgeable practitioners will help to improve security. However, i think we’ve got to be realistic in terms of what is achievable within the confines of this 12 month part-time, mostly online diploma.
    For example, clicking through from the NHS to the Imperial College London description of the PG Dip Digital Health Leadership, the word “security” is not mentioned once.

Comments are closed.