Plans to strengthen NHS cyber security announced

A new multi-million pound Microsoft package will ensure NHS systems have the most up-to-date software with the latest security settings

The deal with Microsoft will ensure all health and care organisations are using the latest Windows 10 software with up-to-date security settings to help prevent cyber attacks.

Since 2017 the government has invested £60 million to address cyber security weaknesses. A further £150 million will be spent over the next 3 years to improve the NHS’s resilience against attacks. This will include setting up a new digital security operations centre to prevent, detect and respond to incidents.

The centre will:

• allow NHS Digital to respond to cyber attacks more quickly
• allow local trusts to detect threats, isolate infected machines and kill the threat before it spreads

Other measures to improve cyber security include:

• £21 million to upgrade firewalls and network infrastructure at major trauma centre hospitals and ambulance trusts
• £39 million spent by NHS trusts to address infrastructure weaknesses
• new powers given to the Care Quality Commission to inspect NHS trusts on their cyber and data security capabilities
• a data security and protection toolkit which requires health and care organisations to meet 10 security standards
• a text messaging alert system to ensure trusts have access to accurate information – even when internet and email services are down

Health and Social Care Secretary Jeremy Hunt said:

"We know cyber attacks are a growing threat, so it is vital our health and care organisations have secure systems which patients trust.

"We have been building the capability of NHS systems over a number of years, but there is always more to do to future-proof our NHS against this threat.

"This new technology will ensure the NHS can use the latest and most resilient software available – something the public rightly expect."