Cyber security – critical to the future of the NHS

To reflect the key importance of cyber security in healthcare at the start of this year (2016), the UK government moved to set up an NHS cyber security service within the Health and Social Care Information Centre as part of its wider CERT or computing emergency response team programme.

The establishment of CareCERT comes against a backdrop of wider government action to address cyber-security in UK public bodies, academic organisations, and business.

As the NHS continues to invest in digital mobile technologies to automate processes, support clinical care and record patient outcomes, it also brings new vulnerabilities to cyber security risks.

With paper records, although certainly insecure, you can only physically grab as many as you can carry. Whereas hack into a records database and you can potentially, virtually, make off with almost unlimited amounts of highly sensitive information.

With many trusts and healthcare providers now depending on IT to carry out their work and care for patients with electronic data systems, and the mobility of data that comes with it, the risk of cyber-attacks increase.  With cyber-attackers increasingly targeting vulnerabilities in mobile applications, it is essential that heath trusts and hospitals are taking the necessary steps to lock down these new entry points.

Back in 2014, the attack by Chinese cyber-military units on American healthcare provider Community Health Systems, in which the personal data of 4.5 million patients was stolen, demonstrated that cyber-attackers are actively targeting healthcare providers to steal personal identities and personal health information for sale on the dark web. Another motive is to blackmail particular individuals by threatening to reveal sensitive details about their medical conditions.

But data security in healthcare goes much deeper than just building it into large-scale digitisation schemes.  One of the threats to data security currently facing the NHS is the threat of the insider – even when the employee’s or patient’s actions are completely unintentional. For example, many healthcare workers simply don’t know that they could be risking their organisation’s sensitive data by downloading a fake app onto their smartphones.  In addition, today’s “connected patient” is much more likely than predecessors to expect online access during their hospital visit, again opening up trusts to cyber-attack with multiple new devices accessing their networks.


Security & Infrastructure Monitoring as a Managed Service

Comtact has a proven track-record within the healthcare sector (our Sister company Comtact Healthcare, providing mobile digital healthcare).  As advocates of paperless working  through our mobile first healthcare solution we understand the huge importance of data security.

Given the prevalence of threats and that most IT departments within the UK are 8×5, represents a major problem in forming a real-time response.  This is where Comtact’s 24×7×365 Security Operation Centre (SOC) services can assist.  Comtact’s Full Spectrum Managed Security portfolio provides comprehensive security solutions that help our clients assess and proactively manage risk. Delivered from our UK SOC in Northampton that resides in our Tier 3 Data Centre for maximum security and resilience, our services are designed to function as a complete outsource of internal SOC functions that our clients may have, or to bolster response in particularly critical points of risk.  Through working with us our clients can strengthen their security posture, lower their total cost of ownership, reduce operational complexity and deliver measurable reduction in business risk.


standrews basildonnhstrust kentmedwaynhstrust


Talk to one of our security specialists about managed cyber security today

Call us now on 03452 75 75 75