NHS Digital Academy hailed as ‘important mechanism’ for cyber security

  • 12 February 2018
NHS Digital Academy hailed as ‘important mechanism’ for cyber security

The NHS Digital Academy will be a “really important mechanism” for improving cyber security within the organisation, NHS England’s CIO has said.

Will Smart was summoned to speak to at NHS England’s board meeting on 8 February to discuss his ‘lessons learned’ review of the WannaCry cyber-attack, which took place in May 2017.

Smart’s report, which was released last week, lists 22 recommendations for the future, including the appointment of a chief information and security officer (CISO) and a dedicated cyber security lead across the entire English NHS.

The board’s newly-appointed national medical director, Professor Stephen Powis, brought up the topic of the NHS Digital Academy and how it could benefit cyber security.

The academy, which opened its doors for applications in November, aims to train 300 NHS digital leaders over the next three years.

Smart confirmed to the board that the first ‘cohorts’ of the academy have been selected and are made up of clinicians and non-clinicians.

“The Digital Academy is a really important mechanism and can take cybersecurity that one step further,” Smart added.

Another recommendation was for local boards to appoint a data security lead. Members questioned whether cyber security was seen as enough of a priority by NHS trusts.

Vice chairman and commissioning committee chair, David Roberts, questioned if trusts had “got the message” of the importance of the issue and whether it was being taken seriously enough.

Roberts also asked what was being done to ensure the NHS’ “weak spots” would not be exploited by hackers again.

In response, Smart reiterated that impact assessments have been carried out at 200 organisations since the WannaCry attack, with a further 25 scheduled “between now and the end of the financial year”.

The impact assessments were brought up at the Public Accounts Committee earlier this week, with NHS Digital’s deputy chief executive Rob Shaw confirming that all of the 200 trusts inspected had failed.

Smart told the board that a “high bar” had been set for the assessments and that if they failed one section, they were automatically failed overall.

“We are only as strong as our weakest link,” Smart said.

“I have not spoken to every chief executive within the NHS, but the ones I have spoken to are taking cyber security very seriously.”

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Related News

NHSE quizzed on the link between single patient record and FDP

NHSE quizzed on the link between single patient record and FDP

Suppliers have quizzed NHS England about the relationship between the proposed single patient record and the federated data platform (FDP).
NHS suppliers urged to sign cyber security best practice charter

NHS suppliers urged to sign cyber security best practice charter

Suppliers to the NHS have been urged by NHSE and the DHSC in an open letter to sign a charter of cyber security best practice.
Most of public think that NHS ‘single patient record’ already exists

Most of public think that NHS ‘single patient record’ already exists

Most of the public think that a single patient record (SPR) already exists, according to research by Understanding Patient Data.

1 Comments

  • i’ve no doubt that better qualified and more knowledgeable practitioners will help to improve security. However, i think we’ve got to be realistic in terms of what is achievable within the confines of this 12 month part-time, mostly online diploma.
    For example, clicking through from the NHS to the Imperial College London description of the PG Dip Digital Health Leadership, the word “security” is not mentioned once.

Comments are closed.