Review confirms money was diverted from paperless fund to cybersecurity

Cyber Security, News

  • 1 February 2018
Review confirms money was diverted from paperless fund to cybersecurity
Hannah Crouch
October 24, 2017

A review of the WannaCry cyber-attack by NHS England’s CIO has revealed £21m invested in improved cybersecurity last year was “reprioritised” from funds intended to support the paperless NHS.

Will Smart’s review, which is due to be discussed at an NHS England board meeting next week, looks into what the NHS has done since the WannaCry attack in May and lists 22 recommendations for the future.

Smart’s review reveals that immediately after the attack, the governing board for the Personalised Health and Care 2020 programme – which aims to have the NHS be paperless at the point of care – “reprioritised” £21 million of capital funds from the programme to cybersecurity.

The money was, as previously announced, spent on addressing “key vulnerabilities” in major trauma centres and ambulance trusts. In total, 32 organisations received a share of the cash.

Smart’s review also states that a further £25 million of capital funding has been identified in 2017/18 to support organisations deemed to need to bolster their resilience against cyber-attacks.

It is currently unclear where that funding will be coming from.

But the paper describes a “rigorous reprioritisation exercise” as being underway across the whole NHS IT portfolio. The aim is to identify additional cybersecurity investment between 2018/19 and 2020/21.

The review adds: “An initial £150m has been identified focussed on continuing investment in local infrastructure as well as national systems and services to improve monitoring, resilience and response.”

It continues that “further reprioritisation and additional investment for cybersecurity is being considered”.

The review makes clear that local NHS bodies will be expected to make their own investments in cybersecurity. Smart states they will need to “commit local capital and revenue funding to maintain and refresh their own IT estates”.

In February 2016, health secretary Jeremy Hunt announced a £4.2billion investment in NHS IT. It was intended to advance progress towards a paperless NHS – an aim Hunt first made public in 2013.

At the time, £1.8 billion was intended to be used solely for achieving paperfree at the point of care.

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Prev News

Breast Cancer Care awarded £655,000 funding to further develop app

Next News

Smart review recommends national chief information and security officer appointment

Related News

Norfolk and Norwich University Hospitals investigating cyber attack
Cyber Security July 25, 2024

Norfolk and Norwich University Hospitals investigating cyber attack

NHS England’s cyber security operations centre is investigating a cyber attack at Norfolk and Norwich University Hospitals NHS FT.
DMA must be ‘useful and usable’, says NHS England CIO
News July 23, 2024

DMA must be ‘useful and usable’, says NHS England CIO

John Quinn, chief information officer at NHS England said that the digital maturity assessment (DMA) needs to be “useful and useable”.
Norfolk and Waveney Collaborative approves £88m Meditech EPR
News July 22, 2024

Norfolk and Waveney Collaborative approves £88m Meditech EPR

NHS Norfolk and Waveney Acute Hospital Collaborative has signed an £88m contract with Meditech for an electronic patient record system.