The Department of Health and Social Care has agreed a deal with Microsoft that will enable all NHS organisations to use Windows 10 in a bid to improve defences against future cyber attacks.
The outbreak of WannaCry in May last year affected one third of NHS trusts in England, leading to the cancellation of thousands of appointments and operations as staff were locked out of devices and IT systems.
In an effort to further build cyber resilience across the NHS, the Department for Health and Social Care has announced an agreement with Microsoft that will see NHS devices upgraded to Windows 10, the technology firm’s latest operating system, which features significantly more robust security tools.
It will also improve the ability of NHS Digital to respond to attacks, reducing the impact on trusts.
Sarah Wilkinson, chief executive at NHS Digital said: “We welcome the Secretary of State’s commitment to prioritise cyber security. The new Windows Operating System has a range of advanced security and identity protection features that will help us to keep NHS systems and data safe from attack. This is one of a suite of measures we are deploying to protect the service from cyber attack.”
The Microsoft deal will allow NHS trusts to update their systems with the latest Windows 10 security features for free via the internet as they become available, helping them detect viruses, phishing and malware, isolate infected machines and kill malicious processes before they are able to spread.
Cindy Rose, chief executive of Microsoft UK, said: “The importance of helping to protect the NHS from the growing threat of cyber-attacks cannot be overstated. The introduction of a centralised Windows 10 agreement will ensure a consistent approach to security that also enables the NHS to rapidly modernise its IT infrastructure.”
The government also announced it is pledging a further £150 million over the next three years to improve resilience, including the setting up of a new NHS Digital Security Operations Centre to boost the public body’s ability to prevent, detect and respond to incidents.
Digital Health News understands the deal with Microsoft is not included in the £150 million pledge from government.
Other measures include:
- £21 million on upgrading firewalls and network infrastructure at major trauma centre hospitals and ambulance trusts to improve security at key emergency sites – protecting technology such as MRI scanners and blood test analysis.
- £39 million has been spent this year by NHS trusts to help them address infrastructure weaknesses which prevented them from fully implementing solutions to address all historic cyber alerts
- New powers given to the Care Quality Commission (CQC) to inspect NHS trusts on their cyber and data security capabilities in conjunction with NHS Digital.
- The launch of a Data Security and Protection Toolkit which requires health and care organisations to meet 10 key standards, including appointing a senior executive to oversee data and cyber security.
- A text messaging alert system is in place to ensure trusts have access to accurate information – even when internet and email services are down.
5 May 2018 @ 17:24
A fine idea and yes we do need to protect systems from malicious attacks but I do hope someone is thinking about the consequences and costs of such a move.
I work in ophthalmology which depends on many different imaging systems a large number of them still running Windows XP. The software involved will not run on anything more recent and the devices are attached to the hospital network. Getting manufacturers to update software even to Windows 7 is a problem because there is no profit and it may not work anyway. There is also the problem of perfectly useable pieces of equipment becoming defunct because compatible device drivers are not available again no profit in it for the manufacturer. I hope someone is giving some thought to this problem.
Maybe having a separate physically isolated network for older devices/software while the systems catch up. It is likely this problem will occur again once Windows 10 becomes compromised and has to be updated to remain secure
4 May 2018 @ 00:00
Windows 10 OS for the NHS WOW. NHS Trust IT departments struggle with PC / Laptop configurations now and thats on a very small scale, so much is incompatible, between Windows 10 and other Apps / Trust security.
So can we presume this a clever plan of the governments to bring the NHS crashing down!
1 May 2018 @ 20:01
Windows– sigh.. FAIL Unfortunate the government insists on using trojan / virus friendly software. But, it keeps them busy I guess.
1 May 2018 @ 15:51
What happens in year 4? are Trusts going to end up with a large revenue bill to pay for Win 10 EA licences whilst they had already bought win 10 OEM licences with new PC’s?
30 April 2018 @ 20:28
It will be interesting to see progress here. The scale of the task for most Trusts, struggling for resource is huge. With little over 20 months to go until Windows 7 and Server 2008 are end of support the time and resource needed to move should not be underestimated, especially when in most cases the resource will also be needed to deliver new digital projects. Assigning some central funding to provide the licenses is welcome but is the easy part in comparison to the task facing Trusts.
30 April 2018 @ 11:18
So back to a national agreement again after individaul organistaions have had to arrange own over last 4 years , will they be compensated if just had to enter a new agreement? Also what if a suppliers software cannot run on Windows 10 , or numerous desktops and laptops cannot cope?