The NHS and Cyber Security

An elderly woman lies, incapacitated by a heart attack, in her flat, unable to alert emergency services by herself. However, as she fell she set off a sensor which has triggered a call to emergency services, who are on their way. In the ambulance, the paramedics who are on their way to treat her will receive a full set of medical records so they can agree on a plan and start treatment as soon as possible.

This apparently futuristic vision is closer than most people think – and while it should mean quicker and better treatment for sick people by the U.K.’s NHS and other state healthcare systems, there are also a number of points where it could all go horribly wrong.

The more often data such as medical records is transferred, the more potential access points to the data by nefarious forces there are. As the Internet of Things becomes a reality, the security of data is becoming imperative. Yet governments are often being reactive to events when what they really need is to be proactive.

It is extremely worrying to the broader cybersecurity community, how little the NHS in particular is spending on this most vital of gatekeepers. Seven NHS trusts, serving more than two million people, spent absolutely zero on cybersecurity in 2015, according to a report by Sky News.  This is having a real impact today – 2 NHS trusts in Lincolnshire recently had to cancel operations due to a virus attack.

As more government departments move online, seeking to cut costs and become more efficient, their vulnerability to cyber attacks by hackers seeking information, financial gain or both will grow exponentially.

There may be no easy solution. We believe that giving developers capability to add encryption based on globally recognised standards to their applications is an important first start. We also foresee a world where users are empowered to give third parties access to specific information on a need-to-know basis, whilst protecting the privacy of their material both in transit as well as whilst being stored on a device or in the cloud.

Ultimately, the development of the Internet of Things should benefit that elderly patient, and millions like her, immeasurably. However, it will only fulfil its potential with the right cybersecurity in place.