The NHS starts its move to the cloud

Nearly three years after the WannaCry cyber attack in May 2017, which cost the NHS £92 million and 19,000 appointment cancellations, the NHS is now preparing for a new future with a securer, more efficient network.

Two major NHS digital services – the e-Referral service and the NHS 111 Directory of Services – have been moved to the cloud, after a lengthy migration process. These are the first major NHS systems to move, with many more due to follow in the months to come. The move to the cloud has derived from the need not only to save public money but also to improve NHS cyber security after the WannaCry cyber-attack in 2017.

Apart from WannaCry, the NHS has suffered over 200 successful ransomware attacks since 2014, according to new figures based on information received by NHS trusts. These figures show:

• 209 or more successful attacks, ranging from one computer to entire systems
• No ransoms reported to have been paid
• Six attacks reported after 2017, the year of WannaCry

These stats show a dramatic improvement since WannaCry ransomware targeted the NHS, and the transition of NHS systems to the cloud should serve to make the entire NHS network far more secure and effective. Here’s why the cloud is the best solution for increased cyber security, in a constantly evolving cyber security landscape.

Why the cloud is a better solution

The concept of cloud-based technology is maximum productivity from remote locations. It uses apps running in different locations to work. This allows new methods of collaboration between GPs, specialists and other professionals, effectively cutting referral and treatment times. As patient data is increasingly held on large databases, the data needs to be accessible by different people in different places at different times. The cloud centralises data into a user-friendly network, meaning doctors can access patient information and prescriptions at a touch of a button regardless of location. This, in turn, strengthens the relationship between the NHS and its patients.

Cloud computing also adds security that many outdated NHS systems lack. Robust security measures are absolutely crucial to guarding against security breaches, and also to building public confidence in the reputation of the NHS, which was seriously damaged after WannaCry. Security is built into the core of NHS cloud services.

Neil Bennett, Director of NHS Digital, explained: “There are a wealth of benefits that come from moving large systems like e-RS and DoS to the cloud. Costs are lowered, reducing pressure on the public purse, there is better security and reliability, as well as great flexibility, performance, scalability and availability, to name a few.”

He continued, “This was a tremendous collaborative effort across many different teams here and with external partners, to migrate such large systems with a minimum of disruption to users, in a reasonably short timescale.”

With all the challenges the NHS is set to face in the coming years, the cloud offers a beacon of security and hope against financial and operational demands. The NHS can focus again on the treatment of patients and delivering care to the public.

Introducing Cyber Essentials

Cyber Essentials was launched by the UK government to help organisations consider their cyber security measures. The five key controls help organisations strengthen their protection against the most common cyber security attacks, and they are relatively simple to implement.

The scheme focusses on the following strategies:

• Boundary firewalls and internet gateways
• Secure configuration
• Access control
• Malware protection
• Patch management

Certification with Cyber Essentials demonstrates your organisation is adequately protecting customers’ data and sensitive information, as well as taking issues of cyber security seriously.