In the first of a series of new articles exclusive to the Digital Health Rewired blog, we pick out some useful lessons drawn from recent healthcare cyber and information security news to apply in your daily work straightaway. Here’s what you need to know…

1. Investing in increased security may seem costly, but not investing will probably be costlier. The Department of Health and Social Care has recently estimated that WannaCry cost the NHS £92m in direct costs and lost output, adding that £500,000 of this amount was spent on vital IT support at the time of the attack.
2. Information governance rules cannot be circumnavigated – even if you are the police. It seems some police officers may have been using an unlawful means of obtaining the patient records of firearm licence applicants. In an effort to cut costs, some forces are reported to have used subject access requests rather than requesting a medical report, which the ICO said “could potentially constitute a breach of the Data Protection Act”.
3. There’s value in cyber security education and awareness – including, it seems, for government ministers with responsibility for the agenda. A recently-appointed Japanese minister who holds responsibility for cyber security admitted: “I don’t use computers because since I was 25 I have been in a position of authority where secretaries and employees handle such tasks for me”. When asked for details on how the country’s nuclear power plants are being protected from cybercriminals, he is said to have demurred. A reminder of why cyber security awareness training is so important.
4. Machine learning could play a role in mitigating cyber attacks. The promise of machine learning has frequently been touted, but have you considered its potential value in the context of cyber security? Bolton NHS Trust has, investing in automated threat detection capabilities that actively seek out threats and identify them in real time. The  trust’s cyber security team will be able to more easily identify and prioritise risks to prevent attacks before they occur.

If you want to develop your understanding and knowledge of building a cyber-resilient NHS organisation then register for the Digital Health Rewired Expo which features a dedicated Cyber Security Zone. Share lessons with your health IT colleagues and hear from cyber and information security leaders such as Caldicott Guardians and NHS CIOs to support your journey to cyber-readiness.

Register for Rewired: book now