THE UK GOVERNMENT has pledged an extra £21m to boost cybersecurity measures across the NHS following the WannaCry ransomware attack that struck in May.
This news comes as part of the Department of Health's response to last year's data security review, which was finally published this week.
The report by the Care Quality Commission (CQC) and National Data Guardian, Dame Fiona Caldicott, called for trusts to value security control as highly as financial control and a revised information governance toolkit.
The government response says that it accepts all 10 of Caldicott's recommended data security standards, and has promised a multi-million-pound cash injection to help strengthen security at major trauma centres, of which there are 27 across England.
The decision comes in the wake of the recent WannaCry ransomware attack, which exploited insecurities in supported, but unpatched, Windows operating systems, as well as unsupported Windows XP, which is still run on PCs in many NHS trusts.
However, the Department of Health claimed that use of Windows XP had fallen by 13.3 per cent over the past 18 months, noting that "central support for NHS Digital's national applications operating on outdated platforms will be phased out, with Windows XP support being withdrawn from 2018".
"Local organisations should be aiming to have isolated, moved away from or be actively managing any unsupported systems by April 2018."
WannaCry spread globally, affecting thousands of computers in about 150 countries in a matter of hours. Several months before the attack, the CQC and Dame Fiona warned health secretary Jeremy Hunt that an "external cyber threat is becoming a bigger consideration" within the NHS.
Their review of 60 hospitals, dental practices and GP surgeries also revealed a "lack of understanding of security issues".
"New technological advances offer extraordinary opportunities for patient data to be used to improve people's individual care and to improve health, care and services through research and planning", Dame Fiona said.
She continued: "We will only be able to harness those opportunities if the public trusts that the health and care system is doing all it can to keep patient data secure, to meet their expectations on confidentiality and to be transparent.
"I believe that the implementation of my recommendations will be an important step in this process and very much welcome the Government announcements today." µ
You can't fault them for speed
Investigation reveals that malicious code was injected into the firm's payment page
Plus the three-for-free
And it's not just on Ubuntu, neither