View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
January 22, 2016updated 31 Aug 2016 9:43am

NHS budget cuts threaten IT security standards and patient data

News: Security gaps widening as the NHS is increasingly embracing mobile healthcare.

By CBR Staff Writer

A study by security services company Sophos has found that there is a significant gaps between perceived strength of IT security measures in the NHS and the actual level of IT security.

In the study of 250 NHS-employed CIOs, CTOs and IT managers, 76% believe that they have the right type of protection against cybercrime and data loss and 72% claim that loss of data is one of the biggest concerns in IT security.

The study however reveals that encryption of data is very low across the network and there is a risk of data theft.

According to the findings, only 10% say they have encryption within their organisations; only 59% have email encryption; only 49% have file share encryption and 34% have encryption of data stored in cloud.

These numbers are an alarming situation because, according to Information Commissioner‘s Office (ICO), the NHS has been the number one victim of data breaches in 2015.

Main factors of data breaches include data leakage and loss of hardware, such as USB keys.

Sophos UK and Ireland, UK Healthcare Sector manager Jonathan Lee said: "This study highlights that NHS organisations still face significant IT security issues and that IT decision makers have work to do to address gaps in their security."

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

"Failure to take the necessary precautions to keep cyber criminals out, to safeguard data and ultimately to protect patients and staff will continue to cause significant problems for NHS organisations.

"However, budget cuts and changes to working practices, such as the increase in mobile working, all present significant challenges within the sector."

Lee continued: "It’s no surprise that only 10 percent of NHS organisations stated that encryption was well established within their organisation.

"Most have encrypted laptops and USB sticks because they have been mandated to do so, but, currently, that is often where it stops."

Mobile healthcare has also been one of the areas being explored by NHS due to budgetary constraints.

Many NHS organisations are embracing mobile healthcare. As much as 42% of respondents in the survey have cited greater use of mobile devices in community healthcare. Apart from this, health workers are always on the move and they use mobile working practices to stay connected.

NHS is also on the path of consolidation for improved protection. One of the main motivations for consolidation has been cost cutting.

Jonathan Lee explains: "There is an important shift taking place in IT security. Organisations need a comprehensive security system that encrypts sensitive data, protects all classes of endpoints and communicates with network security systems. Sophos is at the forefront of this shift with a range of solutions offering a synchronized approach to IT security."


Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.