This interview appeared on Wake Up to Money.
James Mucklow, healthcare digital expert at PA Consulting Group, speaks to Radio 5 Live’s Wake Up to Money programme about Friday’s cyber-attack on the NHS.
The programme notes that the virus attack affected 61 NHS organisations across the UK, but it wasn’t just the NHS or the UK that was affected, with countries such as France, Germany and Russia impacted as well.
James was asked why the NHS was so exposed to the cyber-attack on Friday. He said that: “The NHS is a very large organisation which employs over a million people and they have thousands of different sites and organisations inside it, so it is very complex. Cyber security has to be a top level agenda item for any organisation these days.
“The NHS faces particular challenges, in a large trust you might have hundreds of systems and some of them are difficult to upgrade. Many might be linked to big systems like scanners and lab systems and that’s why it’s slightly more vulnerable than other organisations.”
He was also asked about the software of the NHS. He said that for all organisations: “If you can’t upgrade the system, you have to protect it so you have cyber security in place, whether it’s isolating that system or putting increased security around it; if not, you need to patch it.”
When asked about productivity and IT improvements and whether this will put off a lot of NHS trusts from integrating IT much more into what they do on a day to day basis, he said he hopes it won’t. “The potential for IT to improve the care we all receive is huge. Suddenly a doctor can see your records wherever you are – the trouble is as IT becomes critical to care delivery, it needs to have the same level of importance at the Board as any of the other NHS board items, such as levels of nurses and doctors.”
Want to find out more about our work on digital trust and cyber security?
Reflecting on the consequences of the cyber-attack on Friday, James said: “I think you have to put it into perspective; the NHS employs 1.5 million people, so that’s huge and it’s got thousands of organisations inside it - GP practices and trusts. So it’s a relatively small impact, even though any incident that affects patient services is regrettable and to be avoided.”
He was also asked whether the attack was due to cash constraints on the NHS or whether it’s down to a lack of skilled IT people working for it. He notes that: “It is a balance. Every organisation needs to look at how it balances what it spends, and cyber security obviously needs to move further up the Board agenda and spending priorities – especially cyber security and cyber resilience, because these systems are key to care.”
He concludes: “When people turn on their computers today they should be cautious. There has been a lot of hard work done over the weekend to patch computers and hopefully as a result of that there may be a few infections, but not many.”