Cyber security

The Cyber Security Programme is working to ensure that measures are actively in place to protect NHS assets and services, including those commissioned by NHS England. The aims of the programme are:

  • To enact lessons learned from the May 2017 cyber security incident
  • To ensure that actions related to “Critical” cyber alerts are completed
  • To provide assurance that cyber security is being considered at board level and managed as an ongoing board level risk.

The programme is working with colleagues in NHS Digital and NHS Improvement to ensure that Trusts, CCGs and CSUs are aware of their accountabilities and responsibilities and undertake cyber security actions, including:

  • Completing independent assessments organised through NHS Digital.
  • Ensure the outcome of cyber security assessments are acted upon, to mitigate risks
  • Ensure that organisations register to NHS Digital’s “Respond to an NHS Cyber Alert” service, act on advisories when they are issued, and submit remediation plans.

The programme work-streams will deliver outputs in relation to cyber security that assist in the management of future incidents, provide assurance on the readiness of NHS England assets and services, embed cyber security in local leadership at board level are protected for cyber security, investment is allocated to mitigate risks, and that the necessary requirements are included within relevant contracts.

Find out more

For further information, please emailĀ