Jump to content

Search the hub

Showing results for tags 'Cybersecurity'.

More search options

  • Search By Tags

    Start to type the tag you want to use, then select from the list.

  • Search By Author

Content Type


Forums

  • All
    • Commissioning, service provision and innovation in health and care
    • Coronavirus (COVID-19)
    • Culture
    • Improving patient safety
    • Investigations, risk management and legal issues
    • Leadership for patient safety
    • Organisations linked to patient safety (UK and beyond)
    • Patient engagement
    • Patient safety in health and care
    • Patient Safety Learning
    • Professionalising patient safety
    • Research, data and insight
    • Miscellaneous

Categories

  • Commissioning, service provision and innovation in health and care
    • Commissioning and funding patient safety
    • Digital health and care service provision
    • Health records and plans
    • Innovation programmes in health and care
    • Climate change/sustainability
  • Coronavirus (COVID-19)
    • Blogs
    • Data, research and statistics
    • Frontline insights during the pandemic
    • Good practice and useful resources
    • Guidance
    • Mental health
    • Exit strategies
    • Patient recovery
    • Questions around Government governance
  • Culture
    • Bullying and fear
    • Good practice
    • Occupational health and safety
    • Safety culture programmes
    • Second victim
    • Speak Up Guardians
    • Staff safety
    • Whistle blowing
  • Improving patient safety
    • Clinical governance and audits
    • Design for safety
    • Disasters averted/near misses
    • Equipment and facilities
    • Error traps
    • Health inequalities
    • Human factors (improving human performance in care delivery)
    • Improving systems of care
    • Implementation of improvements
    • International development and humanitarian
    • Patient Safety Alerts
    • Safety stories
    • Stories from the front line
    • Workforce and resources
  • Investigations, risk management and legal issues
    • Investigations and complaints
    • Risk management and legal issues
  • Leadership for patient safety
    • Business case for patient safety
    • Boards
    • Clinical leadership
    • Exec teams
    • Inquiries
    • International reports
    • National/Governmental
    • Patient Safety Commissioner
    • Quality and safety reports
    • Techniques
    • Other
  • Organisations linked to patient safety (UK and beyond)
    • Government and ALB direction and guidance
    • International patient safety
    • Regulators and their regulations
  • Patient engagement
    • Consent and privacy
    • Harmed care patient pathways/post-incident pathways
    • How to engage for patient safety
    • Keeping patients safe
    • Patient-centred care
    • Patient Safety Partners
    • Patient stories
  • Patient safety in health and care
    • Care settings
    • Conditions
    • Diagnosis
    • High risk areas
    • Learning disabilities
    • Medication
    • Mental health
    • Men's health
    • Patient management
    • Social care
    • Transitions of care
    • Women's health
  • Patient Safety Learning
    • Patient Safety Learning campaigns
    • Patient Safety Learning documents
    • Patient Safety Standards
    • 2-minute Tuesdays
    • Patient Safety Learning Annual Conference 2019
    • Patient Safety Learning Annual Conference 2018
    • Patient Safety Learning Awards 2019
    • Patient Safety Learning Interviews
    • Patient Safety Learning webinars
  • Professionalising patient safety
    • Accreditation for patient safety
    • Competency framework
    • Medical students
    • Patient safety standards
    • Training & education
  • Research, data and insight
    • Data and insight
    • Research
  • Miscellaneous

News

  • News

Find results in...

Find results that contain...


Date Created

  • Start
    End

Last updated

  • Start
    End

Filter by number of...

Joined

  • Start

    End

Group

First name

Last name

Country

Join a private group (if appropriate)

About me

Organisation

Role

Found 52 results
  1. News Article
    The government has failed to meet most of its own deadlines for commitments to improve how the NHS uses data, including developing a cybersecurity strategy, HSJ can reveal. The delays include work to store and analyse patient data more securely, building public trust in the NHS’ use of patient data, and agreeing national strategies on cybersecurity and cloud technology. The strategy and its commitments were published following the Goldacre Review, which called for an overhaul of how NHS patient data is collected, stored and used. It came after the government was forced to indefinitely halt a controversial plan to collect all GP-held patient data in 2021, which resembled the fate of a similar data scheme in 2016. Several data projects have also come under scrutiny from doctors and campaigners in recent years, such as NHS England’s procurement of a new Federated Data Platform and a much-criticised trust’s data-sharing scheme with a credit rating company. Read full story (paywalled) Source: HSJ, 28 February 2023
  2. News Article
    Following the Advanced cyber attack in August 2022, Phil Huggins has revealed to a Digital Health Rewired audience that the NHS has “seen no clinical impact or significant clinical harm”, after a review to be released in the near future. The national chief information security officer for health and care at NHS England was speaking alongside a panel on the Cyber Security Stage on day two of Digital Health Rewired 2023 in London. Huggins explained that although the impact of the Advanced attack was big on the system, in a clinical sense it was not particularly damaging, despite the fact that client data was confirmed to have been exfiltrated. However, Ayesha Rahim, clinical lead for digital mental health at NHS England and chief medical information officer at Surrey and Borders Partnership Foundation Trust, was also on the panel, and spoke of the huge impact the attack had on staff. “The date 4th August is imprinted in my brain”, Rahim said, which is when the attack first happened and was first reported. She explained that it is “quite difficult to fully convey the chaos this caused”, giving examples of staff having no idea what a patient’s background was and therefore having to do everything “blindfolded”. Rahim said staff could not tell if it was safe to go out on visits to mental health patients due to the lack of data and information on them, and every time a person saw a staff member they were retraumatised having to explain their past over and over, including experiences of sexual abuse. Read full story Source: Digital Health, 15 March 2023
  3. Content Article
    In 2021, cybersecurity attacks on healthcare providers in the US reached an all-time high, with one study indicating that more than 45 million people were affected by these attacks in 2021 – a 32% increase on 2020. This report published by the Office of Senator Mark R Warner outlines the risk to patient safety posed by cyberattacks and proposes ways to improve federal leadership, enhance healthcare providers' preparedness for cyber emergencies and establish minimum cyber hygiene practices for healthcare organisations.
  4. News Article
    No patient data held by mental health trusts was taken following a cyber attack this summer, NHS England has confirmed. The regulator told HSJ it had received confirmation from tech firm Advanced, which was the subject of a cyber attack in July, that no data had been breached on its Carenotes electronic patient record. The EPR is used by around a dozen mental health trusts. The process of reconnecting trusts fully back to Carenotes also started this week, after providers spent two months with limited or no access to their EPR. HSJ previously revealed that senior NHS chiefs feared patient data may have been taken or accessed by those responsible for the cyber attack, who issued ransom demands to Advanced. Since then, experts have been brought in to investigate any potential data impact following the attack. Read full story (paywalled) Source: HSJ, 21 September 2022
  5. News Article
    On Tuesday, the FBI issued a report offering recommendations to address a number of cybersecurity vulnerabilities in active medical devices stemming from outdated software, as well as the lack of security features in older hardware. Once exploited, the vulnerabilities could impact healthcare facility operations, patient safety, data confidentiality and data integrity. If a cyberattacker takes control, they can direct devices to give inaccurate readings, administer drug overdoses or otherwise endanger patient health. The FBI noted in its briefing that a mid-year healthcare cybersecurity analysis found that equipment vulnerable to cyberattacks includes insulin pumps, intracardiac defibrillators, mobile cardiac telemetry, pacemakers, and intrathecal pain pumps. Routine challenges include the use of standardised configurations, specialised configurations – including a substantial number of managed devices on a network – and the inability to upgrade device security features, according to the FBI's announcement. The agency further adds that research has found an average of 6.2 vulnerabilities per medical device and that 40% of medical devices at the end-of-life stage offer little to no security patches or upgrades. Read full story Source: Healthcare IT News, 13 September 2022
  6. Content Article
    Hospitals and other medical organisations are being hit by a rising number of cyberattacks; ransomware strikes on healthcare doubled annually between 2016 and 2021, according to a study published in December in the Journal of the American Medical Association. After a cyberattack, hospitals are forced to cancel procedures, reroute patients to other facilities and resort to pen-and-paper record-keeping. In this article, Wall Street Journal reporter James Rundle looks at how cyberattacks and a regulatory push are increasing the pressure on medical device manufacturers to improve the security of their products.
  7. News Article
    The Government is looking to hire a new cyber security chief for the NHS and Department of Health and Social Care (DHSC), at a time of heightened risk of cyber attacks against the health service. The DHSC last month issued a job advert for a “national chief information security officer”, who will sit within the digital policy unit of NHS England’s transformation directorate. It comes at a time when the risk of cyber attacks against the NHS is increasing. Earlier this summer, an attack on an NHS electronic patient record supplier impacted several providers, including a dozen mental health trusts, with some trusts still not having recovered their service fully. Meanwhile, in February, NHSE wrote to trusts to tell them to strengthen their cyber defences in the wake of Russia’s invasion of Ukraine. Read full story (paywalled) Source: HSJ, 18 November 2022
  8. News Article
    At least half of integrated care systems (ICS) lack plans for responding to cyberattacks, at a time of increasing cyber risks, HSJ can reveal. The findings also come at a time when the threat posed by cyber attackers is “constantly evolving”, and in the wake of a recent high-profile attack on a supplier to several trusts. In August 2021, NHS England published a framework – What Good Looks Like – to set out what ICSs and member organisations must achieve to be considered digitally mature. Requirements included that all ICSs should have a system-wide plan for “maintaining robust cybersecurity” with “centralised capabilities to provide support across all organisations”. However, 20 ICSs have told HSJ they do not yet have such a cybersecurity strategy or plan in place. Nine ICSs said they did, while the remaining 13 ICSs did not respond. This is despite the NHS being subjected to a growing number of cyber attacks. In 2020-21, NHS Digital reported the health service had been targeted roughly 21 million times on a monthly basis, which marked an increase since before the pandemic. Most of these are malicious emails containing malware and are automatically blocked by cyber defence and monitoring systems. However, in August, a dozen mental health trusts and several NHS 111 and urgent care providers were badly affected by a cyber attack on one of their IT suppliers, Advanced. Several trusts have not yet regained full access to their electronic patient record three months on from the attack. Read full story (paywalled) Source: HSJ, 11 November 2022
  9. News Article
    Patient care is still being undermined at NHS mental health trusts and social care providers that were hit by a major cyber attack in August, doctors have warned. Three months after the major attack wiped out NHS systems, patients’ records are missing, safety has been compromised, and medication doses are at risk of being missed amid ongoing “chaos”, i News has been told. Dr Andrew Molodynski, mental health lead at the British Medical Association, said the prolonged systems failure has damaged care because records are “integral to patients’ safety”. Mental health patients’ records and safeguarding alerts have not been available in some trusts since 4 August, when NHS software provider, Advanced, was hit by a ransomware attack which targeted its Carenotes records system. A total of 12 NHS mental health trusts have been impacted by the cyber attack, potentially impacting tens of thousands of patients as well as social care providers. According to Advanced’s own hazard log spreadsheet, seen by i News, the risks associated with disruption to its server include “medication doses missed”, “required number of carers not met”, “basic needs not met, such as nutrition and personal care”, and “health needs not met, such as wound care and physical support”. Advanced said: “We recognise that the restoration process has taken longer than we had initially anticipated and we have sought to communicate as clearly and transparently as we have been able.” It said planned dates for restoring the system for each client has been communicated directly and that the “overall restoration programme remains on track”. Read full story Source: i News, 4 November 2022
  10. Content Article
    Ransomware attacks against healthcare providers are increasing and puts patient safety at risk. Ransomware attacks can severely affect a healthcare provider's ability to provide care to patients (e.g., diversion of emergency vehicles, cancellation of appointments) delay or prevent a facility's ability
  11. Content Article
    The world has significantly changed in the past decade and the healthcare sector has changed with it. Many healthcare organisations are now digital and digital tools enable patient safety and care. Electronic health records (EHRs) have replaced paper records. Picture archiving and communication systems have replaced film and light boxes. Computer-implemented or enabled hardware and software have replaced the mechanical systems of yesterday. In some instances, virtual visits have replaced in-person visits. And patients can transmit information about their health status and condition in real time to their clinicians via various software applications and devices. As a result of our digital transformation, electronic data is the lifeblood of the healthcare organisation. Electronic data, in the healthcare context, must be kept confidential, integrity must be preserved, and it must be made available on demand wherever and whenever it is needed. But if electronic data is not appropriately protected, clinical care and the business of healthcare can grind to a halt. This is why ransomware has been a significant concern for many healthcare organisations, as Lee Kim, Director Privacy and Security, HIMSS, explains in this article.
  12. Content Article
    This new book by Professor Harold Thimbleby of Swansea University tells stories of widespread problems with digital healthcare and explores how they can be overcome. "The stories and their resolutions will empower patients, clinical staff and digital developers to help transform digital healthcare to make it safer and more effective."
  13. Content Article
    In this article in Inforisk Today, Marianne McGee looks at warnings from patient safety experts and federal authorities around cyberattacks on the public health sector. She looks at emerging trends in the way that cybercriminals target healthcare, recent work to bring down cybercriminal gangs and the impact of ransomware attacks on healthcare systems.
  14. Content Article
    This blog in the Health Services Journal (HSJ) looks at the risk posed to clinical care by cyberattacks. A recent HSJ webinar in association with Sophos argued cybersecurity should be the business of everyone in the NHS, and looked at how NHS organisations can tackle the issue. Cyberattacks can cause delays and compromise patient safety and are therefore something that all healthcare staff need to consider. Using helpful language to explain the implications of cyberattacks is key to getting involvement right across the spectrum of management and frontline staff, so that it is not seen as 'an IT issue'.
  15. Event
    until
    Developing trust when it comes to the employment of AI-driven healthcare is a complex challenge, and one that’s easy to get wrong. Daniel Morris, Partner at Bevan Brittan, Mahesh Hariharan, Founder and CEO of Zupervise, and Surabhi Srivastava, Commercial VP of Qure.ai, will together explore the importance of trust in AI-driven healthcare, and how effective governance can help build trust between patients & providers. They will discuss topics such as: data provenance; algorithmic transparency; and the role of human oversight in ensuring patient safety and data security. Register
  16. Event
    Through multidisciplinary lectures from expert speakers and lively panel discussions, this Royal Society of Medicine conference will look at the current cybersecurity threats facing health and care organisations and examine the progress made by healthcare institutions since 2017 in rising to the challenge of cybersecurity. We will focus on the issues facing the NHS today and the steps that NHS organisations should take to protect themselves. Attendees will learn how cybercriminals and hostile nation-states pose a threat to patient safety and trust. Delegates will hear from NHSX, NHS Digital and key organisations that combat cyber threats daily. They will also hear directly from experts in the field about the steps they are taking to help healthcare organisations to address their issues and concerns. During this event, you will: Current cybersecurity threats faced by healthcare organisations from both cybercriminals and hostile nations. Specific risks due to online working, increasing digitalisation and prevalence of connected medical devices and artificial intelligence (e.g. data provenance). Specific risks due to the use of medical and telehealth devices in the home and community. How the NHS is equipped to deal with current and future threats. Tools and approaches to protect organisations and devices from attack. Register
  17. Content Article
    This document provides the principles, concepts, terms and definitions for health software and health IT systems, key properties of safety, effectiveness and security, across the full life cycle, from concept to decommissioning. It also identifies the transition points in the life cycle where transfers of responsibility occur, and the types of multi-lateral communication that are necessary at these transition points. This document also establishes a coherent concepts and terminology for other standards that address specific aspects of the safety, effectiveness, and security (including privacy) of health software and health IT systems.
  18. Content Article
    An overview of the industry study by MxD and IAAE between February and June 2021 funded by FDA Office of Counterterrorism and Emerging Threats. The aim of the study was to gain an initial baseline to deepen FDA’s understanding of the factors that impact a manufacturer’s decision to invest in and adopt digital technologies by illuminating both perceived and demonstrated barriers from technical, business, and regulatory perspectives, and related cybersecurity considerations.
  19. Content Article
    Mike Fell, executive director of national cybersecurity operations at NHS Digital,, discusses the WannaCry cyberattack, teaching GP surgeries to up their game and how data can save lives.
  20. Content Article
    This article* is an update from Dr Henrietta Hughes, Patient Safety Commissioner for England.
  21. Content Article
    Large-scale organisational disruptions threaten patient safety. This essay from Lisa Croke in the AORN Journal shares privacy, physical space operation and medical device function concerns that could result from cyberattacks.
  22. Content Article
    In this month's Letter from America, Lorri Zipperer discusses cautions and capabilities associated with healthcare technologies. Letter from America is a Patient Safety Learning blog series highlighting new accomplishments and patient safety challenges in the United States. This is Lorri's last blog in the series and we'd like to thank Lorri for sharing her insights with us over the last 12 months. Read here all the Letter from America blogs
  23. Content Article
    On a day to day basis, the NHS Digital Clinical Safety team are involved in several wide-ranging and very different projects. As you know, clinical safety should be part of everything the NHS do. Every project, every programme, every deployment. Clinical safety should be considered, understood and implemented to the highest calibre. So as you can imagine, we are a busy team. For those manufacturers with systems in use, we deal with live incidents, upgrades, further geographical or functionality deployments. For those creating new systems we are supporting them in their clinical risk management process, running hazard workshops, creating hazard logs and writing the supporting documentation.  We are constantly reviewing and peer reviewing, assessing compliance and marking against the standard requirements. We assist suppliers and health organisations to self-audit their compliance against the standards so they may improve their clinical safety position.  We are assessing new and emerging apps and mobile health solutions to ensure they are going through the same standard of assessment as the traditional computer-based systems and we are providing representation across the NHS to ensure clinical safety remains paramount to the work being done.  One of the biggest branches of our role is training delivery. We know first-hand the importance of having a team that are educated and confident in clinical risk management.
  24. Content Article
    We are NHS Digital’s Clinical Safety team and I’d like to tell you more about who we are, what we do and why we do it. 
  25. Content Article
    This is the Internet First policy, standards and guidelines defined by NHS Digital. The document will help health and social care organisations make their digital services accessible over the internet. It describes how to make them secure, scalable and, where possible, consistent.
×
×
  • Create New...