The study reveals NHS IT managers’ awareness and understanding of how the Department of Health is planning to radically change cybersecurity requirements for healthcare providers.
Data Security Is a Priority, but Training Needed to Boost Prevention Culture
All respondents agreed on the importance of keeping data secure. The benefits of cybersecurity are believed to have a wide significance, with 65 percent believing that it would improve the level of patient trust, almost half (49%) thinking it would streamline processes, and 45 percent seeing long-term cost-savings as a result.
With recent cyberattacks such as WannaCry affecting front-line services, NHS IT managers say that more can still be done to cultivate a robust and widespread cybersecurity culture within the NHS, through improved training and education.
However, while 41 percent felt that all staff should receive specific training, only a minority of NHS IT professionals said that front-line staff who accessed IT systems receive cybersecurity training, such as administrators (30%), doctors (11%) and nurses (6%).
Professional Concerns Aired on Patient Trust in NHS Data Handling
In a sector that is increasingly digitized and reliant on data, patient confidence in how their data is used and stored is essential.
The research found that IT decision-makers mostly think that patients have a good or complete level of trust in how the NHS uses or stores their data (81% and 67%, respectively). However, a quarter of respondents believe that patients have minimal trust in how the NHS stores their data. More than 1 in ten (16%) also reckon patients put very little trust in how their data could then be used by the NHS. In order to tackle this trust gap, prioritization of cybersecurity is seen as key (89%).
GDPR May Be on Track in NHS, But Big Improvements Still Need to be Made
When it comes to GDPR, IT decision-makers within the NHS are generally informed about the changes coming into effect in 2018. Eighty-three percent have had guidance from senior management about compliance, and 95 percent say they are aware of what they need to do to comply.
The majority of respondents (58%) think that their NHS organization will be ready for GDPR by May 2018, and 16 percent even believe the NHS is already compliant. Nonetheless, more than three-quarters (77%) realize that their organization’s IT systems still need improving to ensure data-handling compliance.
