Patient safety through cybersecurity: Preventing harm from digital threats

In the first of our new series of digital clinical safety podcasts, we are joined by Chris Day, NHS England Clinical Lead for Cyber Operations and Robyn Dennis, NHS England Cyber Security Tiger Team Lead, as we explore how cyber threats directly impact patient care and what healthcare organisations and their staff can do to prevent them and minimise impact. Key insights include: • How cybersecurity incidents directly impact clinical safety and patient care • The most common cyber threats facing healthcare organisations, including ransomware and new AI-enabled risks • Why ""cyber is a team sport"" and everyone has a role to play in healthcare security • Practical strategies for preventing cyber incidents and protecting patient data • The importance of planning for business continuity and disaster recovery • How to integrate cybersecurity considerations throughout the digital product lifecycle The podcast provides essential listening for those working in digital clinical safety, patient safety and cyber security roles, but will also be of interest to anyone in healthcare who wants to understand how cybersecurity and patient safety work together to protect patients from harm. Further resources: • Data Security and Protection Toolkit (DSPT) - https://www.dsptoolkit.nhs.uk/ • Digital Technology Assessment Criteria (CDTAC) - https://transform.england.nhs.uk/key-tools-and-info/digital-technology-assessment-criteria-dtac/ • Chris's blog on multi-factor authentication (MFA): https://digital.nhs.uk/blog/transformation-blog/2023/multi-factor-authentication-a-silver-cyber-bullet • NHS multi-factor authentication (MFA) Policy - https://digital.nhs.uk/cyber-and-data-security/guidance-and-assurance/multi-factor-authentication-mfa-policy/nhs-england-multi-factor-authentication-policy • Cyber operations website - https://digital.nhs.uk/cyber • National Cyber Security Centre’s (NCSC) Cyber Aware campaign on top tips for all of us - https://www.ncsc.gov.uk/cyberaware/home • Network and Information Systems (NIS) regulations - https://www.gov.uk/government/publications/network-and-information-systems-regulations-2018-health-sector-guide/the-network-and-information-systems-regulations-2018-guide-for-the-health-sector-in-england#introduction • Health and Adult Social Care Cyber Security Strategy for 2030 - https://www.gov.uk/government/publications/cyber-security-strategy-for-health-and-social-care-2023-to-2030/a-cyber-resilient-health-and-adult-social-care-system-in-england-cyber-security-strategy-to-2030#approach-the-5-pillars# • NHS cyber and data security services and resources - https://digital.nhs.uk/cyber-and-data-security/services • Resources published for Cyber Awareness Month 2024 - including the Cyber Sessions podcasts - https://digital.nhs.uk/cyber-and-data-security/campaigns/cyber-security-awareness-month If you have any questions or would like to know more about what NHS England cyber operations does, email cybersecurity@nhs.net. A full transcript of this episode is available on our website - https://www.england.nhs.uk/long-read/patient-safety-through-cybersecurity-preventing-harm-from-digital-threats/ Please get in touch if you have any questions regarding this episode - cybersecurity@nhs.net