• Government publishes its response to Caldicott Review of data security and data sharing in the NHS
• New measures announced to strengthen resilience against cyber attacks and give patients more control over their data
• We say it is vital public has confidence in NHS data security as we increasingly rely on digital innovations

The Government has issued its response to the Caldicott Review of data security and data sharing in the health and social care sector.

It has announced wide-ranging plans to strengthen organisations across the NHS and social care against the threat of global cyber-attacks, including a new £21m fund to increase cyber resilience at major trauma sites.

The government has also announced plans to give patients and the public more access to, and control over, their personal data while building confidence in the importance of secure data to provide better individual care and treatment as well as supporting research and planning across the health system.

The head of analysis at NHS Providers, Phillippa Hentsch said:

“We welcome the measures announced to help protect the NHS against further cyber-attacks.

“As the National Audit Office has pointed out, in recent years we have seen funding for capital projects including IT switched to support day-to-day activities without a proper assessment of the risks this may cause.

“While the NHS coped well with what was an international cyber attack affecting more than 80 countries, trusts do need more funding and support to improve their resilience. That is why we are pleased there will be extra money for data and cyber security. In particular, the support for cyber resilience of major trauma sites is sensible.

The health service is increasingly relying on digital innovations to help deal with growing patient demand.

“It also makes sense to help the NHS move from unsupported operating systems, bearing in mind the particular complexities involved in upgrading software for some equipment, such as scanners, that may be required round the clock, and might involve third party suppliers.

“We agree it is vital that the public has confidence in NHS data security. The health service is increasingly relying on digital innovations to help deal with growing patient demand. This presents important and exciting opportunities to improve care for patients, and to work more efficiently. Trusts will need clear direction and guidance on how new digital technologies are to be rigorously assessed while maintaining data confidentiality.”