We often hear or read of one or other NHS trust having undergone a data breach and mostly this leads to loss and compromise of sensitive information as well as a substantial monetary penalty. Scanning through the UKs ICO news, it is not difficult to find evidence of this. The health trusts have been in the spotlight on numerous occasions regarding data breaches. Personal patient information is often compromised in various ways-through patient data or records being sent to the incorrect people, physical records being lost or misplaced, devices being lost, disposed of incorrectly or stolen. Unfortunately these occurrences continue to happen.
A recent survey, undertaken by Sophos, within the NHS was completed by 250 CIOs, CTOs and IT managers all employed by the NHS. The security survey revealed the reality of data security within the NHS.
The results have shown a notable inconsistency between the NHSs alleged digital security and the actual reality of it. With 76% of those surveyed portraying a suitable presence of security against cyber-attacks but 72% confirmed that data loss remained a major security concern for the NHS.
The lack of security within some trusts remains a concern and although many trusts have undertaken some steps to warrant an improvement, not enough has been done and this area remains a priority.
The participants of the survey have admitted the importance of encryption within the NHS, nevertheless the uptake of an encryption solution has been very low (only 10% have confirmed to have an established solution within their organisation).
Other survey results have concluded that of the participants surveyed, just over half (59%) have the use of an email encryption solution, under half (49%) use encryption for file sharing and 34% encrypt their cloud stored data. This is not acceptable as the data processed within the NHS is sensitive data and should be 100% secured at all times.
The Mobile computing trend is also one that is occurring within the NHS. The increase in the use of mobile devices adds yet another area of vulnerability, a further route for cyber attack and another security challenge for the NHS to address.
It is essential that the NHS take action to secure their data effectively so that patient and employee data remains secure. Security funding may be a sticking point for some, however not having the correct security procedures in place is not an acceptable practice and with the right solution security is achievable even with budget restraints.
The NHS environment has many security gaps. It is critical that the security issues within the NHS get sorted, the reality is that these security issues remain and choosing to not take action will only have a detrimental outcome for the NHS, their patients and employees.
Galaxkey offers an affordable and comprehensive solution for effectively securing emails, documents and files as well as data in storage. There should be no excuse for not securing your data.