Skip to main content

Part of NHS Digital Annual Report and Accounts 2019 to 2020

What we did in 2019-20: Live Services and Cyber Security

Current Chapter

Current chapter – What we did in 2019-20: Live Services and Cyber Security


Our Live Services and Cyber Security directorate is responsible for managing more than 100 active services for the NHS and care system, including vital systems like the NHS Spine, the Health and Social Care Network, the Summary Care Record application and NHSmail.

photo of Shane Martin, Network Manager at York Teaching Hospital NHS Foundation Trust, Shane Martin, Network Manager at York Teaching Hospital NHS Foundation Trust, said NHS Secure Boundary provided a vital extra layer of security that would have cost tens of thousands of pounds a year to buy.

Throughout the year, we provided safe, fast and reliable access that health and care staff and members of the public could rely on. We achieved 99.99% average availability across all services. 

What does that mean in practice? Every day, about 1 million items were processed by the Electronic Prescription Service, an average of 68,000 appointment bookings were made via the NHS e-Referral Service and 35 million transactions were sent through the NHS Spine, the core infrastructure that allows secure communication across healthcare IT systems in England.

Summary Care Records containing key information from patients’ GP records were viewed 25,000 times a day by authorised clinicians. Every day, our systems processed about 282,000 unique smartcard logins, giving clinicians access to secure applications on the NHS Spine.

The Child Protection - Information Sharing system, which flags vulnerable children to social care and health teams, issued an average of 400 alerts a day and an average of 10 million emails were sent via NHSmail. About 3,000 babies were registered each day by our Patient Demographic Service, helping to begin the cradle to grave care, both digital and in person, that they will receive from the NHS throughout their lives.

Our Health and Social Care Network (HSCN) team enabled the migration of national services and 68% of the legacy N3 estate onto HSCN, as well as managing the end-to-end service. We completed the introduction of HSCN’s Advanced Network Monitoring internet gateway, which provides essential security protection for the NHS, and we certified 19 service providers on HSCN. Each provider must pass a rigorous technical, security and service management assessment and our compliance function continually monitors their performance, taking action to rectify issues or improve services where required. 

We also made significant progress in improving the cyber preparedness of both national and local systems across the NHS over the past year. Our Cyber Associates Network, launched in April 2019, now has over 1,000 members from more than 700 organisations across health and care.

The associates not only share information and best practice through the network but are directly involved in the development of national services through focus groups, workshops and feedback surveys, ensuring we provide products and  services that are relevant and support their needs.

In February 2020, we rolled out NHS Secure Boundary to a number of organisations including the York Teaching Hospital NHS Foundation Trust. We aim to move all relevant NHS organisations to the system over the next two years. It’s a centrally funded, free-to-use perimeter security solution that blocks threats as internet traffic moves into or out of networks. While giving local managers the information and tools they need to better manage their own cyber security risk, it also allows our Data Security Centre to identify malicious content within encrypted traffic and to respond quickly and at scale to emerging risks.

The latest operating system (Windows 10) has been installed on 846,000 devices across the NHS and we have also provided 1,376,000 centrally-funded Microsoft Defender Advanced Threat Protection (ATP) licenses. Windows 10 is important because it provides better threat resistance, data protection and device security and ATP adds an extra layer of security. It integrates with NHS Secure Boundary, helping to prevent local incidents and feeding information to the Data Security Centre.

We are protecting NHSmail users by blocking about 96,000 compromised or insecure passwords a month and we’ve reduced the number of passwords people have to remember by automatically synchronising the NHS directory and local directories. New functionality will also automatically update NHSmail systems when people join or leave the NHS or move jobs within the system, reducing burden for local teams but also ensuring that only the right people have password access.

Our Cyber Security Operations Centre provides local and national network monitoring, incident response and threat intelligence and collaborates with other national cyber security bodies such as the National Cyber Security Centre to continuously improve protection.

It blocked an average of 21 million malicious threats a month in 2019-20. We introduced a cyber aptitude test to drive the recruitment of the best analysis and security talent and we began work on breaking down silos of information by consolidating security information and event management (SIEM) systems on a single, cloud-based platform. The maturity of the centre improved by 40% between 2018 and 2019, measured against the Carnegie Mellon Cyber Security Model.

To ensure that security is factored into the design of new technologies and systems being developed by NHS Digital, we also established a Cyber Design Authority to provide business-wide security standards and the governance to enforce them.

A new, easier-to-use version of our Data Security Protection Toolkit (DSPT) won in the data and information security category at the Public Sector Paperless Awards in July 2019. This online self-assessment tool allows local organisations to measure their performance against the latest data security standards. More than 4,000 published their DSPT assessment in 2019-20. We also brought together a suite of support services in the cyber security support model (CSSM) to help organisations with on-site assessments, risk frameworks, operational readiness, threat remediation and workforce training. We ran more than 134 training sessions for boards, offered a variety of training packages for staff, and launched a new national cyber security campaign, Keep IT Confidential, to educate the NHS about the direct impact of data and cyber security on patient care.

Our Information Governance team were a critical function during the coronavirus outbreak. Earlier in the year, we were successful in a bid to participate in the Information Commissioner’s Office (ICO) Sandbox and have been working with the ICO team on the privacy aspects of a central mechanism for collecting and managing patient consents for the sharing of their healthcare data for secondary uses, including medical research and regulated clinical trials. They have also been working with the ICO on the development of GDPR Article 40 Codes of Practice for the health sector, and the NHS Digital team is leading more detailed work on this during 2020-21 through the newly established Health and Social Care Information Governance Panel. 

Last edited: 5 November 2020 11:33 am