Skip to main content

Cathy O'Keeffe

Cathy is Associate Director of Cyber Delivery

Associate Director of Cyber Delivery


I began my first role within the NHS straight from sixth form. Working from the ground up, I did radiography training and secured an entry level position at the Royal London Hospital. I loved what I was doing and worked hard to progress.

Before I knew it, I was a reporting radiographer at Liverpool Women’s Hospital, and in 2006, I was asked to contribute clinical input into the implementation of a new Picture Archiving and Communications System for the hospital; I ended up running the new system. We moved from darkroom processing to electronic processing of x-rays in half a year – and then the IT team asked me to lead their business operations.

I became Head of ICT and then deputy Chief Information Officer. It was a really productive and exciting time with various interesting projects including the Alder Hey new build, the Royal Liverpool new build, introducing electronic patient records across the city – and I also got my first masters degree in information security and IT management.

The key thing for me in my current role, is the knowledge that I am part of a really strong team.

I became a parent quite early on in my career and it definitely contributed to my drive. As a mother, it was important to me to be a good role model, to show my son that if you work hard and stay true to your values, you’ll be able to progress in the field you’re passionate about.

Since I’ve arrived at NHS Digital, it is a different sort of focus; but everything we touch here, every day, impacts patient care. I’ve moved roles in information governance (IG) and cyber: Director of IG Burden and Audit, Senior Responsible Officer for the implementation of General Data Protection Regulation, and I’m now Associate Director of Cyber Delivery. I also just achieved my second masters degree in information rights law.

Having worked in frontline, local and national roles, I can bring an invaluable perspective. We need to understand the reality people are working in if we are going to help them protect themselves from cyber security threats.

The key thing for me in my current role, is the knowledge that I am part of a really strong team. We are really focused on getting the culture right – bringing in all the talents – and on delivering on a critical mission: minimising the risk that a breach might impact services and maintaining public trust that their data is safe. It’s not hard to motivate yourself here.