Every time you visit a website, use your passport, put your bank card into an ATM or use an app on your smartphone, this is the largely invisible ecosystem which ensures your bank is who they say they are when you use their website, that you are who you purport to be when you use your passport, that your phone apps have not been tampered with, that your communications are not being intercepted and that the prescription being dispensed by your local pharmacy is the same digital entity that was signed by your GP.

Every day, hundreds of thousands of NHS staff in tens of thousands of NHS locations across England lever this infrastructure to do their jobs. They verify their identity by authenticating with a smart card, they digitally sign prescriptions, and they use digital certificates issued by a PKI to ensure that the billions of messages transmitted between clinical systems can be sent securely over what may be considered an insecure network.

A large-scale PKI will typically have a lifespan of around 20 years. In the same way that cars become safer and cleaner, computers become more powerful and technologies mature.

We have to balance the need for a consistent, reliable service over time against the risk that one of the many constituent components of an older offering might become vulnerable in the face of developing technologies such as quantum computing. The introduction of completely new computing paradigms presents potential future challenges to the robustness of encryption technologies previously considered unbreakable.

We began planning for the change to our new infrastructure in 2020.

The 2nd generation, or G2, PKI is built upon stronger encryption standards, removes old technologies regarded as potentially vulnerable, brings the NHS into alignment with the latest industry standards and confers the potential for more accessible tooling for developers and system administrators as they continue to streamline and automate their delivery pipelines. The tens of thousands of clinical systems across the country will benefit from stronger encryption in the transmission of patient data and the ability to instantaneously verify they are not communicating with compromised parties.

We have been gradually transitioning smartcards to G2 as they come up for renewal, and the whole NHS estate will be using the new certificates several months before the end of the previous solution’s lifespan.

Migration of systems is a more challenging task due to the decentralised nature of the estate and is being approached in stages. Whilst hundreds of new digital certificates have already been issued to system suppliers, there are many more to be addressed over the coming months and it is our intent to complete this process by the end of 2023.

Real-time systems such as those communicating with Spine are the highest priority for transition, the 111 service will follow, whilst periodic batch processing services (such as NHS number resolution) are being addressed on an ad-hoc basis in the interim period.

The G2 PKI lays the foundations for the next 20 years of NHS security, can be levered in more capacities than ever before, and will provide simpler integration pathways for developers to unlock new and innovative technologies to further streamline and enhance clinical care delivered digitally.

Many NHS England staff in numerous teams have played various roles in the delivery of this work and naming anyone risks excluding key individuals, but I want to call out the outstanding technical work done by my colleagues Mark Cooper and Dominic Butler over a period of years. Their subject matter expertise has been vital to the project.

If your organisation uses systems that communicate with the NHS Spine, you'll need to make sure your systems are updated by your healthcare IT system supplier by 31 December 2023.

NHS trusts that operate their own Spine-connected IT systems, such as clients for Message Exchange for Social Care and Health (MESH) and the Demographics Batch Service (DBS) are expected to update their own certificates locally.

This is a straightforward process, and our technical teams can provide support where needed, but it is important that our IT suppliers and IT trust teams carry it out as soon as possible to ensure a continued smooth transition and uninterrupted continuity of service.