Skip to main content
Creating a new NHS England: Health Education England, NHS Digital and NHS England have merged. More about the merger.

The invisible ecosystem that protects us

Alex Toft, Head of Technical Intervention in our Technology Live Services directorate, explains how the renewal of the NHS's public key infrastructure (PKI) over the coming months will lay the foundations for trusted identities and secure communications for the next generation.

Despite its mathematical origins stretching back to the 1960s, the collection of technologies and strong governance which constitute a modern public key infrastructure (PKI) remain as relevant today as they ever have been. Anybody using a computer will lever this technology on a constant basis, likely without ever knowing it. Ultimately it builds trust: trust of people, trust of systems, trust of software and trust of documents.

The author Alex Toft

Every time you visit a website, use your passport, put your bank card into an ATM or use an app on your smartphone, this is the largely invisible ecosystem which ensures your bank is who they say they are when you use their website, that you are who you purport to be when you use your passport, that your phone apps have not been tampered with, that your communications are not being intercepted and that the prescription being dispensed by your local pharmacy is the same digital entity that was signed by your GP.

Every day, hundreds of thousands of NHS staff in tens of thousands of NHS locations across England lever this infrastructure to do their jobs. They verify their identity by authenticating with a smart card, they digitally sign prescriptions, and they use digital certificates issued by a PKI to ensure that the billions of messages transmitted between clinical systems can be sent securely over what may be considered an insecure network.

The tens of thousands of clinical systems across the country will benefit from stronger encryption in the transmission of patient data

The need to update

A large-scale PKI will typically have a lifespan of around 20 years. In the same way that cars become safer and cleaner, computers become more powerful and technologies mature.

We have to balance the need for a consistent, reliable service over time against the risk that one of the many constituent components of an older offering might become vulnerable in the face of developing technologies such as quantum computing. The introduction of completely new computing paradigms presents potential future challenges to the robustness of encryption technologies previously considered unbreakable.

We began planning for the change to our new infrastructure in 2020.

The 2nd generation, or G2, PKI is built upon stronger encryption standards, removes old technologies regarded as potentially vulnerable, brings the NHS into alignment with the latest industry standards and confers the potential for more accessible tooling for developers and system administrators as they continue to streamline and automate their delivery pipelines. The tens of thousands of clinical systems across the country will benefit from stronger encryption in the transmission of patient data and the ability to instantaneously verify they are not communicating with compromised parties.

Real-time systems such as those communicating with Spine are the highest priority for transition

We have been gradually transitioning smartcards to G2 as they come up for renewal, and the whole NHS estate will be using the new certificates several months before the end of the previous solution’s lifespan.

Migration of systems is a more challenging task due to the decentralised nature of the estate and is being approached in stages. Whilst hundreds of new digital certificates have already been issued to system suppliers, there are many more to be addressed over the coming months and it is our intent to complete this process by the end of 2023.

Real-time systems such as those communicating with Spine are the highest priority for transition, the 111 service will follow, whilst periodic batch processing services (such as NHS number resolution) are being addressed on an ad-hoc basis in the interim period.

The G2 PKI lays the foundations for the next 20 years of NHS security, can be levered in more capacities than ever before, and will provide simpler integration pathways for developers to unlock new and innovative technologies to further streamline and enhance clinical care delivered digitally.

Many NHS England staff in numerous teams have played various roles in the delivery of this work and naming anyone risks excluding key individuals, but I want to call out the outstanding technical work done by my colleagues Mark Cooper and Dominic Butler over a period of years. Their subject matter expertise has been vital to the project.

What NHS trusts, urgent care and other healthcare settings need to do

If your organisation uses systems that communicate with the NHS Spine, you'll need to make sure your systems are updated by your healthcare IT system supplier by 31 December 2023.

NHS trusts that operate their own Spine-connected IT systems, such as clients for Message Exchange for Social Care and Health (MESH) and the Demographics Batch Service (DBS) are expected to update their own certificates locally.

This is a straightforward process, and our technical teams can provide support where needed, but it is important that our IT suppliers and IT trust teams carry it out as soon as possible to ensure a continued smooth transition and uninterrupted continuity of service.

Related subjects

All health and social care organisations connecting to the NHS Spine must have a valid NHS Public Key Infrastructure (PKI) certificate in place to ensure encrypted patient data is transmitted securely. First generation (G1) certificates are expiring in 2024. We recommend updating them to second generation (G2) certificates by 31 December 2023.


Last edited: 9 October 2023 10:37 am