4,692 members and growing, are your details correct please LOGIN and update NOW
HCSA EIS EVENTs 2025 DATES LAUNCHED - Midlands/Birmingham- 1st May, North/Leeds - 5th June, South/Reading - 3rd July
Women's and EDIB Network Event back for 3rd Year on 10th September 2025 in Birmingham
HCSA/HFMA Joint Procurement Event 22nd January 2025 last few places available
HCSA Annual Conference 19 & 20 November 2025 Telford International Centre ON SALE Early in 2025
HCSA Awards going live earlier in 2025 so start collecting those great award winning examples
Close Search

The NHS supply chain contains “absolutely massive” cybersecurity risks which have not “really been talked about”, an integrated care board and trust chair has warned.

Lena Samuels, who is chair of two London trusts and of Hampshire and Isle of Wight Integrated Care Board, said: “We’ve been talking internally about our own organisations but we haven’t really talked about the supply chain and the risks within that – and that is absolutely massive.”

Her comments come after one of the most disruptive cyber attacks on the NHS last week hit pathology systems at King’s College Hospital and Guy’s and St Thomas’ foundation trusts, and primary care across six boroughs, with major disruption to tests still ongoing. This was due to an attack on their pathology IT system, which is run by and the company Synnovis. Synnovis is majority owened by the European firm Synlab.

Ms Samuels, speaking at the NHS Confed Expo conference yesterday, said many NHS organisations still needed to question: “How do our risk registers capture what our supply chain resilience looks like in terms of cyber protection?”

She said NHS organisations also needed to be considering “who on my board is going to ask that question” and “whether they’re going to even think of asking that question”, adding: “There’s so much that we’ve got to think about.”

Ms Samuels said ICBs needed to develop their skills and knowledge of cybersecurity, though expertise also needed to be shared nationally, but she said it was “really difficult to recruit that sophisticated talent”.

She said: “[Cybersecurity] leadership has got to be embedded within an organisation, in its totality. If we’re going to really get supportive activities to prevent something but also react against it, that culture has to be in place all the way through the organisation.”

As well as the ICB Ms Samuels chairs neighbouring Barnet, Enfield and Haringey Mental Health Trust and Camden and Islington FT, which work as a group. She told the event it would be helpful to have cybersecurity expertise in non-executive board roles, as well as among executives.

In the same session at the event in Manchester, Cate McLaurin, a digital security expert at consultancy Public Digital, said NHS organisations were highly likely to be hit by cyberattacks, as “public sector bodies [are] being targeted specifically”.

Source: HSJ

Date: 17 June

Posted in News on Jun 16, 2024

Back to News