How healthy is NHS app security? Not very, I fear.
The Health Secretary is pushing for more NHS apps, but will security be sacrificed for both cost and delivery speed?
Way back in January 2016, Arxan Technologies published a report looking at the security of health apps. At the time the firm’s senior technical director, Winston Bond, stated that while most uses of such apps believed them to be secure, “most have significant vulnerabilities”. Fast forward to the present, and the recent drive by secretary of state for health and social care Matt Hancock for the NHS to adopt more apps, with a view to improving clinician communication and workflow and patient convenience.
In a speech to staff at his local hospital, Hancock said “let this be clear: tech transformation is coming” and added that “the right use of technology can save time and money, it can improve patient safety too”. In and of itself I don’t have a problem with any of that. I do, however, have a problem with the elephant that remains in this particular room: security.
I’m not so much worried about the health of NHS app security as I am about the health of the NHS itself under this government. Hunt has moved on, and thank the lord for that, but Hancock seems for all intent and purpose to be Hunt v2. Yes security is important, of course it is, and nobody wants patient data at risk. Getting the NHS itself out of the downward death spiral it is currently on has to be the primary focus though.
It’s always going to a budget balancing act, I agree. However, I’m not convinced you can have a healthy NHS without properly addressing the data security issues.