NHS cyber-skills shortages reduced

According to recent data analysis by Redscan, Trusts have begun to deal with and address NHS cyber-skills shortages in the past two years, although there is still a lot of ground to cover to tackle the problem of data breaches within the health service. In 2018, it was reportedly revealed by Redscan that around a quarter of NHS Trusts did not have security professionals, whereas now, the figure has dropped to 15% of Trusts.

Despite an average decline in the number of NHS data breaches reported to the ICO, it is still clear that personal information is still not being granted the full security it deserves. In our view, there is still a lot of work to be done to ensure all NHS Trusts have the appropriate cybersecurity and data protection breaches needed to keep data safe.

We have represented many clients for a number of NHS data breach cases over several years, so we have seen just how devastating the effects can be when sensitive medical information is compromised. In accordance with UK data protection law, every citizen has a right to strong data protection, which is why we can help victims of data breaches to assert their rights by making compensation claims.

How have the NHS cyber-skills shortages been tackled?

After sending Freedom of Information requests to the NHS last year, Redscan reportedly found that Trusts now have twice as many staff members who hold professional IT security qualifications (on average) when compared with data for 2018. This is understood to be the equivalent of 2.8 employees per Trust in 2020, compared to 1.9 per Trust in 2018. Redscan has reportedly suggested that the reduction of NHS cyber-skills shortages is a “sign of the increased importance being attached to cyber security in the healthcare sector”.

The continued threat of data breaches

Despite some progress in tackling the NHS cyber-skills shortages, there is still inconsistency in terms of the money dedicated to IT security training. For example, one Trust reportedly spent some £78,000, while over half of the Trusts surveyed spent nothing. This element of risk management is, therefore, still lacking and is still far too inconsistent.

Moreover, despite an average decrease in the number of breaches reported per Trust, more than two-thirds of NHS Trusts are understood to have recorded the same or increased numbers of data breaches in 2020 when compared with 2019 figures.

The findings show that there is still significant action to be taken to minimise the risks of employee error data breaches and external cyberattacks. In fact, in terms of the continuing threat of an NHS cyberattack, 2020 was not an easier year, as many cybercriminals were seeking to capitalise on potential vulnerabilities caused by Covid-19.

NHS data breaches and compensation claims

At Your Lawyers, as leading specialists in privacy matters, we have been representing victims for NHS data breaches for a number of years. As such, we have seen how devastating the impact of these data breaches can be. Medical data constitutes some of the most sensitive information a data controller can hold, which is why it is vital that Trusts take action to reduce NHS cyber-skills shortages wherever possible.

If an NHS Trust has let you down by failing to protect your personal data, you may have a claim to make. By asserting your right to good data protection, you could recover compensation for the distress caused, and for any financial losses and expenses resulting from the breach.

We can offer free, no-obligation advice to anyone considering making a claim, so contact us today for more information.

Guntrader data breach

Wiltshire Council social worker sentenced over breach of trust