Data Backup Digest

For any business, migrating their data from traditional storage methods is a daunting task. There are various things for organisations to get to grips with: reviewing amassed data to date, challenges of a new technology implementation, the costs associated with it, and more.

As such, you can imagine that challenge that the UK National Health Service (NHS), the country’s largest employer and one of the most important public services, are facing with securing their data in the cloud.

NHS Digital are an organisation that handle the technology infrastructure aspects of the NHS. Previously, there’s been a disconnect between how individual trusts and NHS Digital have presented their stance on cloud. Cloud providers would offer their services to trusts, only to be told that NHS Digital didn’t allow the use of public cloud services. NHS Digital, on the other hand, would claim to vendors that there was no ban.

To rectify this, NHS Digital created a working group in conjunction with the National Cyber Security Centre, with its purpose being to create guidelines around safe use of the cloud. It’s a mechanism for trusts to do their own assessments on cloud services to see if they are suitable for their specific needs.

However, the effectiveness is debatable. While it does give hospitals more power, and stops them automatically turning vendors away, it also puts all the onus on them – some debate the responsibility should lie with NHS Digital.

All that aside, the task of moving the NHS data into the cloud is no easy feat. The organisation is very fragmented and has long run on outdated and independent systems. The NHS are suffering staff shortages for those in the medical professional, let alone employing those who have the technical skills to pull this off smoothly. NHS Digital themselves only have around 20 deeply technical skilled people. There’s a nationwide shortage of the available skills and those that have them will be drawn to the private sector, which can afford to pay higher wages. As the WannaCry cyberattack proved, which sent the digital health system into chaos, the NHS aren’t well protected in the modern age.

Moving to the cloud would bring great benefits, there’s no doubt about it. Not only is it cost-saving, it also means that services can be tested and deployed quicker, and it becomes easier to flow data between different systems and get the most value from it.

Of course, there’s also security challenges – and not just the aforementioned malicious ones. There are also concerns about privacy and how third-party organisations will have access to patient data once it’s in the cloud.

"These people are here to make money, if not today, tomorrow, and you need to understand very clearly what their business model is if you are going to be part of that," said Javier Ruiz Diaz, a director at Open Rights Group.

NHS Digital need to think not only about the cloud, but also their wider digital strategy. A future-looking NHS, with the right technological investment and support, can not only help the staff be more effective and empowered, but it’ll also benefit the patients in their care and access to information.