Committee claims one recommendation from a draft review of Wannacry could cost £1bn

  • 26 January 2018
Committee claims one recommendation from a draft review of Wannacry could cost £1bn

NHS Improvement has been told that implementing just one recommendation included in an NHS England draft report on learning from the Wannacry cyber-attack will cost £1 billion.

Minutes from a meeting of NHS Improvement’s technology and data assurance committee in December reveal NHS England CIO, Will Smart, presented a “draft lessons learned review” following the attack in May and included recommendations.

The committee’s papers note that “to implement the first recommendation as set out in the review would cost £1 billion”, though the details of what the recommendation are not revealed.

The committee then states this unknown recommendation is considered a “core patient safety issue” by NHS England and the funding for it “would have to be found”.

“There had been a suggestion that the funding allocated to the Paperless 2020 programme should be used for this purpose but doing so would mean cancelling the balance of the Paperless 2020 programme,” the minutes add.

The Paperless 2020 programme set aside £1.3bn of government funding to go towards making the NHS paperless to the point at the point of care.  Cancelling the already limited national investments in clinical systems that are most likely to directly benefit patient care would be contentious.

The call for funding is likely to partly to modernise and bootstrap the infrastructure and software run across all parts of the NHS, through investment in networks and the latest version of operating and application software.  Smart is known to be currently in negotiations for a new Enterprise Wide Agreement with Microsoft and negotiations are also underway for a national cloud licensing deal.

The idea of reallocating funds away from the programme had previously been brought up at an NHS Improvements board meeting, which was also attended by Smart.

Minutes from the meeting suggest that funds have already started to be reallocated, and that

“The Board discussed the Paperless 2020 programme,” it states.

“It was noted that there was not sufficient funding for the programme, and that this situation had been exacerbated by the requirement to fund cybersecurity investment from the Paperless 2020 programme budget.”

A previous report by the National Audit Office (NAO) revealed that simple measures could have been taken to protect the NHS from the global cyber-attack.

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Related News

Patient groups oppose NHSE plans for unified clinical registry platform

Patient groups oppose NHSE plans for unified clinical registry platform

Patient groups for people with blood disorders have raised concerns about NHS England plans to combine clinical registries in a single platform.
Harnessing AI and cybersecurity to transform healthcare in the UK

Harnessing AI and cybersecurity to transform healthcare in the UK

The UK healthcare sector is in a transformative era, driven by advancements in artificial intelligence (AI). AI has the potential to revolutionise healthcare by improving…
Junior doctors break strike to assist at sites hit by cyber attack

Junior doctors break strike to assist at sites hit by cyber attack

Guy’s and St Thomas’ and King’s College Hospital NHS Foundation Trusts continue to experience major disruption following the cyber attack on Synnovis.

1 Comments

  • Sadly that number seems to be same as Carillion’s missing zero’s
    Have read the
    “NHS Improvement’s technology and data assurance committee ”
    Need to align financial allocations to cover capital and revenue cost and allowed to deliver over a sensible time frame not in Q4 .
    Hardware purchase aligned to a long term Digital IT security .
    We had Win XP
    Now, we need to NOT ignore the demise of win7 jan 2020. 500 working days
    Any central mandates on this? otherwise we will be in the same position we have software on diagnostic devices right now , isolated from Networks because suppliers have not been given notice .
    All digital eggs in one OS nest ?

Comments are closed.