NHS app data leak shows need for overhaul of security approval process
As the NHS uses a more diverse range of application suppliers, the organisation still needs to ensure that data protection standards are met.
The recent news that many NHS-accredited smartphone healthcare applications are leaking data demonstrates that NHS England’s Health Apps Library isn’t approving software that meets public sector standard requirements.
Simone Hume, Head of Public Sector at Cloud Services Provider Outsourcery comments: “The NHS is facing a critical challenge to save money and become more efficient at treating patients. Deploying innovative applications will be central to achieving this, but there is no room to cut corners by using app developers who do not meet the highest standards. Data must be stored in secure areas and applications must be enterprise grade.
Both the leak of patient data from apps on the Health Apps Library and the recent 15-hour outage of Skype show the need for organisations to take care about the tools they depend upon.”
Simone Hume, Head of Public Sector, Outsourcery
Outsourcery currently provides cloud services for the Berkshire Healthcare NHS Foundation Trust, delivering Software-as-a-Service (SaaS) Unified Communications (UC) solution Lync. One of the benefits of SaaS is that organisations like the Trust can take advantage of the latest technology, such as the recent launch of Microsoft’s latest UC offering, Skype for Business. SaaS users can easily migrate from Lync to Skype for Business with the support of CSPs. Hume explains: “Skype for Business from Outsourcery is delivered from Outsourcery’s Pan Government Accredited platform, available through the Digital Marketplace G-Cloud Framework”. Serving specialist mental health and community health services, the Trust uses the G-Cloud to enhance collaboration, increasing productivity with a cost-effective solution. In addition, Outsourcery’s O-Cloud services are accredited to ‘Official’ level, delivered on the secure Public Services Network (PSN) (formerly IL3), meeting CESG security principles..
Hume concludes: “Our public sector services have been certified to run government classified information at ‘Official’ (including ‘Official sensitive’) levels, providing connectivity via the internet and the Public Services Network, meeting data sovereignty and security specifications for the sector. Our work with the Berkshire Healthcare NHS Foundation Trust and other healthcare providers has put us on the frontline of the demand for healthcare in the UK. Apps used by healthcare providers, as with the any part of the public sector, need to maintain extremely high standards in their approach to data protection.”
Watch Outsourcery’s latest video on how Unified Communications like Skype for Business can improve healthcare services.
For more information, contact firstname.lastname@example.org.