This site is intended for health professionals only

Hancock pledges £150m to improve NHS IT resilience

The health secretary has pledged £150m to improve IT resilience, in a speech marking the two-year anniversary of the global WannaCry attack that affected NHS IT systems.

Matt Hancock announced the new GP IT futures framework to delegates at last week’s King’s Fund Digital Health and Care Congress, which will create an ‘open and competitive’ market to encourage practices to choose the best supplier for its IT needs.

The £150m will fund a package of measures over three years including more support for NHS Digital’s Data Security Centre, which detects and prevents cyber-attacks in real time.

This investment was previously pledged by former health secretary Jeremy Hunt, however the Department of Health and Social Care said this had since been ‘re-prioritised’. 

Mr Hancock said: ‘I believe it should be as easy for a GP surgery to switch IT provider as it is for a small business to switch bank accounts.

‘Under the new contract, providers will have to follow our standards on interoperability and data access. Systems will need to be continuously upgradeable. Patient data will need to be securely hosted in the cloud.’

It comes two years after the WannaCry cyber attack, which reportedly cost the NHS £92m and affected nearly 600 GP practices

NHS Digital chief executive Sarah Wilkinson said: ‘We are absolutely committed to ensuring GPs have access to high quality technology systems and services, and that those systems also comply with NHS data standards and integrate effectively with the rest of the health and care system, so that hospitals and GPs have a full view of a patient’s record and can care for them safely and efficiently.

‘We are looking forward to working with incumbent and new providers of these systems over the coming months to ensure that GPs have a choice of high-quality systems providers.’

She added: ‘The government’s ongoing investment in NHS Digital’s Cyber Security Centre is enabling us to provide ever-stronger capabilities, systems and services to prevent, detect and respond to cyber-attacks against the health and care system.’

Earlier this year, the Department of Health and Social Care launched the procurement process for providers of new GP IT systems, which promised to open up competition and ensure more systems were available that were suited to ‘the digital age’.