NHS Digital’s cyber security chief has set out a series of tips for health and social care workers.
Mike Fell, the organisation’s director of national cyber security operations, has taken the step ahead of Cyber Security Awareness Month.
Fell said: “Here in the NHS, getting cyber security wrong has the potential to cause significant impacts across the health and care system.
“If a GP can’t access their system, they may not be able to share life-saving prescriptions with pharmacies or critical information with hospitals. Similarly, cyber attacks can cause cancelled appointments and surgeries, possibly resulting in care diversion to other hospitals.
“Cyber security is as important as health and safety, and in just the same way it’s the responsibility of every person in the NHS to understand security risks and what they can do to reduce them. Fortunately, there are a few simple steps we can all take to ensure we stay cyber resilient at home and work.”
He has produced eight tips as follows:
- Use a strong password that someone who knows you could not guess in 20 attempts, maybe through combining three random words or using a password manager.
- Beware of phishing scams, watching out for warning signs such as incorrect branding, spelling mistakes, an email address with an irregular format, suspicious hyperlinks and an urgent title or request. And be sure to report any suspicious emails as an attachment to spamreports@nhs.net.
- Be mindful of what you share, such as wearing an ID pass in public or showing it on social media. The more information you share about yourself online, the easier you are to socially engineer.
- Watch out for tailgating, in which an unauthorised person gains entry to protected areas by following a member of staff through security barriers like doors and gates, and don’t be afraid to ask for ID.
- Keep up to date with data training and guidance.
- Never leave your computer or mobile device unlocked.
- Stay safe when using public Wi-Fi, ensuring you really know what network you are connecting to.
- Make use of available resources such as those within NHS Digital’s Keep I.T. Confidential campaign, which includes an online security awareness toolkit.
Fell added: “I understand how busy everyone is across the NHS right now, but I would encourage everyone to make sure cyber security is a top priority.
“Once you start taking these small steps, they will become a natural part of your day-to-day work, which will in turn help to make a massive difference to protecting crucial information as well as the safety of patients.”