Healthcare Security
Compliance & Regulation
Essential Reading
NHS DSPT Compliance
The 2017 WannaCry attack cost the NHS £92 million and cancelled 19,000 appointments — all from unpatched systems.
GDPR in Healthcare
Healthcare is the most fined sector by the ICO for data protection failures — accounting for 28% of all enforcement actions.
Cyber Essentials for NHS and Healthcare Providers
NHS England requires Cyber Essentials Plus for all IT health suppliers — and increasingly uses it as a procurement gateway for NHS contracts.
Further Reading
CQC Information Governance
CQC's Well-led inspections explicitly assess information governance — poor IG has led to Requires Improvement ratings for otherwise strong providers.
ICO Enforcement in Healthcare
Healthcare organisations received the most ICO enforcement notices of any sector in 2023 — accounting for 28% of all enforcement actions.