The NHS appoints IBM in a three-year strategic partnership
The UK’s National Health Service (NHS) has appointed IBM in a new three-year strategic partnership to strengthen and improve present services.
With the increasing number of cyber-security threats, IBM will provide sophisticated data security technologies and additional defence tools. It will also be in alignment with the NHS Digital’s existing Cyber Security Operations Centre (CSOC) and bolster its capability to monitor, detect and respond to a multitude of security risks.
Such services will include:
- Vulnerability scanning and malware analysis, allowing NHS Digital to offer tailored and specialist advice to individual NHS organisations
- Enhancement of NHS Digital’s current monitoring capability enabling the analyses of data from multiple sources to detect threats across NHS Digital’s national systems and services
- Access to IBM’s X-Force repository of threat intelligence to provide insight, guidance, and advice so health and care organisations can take appropriate action to prepare for, or mitigate against, identified risks and threats.
- Security monitoring pilots across selected NHS organisations, to test a range of security technologies and identify appropriate solutions that could be rolled out across the NHS estate
- An innovation service which will allow NHS Digital to quickly access new tools technologies and expertise to address new threats as they emerge and to allow it to adapt services to meet the changing needs of the health and care sector.
“This partnership will build on our existing ability to proactively monitor for security threats, risks, and emerging vulnerabilities, while supporting the development of new services for the future and enabling us to better support the existing needs of local organisations. This will ensure that we can evolve our security capability in line with the evolving cyber threat landscape,” explained Dan Taylor, Programme Director, Data Security Centre at NHS Digital.
“This partnership will strengthen how we help to keep patient information and services safe and secure, enabling NHS staff and patients to have confidence in the security of our system.”
It follows on from the WannaCry attack in 2017, which revealed the urgent need for the NHS to upgrade its outdated IT infrastructure and strengthen its data security capabilities.
“The NHS faces data protection challenges which are not only presented by the transition from paper to electronic, but also by the rapid pace of the technological changes available to it. Some technical examples are incorporating virtualisation and cloud computing,” explained Graeme Stewart, Director of Public Sector UK&I at Fortinet
“A medical record is worth 10 times a credit card number on the black market, making them very valuable targets. It’s no wonder that 34.4% of all breaches worldwide are hitting the healthcare industry. From digitising patient records to medical devices and wearables, all these are expanding the attack surface.”
- GDPR - Is healthcare ready?
- Building trust in healthcare, AI and automated decision-making
- Microsoft brings two significant players on board to further transform healthcare
“The diverse nature of healthcare enables different devices to access the Internet (even though they are not designed for this) making them easy targets; with many outdated applications and systems that don’t include security as a priority.”
Impacting up to a thousand health facilities and leading to the cancellation of 20,000 hospital appointments and operations, the service has now signed a deal with Microsoft regarding its Windows XP systems, which was not renewed in 2010, to ensure its security features remain robust. The partnership with IBM will therefore support this and enable the NHS to undertake a number of pilots in the process.
“The NHS is relying on legacy systems, so they are completely underequipped for a cyberattack,” notes Simon Townsend, CTO, EMEA at Ivanti.
“The post-breach reporting process requires organisations to demonstrate how they were prepared for a data breach, but then why the attack got in anyway; they also need to communicate with all customers (or patients) effected, articulating a remediation plan; they need to run through their remediation plan, fix the breach and lock down all leaked data; and they also need to provide an in-depth report to the relevant “supervisory authority” of their EU member state.
“All in 72 hours. This simply isn’t possible if, as in the case of some trusts, you’re relying on an operating system that hasn’t seen a release for sixteen years,” he says candidly.
“WannaCry was so damaging as some trusts were using unpatched Windows 7 systems and some were using completely unsupported Windows XP systems.
“In 2004, the Office for Government Commerce signed a deal with Microsoft to provide all desktop software within the NHS – from operating systems to Office programmes. The NHS had the latest of everything and were kept secure and patched up with help from Microsoft. Then, in 2010, around the time that the austerity period began, the government scrapped the agreement. The NHS had been using £270mn worth of Microsoft software for less than £65mn a year, so were unable to cope, and individual trusts were effectively left to fend for themselves,” he continues.
“Post WannaCry, the NHS did sign a new agreement, specifically for cybersecurity, with Microsoft – the custom support agreement and Enterprise Threat Detection Service (ETDS) provided the NHS with patches and updates for all existing Windows devices operating as XP, Windows Server 2003 and SQL 2005.”
“However, in January of this year, it was exposed that only 2% of the NHS had actually deployed the ETDS.
How UiPath robots are helping with the NHS backlog
The COVID-19 pandemic has caused many hospitals to have logistical nightmares, as backlogs of surgeries built up as a result of cancellations. The BMJ has estimated it will take the UK's National Health Service (NHS) a year and a half to recover.
However software robots can help, by automating computer-based processes such as replenishing inventory, managing patient bookings, and digitising patient files. Mark O’Connor, Public Sector Director for Ireland at UiPath, tells us how they deployed robots at Mater Hospital in Dublin, saving clinicians valuable time.
When Did Mater Hospital implement the software robots - was it specifically to address the challenges of the pandemic?
The need for automation at Mater Hospital pre-existed the pandemic but it was the onset of COVID-19 that got the team to turn to the technology and start introducing software robots into the workflow of doctors and nurses.
The pandemic placed an increased administrative strain on the Infection Prevention and Control (IPC) department at Mater Hospital in Dublin. To combat the problem and ensure that nurses could spend more time with their patients and less time on admin, the IPC deployed its first software robots in March 2020.
The IPC at Mater plans to continue using robots to manage data around drug resistant microbes such as MRSA once the COVID-19 crisis subsides.
What tasks do they perform?
In the IPC at Mater Hospital, software robots have taken the task of reporting COVID-19 test results. Pre-automation, the process created during the 2003 SARS outbreak required a clinician to log into the laboratory system, extract a disease code and then manually enter the results into a data platform. This was hugely time consuming, taking up to three hours of a nurse’s day.
UiPath software robots are now responsible for this task. They process the data in a fraction of the time, distributing patient results in minutes and consequently freeing up to 18 hours of each IPC nurse’s time each week, and up to 936 hours over the course of a year. As a result, the healthcare professionals can spend more time caring for their patients and less time on repetitive tasks and admin work.
Is there any possibility of error with software robots, compared to humans?
By nature, humans are prone to make mistakes, especially when working under pressure, under strict deadlines and while handling a large volume of data while performing repetitive tasks.
Once taught the process, software robots, on the other hand, will follow the same steps every time without the risk of the inevitable human error. Simply speaking, robots can perform data-intensive tasks more quickly and accurately than humans can.
Which members of staff benefit the most, and what can they do with the time saved?
In the case of Mater Hospital, the IPC unit has adopted a robot for every nurse approach. This means that every nurse in the department has access to a robot to help reduce the burden of their admin work. Rather than spending time entering test results, they can focus on the work that requires their human ingenuity, empathy and skill – taking care of their patients.
In other sectors, the story is no different. Every job will have some repetitive nature to it. Whether that be a finance department processing thousands of invoices a day or simply having to send one daily email. If a task is repetitive and data-intensive, the chances are that a software robot can help. Just like with the nurses in the IPC, these employees can then focus on handling exceptions and on work that requires decision making or creativity - the work that people enjoy doing.
How can software robots most benefit healthcare providers both during a pandemic and beyond?
When the COVID-19 outbreak hit, software robots were deployed to lessen the administrative strain healthcare professionals were facing and give them more time to care for an increased number of patients. With hospitals around the world at capacity, every moment with a patient counted.
Now, the NHS and other healthcare providers face a huge backlog of routine surgeries and procedures following cancellations during the pandemic. In the UK alone, 5 million people are waiting for treatment and it’s estimated that this could cause 6,400 excess deaths by the end of next year if the problem isn’t rectified.
Many healthcare organisations have now acquired the skills needed to deploy automation, therefore it will be easier for them to build more robots to respond to the backlog going forwards. Software robots that had been processing registrations at COVID test sites, for example, could now be taught how to schedule procedures, process patient details or even manage procurement and recruitment to help streamline the processes associated with the backlog. The possibilities are vast.
The technology, however, should not be considered a short-term, tactical and reactive solution that can be deployed in times of crisis. Automation has the power to solve systematic problems that healthcare providers face year-round. Hospital managers should consider the wider challenge of dealing with endless repetitive work that saps the energy of professionals and turns attention away from patient care and discuss how investing in a long-term automation project could help alleviate these issues.
How widely adopted is this technology in healthcare at the moment?
Automation was being used in healthcare around the world before the pandemic, but the COVID-19 outbreak has certainly accelerated the trend.
Automation’s reach is wide. From the NHS Shared Business Service in the UK to the Cleveland Clinic in the US and healthcare organisations in the likes of Norway, India and Canada, we see a huge range of healthcare providers deploying automation technology.
Many healthcare providers, however, are still in the early stages of their journeys or are just discovering automation’s potential because of the pandemic. I expect to see the deployment of software robots in healthcare grow over the coming years as its benefits continue to be realised globally.
How do you see this technology evolving in the future?
If one thing is certain, it’s that the technology will continue to evolve and grow over time – and I believe there will come a point in time when all processes that can be automated, will be automated. This is known as the fully automated enterprise.
By joining all automation projects into one enterprise-wide effort, the healthcare industry can tap into the full benefits of the technology. This will involve software robots becoming increasingly intelligent in order to reach and improve more processes. Integrating the capabilities of Artificial Intelligence and Machine Learning into automation, for example, will allow providers to reach non-rule-based processes too.
We are already seeing steps towards this being taken by NHS Shared Business Service, for example. The organisation, which provides non-clinical services to around two-thirds of all NHS provider trusts and every clinical commissioning organisation in the UK, is working to create an entire eco-system of robots. It believes that no automation should be looked at in isolation, but rather the technology should stretch across departments and functions. As such, inefficiencies in the care pathway can be significantly reduced, saving healthcare providers a substantial amount of time and money.