As reported by Tech Market View, senior NHS officials have issued an open letter calling on all current and potential suppliers to align with a new Cyber Security Charter
The voluntary charter outlines key best practices to help protect the NHS from cyber attacks, including multi-factor authentication, 24/7 monitoring, immutable data backups and board-level cyber risk planning. It also expects software suppliers to follow the National Cyber Security Centre’s secure coding guidance, and all suppliers to comply with the Data Security and Protection Toolkit (DSPT).
The letter, signed by Phil Huggins, national CISO for Health and Care, along with Mike Fell, director of cyber operations at NHS England, and Vin Diwakar, national director of transformation, comes amid a sharp rise in serious attacks. Recent incidents, such as the ransomware attack on pathology provider Synnovis, and data theft at NHS Dumfries and Galloway, have disrupted patient care and raised alarm bells across the sector.
While signing the Charter is optional and offers no procurement advantage, it reflects the NHS’s growing emphasis on building a united and secure supplier network. Officials also flagged the forthcoming Cyber Security and Resilience Bill, due for introduction later this year, which will strengthen regulatory powers around cyber defence.
To support this push, NHS England is also developing a national supplier management platform and a new cyber supplier forum, aimed at setting consistent expectations and encouraging collaboration across the supplier community.
Though the Charter is voluntary, it offers suppliers a chance to demonstrate leadership in cyber security – an increasingly vital area for standing out in NHS procurement, alongside innovation in AI and digital transformation.
Be the first to comment