No-one is blameless when it comes to the NHS WannaCry hack
If you’ve been paying attention to the sorry state of the NHS’s IT, the sorry tale of the WannaCry ransomware effectively crippling part of it will come as no surprise.
A lot of fingers are being pointed at the current government and a perceived lack of spending on IT, particularly security. There’s some justification for this. For example, in 2015, seven trusts spent absolutely nothing on security. Given the critical nature of the systems involved, there’s no justification for this. Although defenders of the government will point at the trusts themselves as being responsible, that’s a red herring: at the end of the day, the buck has to stop with the Department of Health, which has oversight.
However, the current government shares only part of the blame. To end up in a situation where you’re using an operating system that’s nearly 16 years old takes the contribution of several parliaments, not just one or two.
And partly, this is the responsibility of all of us. Whenever anyone talks about investing in the NHS, the phrase “frontline staff” comes out. The equation is simple: doctors and nurses, good; “administrators” – which includes IT staff – bad. CAT scanners good; new IT systems, including upgrades, bad.
The media, politicians and the public have all conspired in the myth that all that matters is how many doctors and nurses you recruit. The media demands cuts in admin and “waste”, then turns around and bites the trusts when they do exactly that and get hit by malware. Politicians proudly shuffle around budgets to have more nurses, then give them 16-year-old IT systems to work with. And the public looks at the headline figure of “10,000 more nurses” and pats the politicians on the back for a job well done.
It’s time we started taking the role that technology can fill in healthcare seriously. Businesses understand the speed, flexibility and agility that technology can provide, even if enterprise IT often boils down to lowest common denominator KPIs like “no downtime” – which means systems don’t get updated because “they’re still working”. The impact of Big Data and analytics can potentially be huge, particularly in efforts to combat diseases such as diabetes.
This doesn’t just mean which version of Windows you’re running. It means using simple, low-cost blood pressure and blood oxygen monitors that patients can use at home and connect over the internet, reducing the need for extending stays in hospital. It means investing more in preventative measures, with more regular but lower-cost testing that can be done either by a pharmacist or at home, backed up by automated data analysis to highlight people at risk.
But to do this, we need a step change in how we see the NHS and its role in society. We need to move beyond the view that it’s all about numbers of medical staff and give the dedicated, hard-pressed doctors and nurses IT systems that make their work quicker, easier and more effective.
And we need to look for every opportunity to use technology – especially low-cost sensors and data analytics – to become much more proactive about identifying risk, preventing disease before it becomes critical, and having fewer people in hospital, rather than more. If we don’t, we can expect the NHS to lurch from drama to crisis until someone wrongly decides that the whole thing has failed.