It’s ironic how badly the NHS has been affected by ransomware. I’ve been having talks with people about this a lot recently.
Right now my startup is jumping through hoops to comply with (outdated) data compliance issues and get access to the NHS N3 network, which is supposedly the NHS’ secure server system. The actual fact is that N3 is just like any other network infrastructure which is connected to the internet. And thus it has many access points.
It’s clear to any outside observer how insecure the whole thing is. The Information Governance aspect of creating software for the NHS is just a case of paying some lawyers thousands of pounds to create documentation. A money making scheme…
Others who I’ve spoken to, who already have access to N3, are saying that once you’re on N3 it’s very easy to move about from one organisation to another, hack data and plant lots of back doors.
What does this mean for budding NHS startups?
I think that much like any other NHS issue which comes to the public conscience; an overhaul will be due. This may mean that any startups who have already engaged in the process of getting access to N3 will have to pay even more to jump through more compliance protocols. This obviously won’t make things safer, but will look good for the NHS as the public will see that something’s being done.
My advice would be that anyone already engaged in the process should try and get access within the next three months, which is definitely doable. Otherwise you may risk having to jump through the extra hoops with no support from the NHS.