NHS: Automation Debate
Full Debate: Read Full DebateBaroness Brinton
Main Page: Baroness Brinton (Liberal Democrat - Life peer)Department Debates - View all Baroness Brinton's debates with the Department of Health and Social Care
(5 years, 4 months ago)
Lords ChamberThe noble Baroness is absolutely right: this is a very exciting area of ongoing work and a key part of the grand challenges which we put in place as part of the life sciences strategy, part of which is the AI and early diagnosis initiative, which aims to transform the prevention, early diagnosis and treatment of chronic diseases. NHSX’s work across government is to deliver that mission, creating an ecosystem of safe and effective development of AI and the regulatory infrastructure so patients and clinicians can be reassured that where it is introduced, it will be safe. There will be lots of research and development of those innovations. We are at an early stage of implementing them, but there are five centres of excellence across the country. I will be very happy to place a letter in the Library updating the House on progress with the AI mission and these exciting developments.
My Lords, while the delivery of automation and AI has much to commend it to the NHS, CyberMDX reported last week that anaesthetic machines can be hacked and controlled from afar, including silencing alarms that would alert anaesthetists to danger. Four months ago in Israel, a cybersecurity firm demonstrated that computer virus malware could add tumours to images of scans. What protections, such as digital signatures and encryption, does the NHS now put in place, following the malware alarm two years ago, to ensure that automation and digital services cannot be attacked by malevolent forces?
The noble Baroness is correct to say that patients and clinicians have a right to expect their data to be held securely. Since the WannaCry attack in May 2017, we have taken steps to ensure that NHS security measures are of the highest standard. This includes £60 million to improve cyber resilience in local infrastructure, support for NHS organisations to update their Windows operating systems, procuring a new cybersecurity operations centre, and boosting the national capability to prevent, detect and respond to cyberattacks. We are also committed to achieving much greater operational visibility across all NHS digital systems. This is one of the ways in which we can respond to attacks. Lastly, we expect the highest ethical standards from all data-driven systems and that is why we have introduced the code of conduct for data-driven health and care technology. That is how we will ensure that we have some of the best AI and data-driven technologies.