The healthcare inspectorate will beef up its scrutiny of the state of IT systems in hospitals and surgeries as the NHS recovers from a crippling cyber attack last Friday.
Jeremy Hunt, health secretary, will accept the recommendations of a report he commissioned into data security across the health service, which concluded last year that more protection was needed against potential threats.
As part of that, the Care Quality Commission, the independent regulator, will in future ask far more probing questions to check that robust data security arrangements are in place when it awards ratings to healthcare organisations, which are visible to patients.
On Monday, NHS England said that only two hospitals — the Lister in Hertfordshire and Broomfield in Essex — were still diverting ambulances elsewhere. Anne Rainsberry, national incident director, said: “The message to patients is clear: the NHS is open for business. Staff are working hard to ensure that the small number of organisations still affected return to normal shortly.
However, the affair has cast attention on the high degree of autonomy NHS trusts have when it comes to procuring and administering their own IT systems. Specifically, it has raised questions as to why some failed to implement a security patch that could have repelled the ransomware virus.