Skip to NavigationSkip to content

Pushing the value of data

Published on 20/07/17 at 10:13am

Daniel Ray, Head of NHS Digital discusses the importance of data usage in the healthcare system and the NHS Digital cyber security team responds to the recent cyber-attack.

Could you outline your role as Head of NHS Digital and the work the organisation does?

The organisation has four or five main overarching areas of remit. Firstly, we deliver a significant amount of architecture and infrastructure to enable the NHS to operate. We provide Spine [which supports the IT infrastructure for health and social care in England, joining together over 23,000 healthcare IT systems in 20,500 organisations] and N3 [the national broadband network for the English NHS], and a number of key digital systems. One of the key numbers would be that Spine handles around 2,000 messages per second and there is around 12,000 miles of fibre-optic cables, which help the NHS function and operate. We implement services that meet local and national needs, so we supply a big support function. We help organisations get the best use out of technology and data information.

What are some of the challenges that may obstruct you from in delivering these areas?

Our major challenges, at the moment, revolve around data – which is my area of the organisation – besides the organisational challenges that we face. We are heavily focused on making more data available faster and more efficiently. We also want to make them available in new and different ways, whilst making sure that we maintain good levels of governance. The main questions are: how can we disseminate data faster, and how can we make it more accessible? However, we must also ensure we do not compromise good governance.

We have lots of programmes underway at the moment around automation, efficiency, faster processing, making better use of technology, in terms of how we process and cook the data, to enable us to do our work faster and more efficiently.

Could you break down how data flows through the NHS and how NHS digital utilises it?

You have a hospital that submits data to NHS Digital, so we then have to receive that data and have to process, clean, analyse and publish it. After that, people can then apply to use that data. Let’s say, for example, you want to do a piece of research and you work for a pharma organisation, and you want to focus your research into a study on diabetes. As a result, if you want access to data held by the NHS then you have to make an application, at the moment. We process that application and, if the relevant criteria are met, we make that data available to you. For example, when I spoke about making the data available faster, January’s data from this year – which was submitted by providers – was made available 44 days faster for use in the healthcare system and for pharma than the year previous. That’s a massive reduction in time. We’re trying to better use technology to cut that data so that the process is more automated and more efficient.

We’re creating new ways in which you can access data so, rather than just disseminating it to you, we’re asking ourselves: how else can we optimise the use of it and how best can we enable you to interact with it? We’re implementing business intelligence tools to allow people to better interact with the data. We’re working at building a remote data access lab where you can remotely access the data rather than needing to house it.

You’ve mentioned how you are enabling people to better interact with data, but how, in particular, did you improve the speed with which you processed the data in order to cut the time by 44 days?

We relied on people processing technology (PPT), the standard PPT approach. Which people have we got where and what are they doing? What is the process and can we make it any more efficient? Is the data processing going through three steps when it only needs to go through one? Are we using the optimal technology and is it configured in the right way in order to process the data? Have we got scripts, code or processes that have been around for a number of years that could be rationalised to process the data more efficiently? Are there any human touch-points that we are relying upon? Do we have scripts running to process that data that aren’t as efficient as they could be? Have we got data flowing around through multiple places when it only needs to go to one? Once we found out the answers to these questions, we reviewed them to see how we could improve upon the system. We’ve made a number of different changes, but this is a journey that doesn’t end, in my view. We managed to make a big reduction in the number of days to provide access to data but we need to continue make reductions and make this process a continual part of our work.

Where do you believe the public’s understanding of the role of data within the NHS currently stands?

I think the level of understanding in the public is mixed. Our ability to communicate the importance of using healthcare data, beyond that function which is obvious (i.e. You’re using data to treat me), directly dictates and correlates with our ability to use it in different areas to be able to improve healthcare. The level of understanding has increased and it’s improving all the time, but how we can help that and the way in which we do it is of vital importance. For example, applying data science techniques to big data is a secondary use and it’s very complicated; explaining to someone that does not have an understanding of the technology exactly how their data is being used, in that way, and why it’s important is extremely challenging. It is difficult to do that but it is vitally important that we get that right. There’s an explosion of data up and down the country, with everybody digitising, which is brilliant, and revolutionising how they deliver care. It is important that we communicate the power that is in that data so that we can use it in different ways.

NHS Digital Cyber Security team offered further comment on the recent cyber-attacks:

What are the reasons that the NHS was hit so severely by the WannaCry ransomware last month?

This was an international attack on an unprecedented scale that affected thousands of machines organisations across the globe. The NHS responded admirably to the situation, and although there is always more we can learn, doctors, nurses and backroom professionals pulled together and worked incredibly hard to keep services running and to get everything back to normal as swiftly as possible.

Cyber security is the responsibility of everyone in the NHS. For example, you wouldn’t leave your front door unlocked, but not having a secure password on your computer is the cyber equivalent to doing just that. We need all staff to take some basic and sensible steps to keep digital information safe.

What actions are now being taken to prevent this happening again?

This incident affected countries and sectors across the globe and whilst NHS organisations can and should have good cyber security measures in place, no system is completely impenetrable, as seen by high profile attacks on major global companies.

What we can do is to work with NHS organisations to ensure that they take sensible steps to secure their systems and networks. We also conduct protective monitoring of our national networks, which were unaffected by this incident, and ensure that they are designed and built with security in mind.

Since the attack happened we have continued to listen, learn and to offer support and services to frontline organisations and to our colleagues in other national bodies. We are working closely with provider organisations to ensure that we listen to their experiences and use this feedback to strengthen our services.

Do you worry that such attacks, despite no data being compromised, may undermine public trust and could potentially end up obstructing the work you do?

NHS Digital created the Data Security Centre to support our staff and the services they support and deliver to ensure we secure the data of our patients. We will continue to invest in people across all disciplines in health and care so that they know how to prevent and prepare for a cyber-attack and importantly remain vigilant.

NHS Digital is the conduit for data security advice, guidance and intelligence for the nation’s health and care system. We are working with partners across health and care to build patients’ confidence that we protect and safeguard their data and that it is only ever used for the benefit of health and care. 

Mission Statement is a leading portal for the pharmaceutical industry, providing industry professionals with pharma news, pharma events, pharma service company listings and pharma jobs,
Site content is produced by our editorial team exclusively for and our industry newspaper Pharmafocus. Service company profiles and listings are taken from our pharmaceutical industry directory, Pharmafile, and presented in a unique Find and Compare format to ensure the most relevant matches