Monday 3rd February 2020
NEW Cyber Security Feature for NHS Procurement Platform, The Edge4Health
The newly-launched NHS procurement platform, “The Edge4Health” now comes with an integrated cyber-security feature, helping to improve the security of the NHS’s supply chain, it was announced today.
The platform is being rolled out to more than 60 NHS organisations and will be used by around 30,000 NHS employees. Bringing a familiar, consumer-style experience to NHS procurement for the first time and making purchasing easier and more transparent, The Edge4Health now also enables suppliers to the NHS to check and improve their cyber-security, thanks to a dial indicating whether their rating is good, average or bad.
By clicking on the dial, suppliers can download a report that provides a detailed explanation of the specific threats and vulnerabilities affecting their individual organisation. Reports show exactly how suppliers can reduce their vulnerabilities, enabling them to improve their own security and that of the NHS.
The functionality has been developed by leading cyber threat intelligence and cyber-risk management company, Orpheus Cyber, using its powerful and award-winning technology. Oliver Church, CEO of Orpheus, said:
“Supply chain cyber security has never been more important. Cyber adversaries of all types are increasingly targeting supply chains as the weak link in order to compromise their ultimate targets. Attacks are becoming increasingly complex, tending to focus not just on stealing data but on permanently deleting or encrypting it. Furthermore, we frequently see significant damage to customers when suppliers, disabled by cyber attacks, are no longer able to provide vital goods and services – which is potentially very serious when dealing with patient health. Because private data is often distributed through supply chains, a breach of a supplier can easily leak sensitive information, a major concern when dealing with the privacy of patient personal data. Legislation such as the GDPR provides for heavy fines if private data is breached due to poor cyber security.
“As the only highly accredited cyber-threat intelligence company delivering award winning cyber risk rating, we are delighted that Orpheus has been able to make its technology available to all suppliers on The Edge4Health, helping them to protect themselves and – by extension – the NHS.”
Over a million products and services from thousands of suppliers are available via The Edge4Health – a cloud-based marketplace that enables suppliers to upload their complete catalogue, and NHS buyers to select which products should be available to order by requisitioners in their organisation.
The platform has been developed by NHS Shared Business Services (NHS SBS) and technology company Virtualstock to deliver cost savings and efficiencies, better data management, better compliance and end-to-end supply chain visibility.
Phil Davies, Director of Procurement at NHS SBS said:
“With £9 billion of annual spend, the NHS has some of the longest and most complex supply chains in the world. Ensuring the security and integrity of these supply chains is a priority for NHS organisations, the government, and suppliers. Enabling suppliers to swiftly check on their current cyber-security status is an important step forward in mitigating the threat posed.”
Ed Bradley, co-founder of Virtualstock, added:
“In addition to cyber security insights for suppliers, NHS trusts also have a view of their buying community cyber risk scoring via The Edge4Health. This type of visibility is likely to become increasingly important as security considerations become ever-more prevalent when organisations take buying decisions.”
A recent report published by Orpheus reviewed the current cyber security of a large number of NHS suppliers and found that:
- 88% have had company emails and passwords leaked due to attacks on third-party databases
- 37% of companies have vulnerabilities that look attractive to cybercriminals
- 17% of companies appear to run databases that criminals could target
- 95% of companies lack advanced email protection
Orpheus is the only UK-government accredited cyber threat intelligence company providing cyber risk rating services. We are accredited to the highest level to provide threat intelligence and cyber resilience testing for Critical National Infrastructure (CNI) organisations in the UK, and are trusted by major organisations worldwide to help them understand and deal with the cyber threats they face as a company and within their supply chains. Our powerful and award-winning technologies collect huge volumes of cyber risk data, which we analyse using Machine Learning and our highly skilled team to enable you to stop your cyber risks before they happen.
Virtualstock is a fast-growing technology company providing digital solutions which enhance routes to market and supply chains across the retail and healthcare sectors by enabling management and visibility of full order, inventory and product data. The business, established in 2004, works with three of the top five UK online retailers including Sainsbury’s Argos, John Lewis & Partners and Dixons Carphone.
Virtualstock’s cloud-based platform, The Edge has been developed specifically for the healthcare sector and enables healthcare providers to deliver efficiencies via its online catalogue, marketplace and procure-to-pay solution, and healthcare suppliers to expand their product range and customer reach.
About NHS Shared Business Services
We are the market leader in corporate services for the NHS, providing innovative finance and accounting, employment, procurement and ICT solutions, which deliver operational efficiencies, improved service quality and real cost savings for our clients. Most importantly we are proud to be part of the NHS family.
Established by the Department of Health and Social Care (DHSC) in a unique partnership with digital experts Sopra Steria, we deliver modern corporate services to the NHS, which improve efficiency and quality, save time and money, and support world-class patient care.
Get our latest cyber intelligence insights straight into your inbox every week
Fill out the short form below to subscribe to our newsletter so that you never miss out on our cyber intelligence insights and news.