The newly-launched NHS procurement platform, “The
Edge4Health” now comes with an integrated cyber-security feature, helping to
improve the security of the NHS’s supply chain, it was announced today.
The platform is being rolled out to more than 60 NHS
organisations and will be used by around 30,000 NHS employees. Bringing a familiar, consumer-style experience
to NHS procurement for the first time and making purchasing easier and more
transparent, The Edge4Health now also
enables suppliers to the NHS to check and improve their cyber-security, thanks
to a dial indicating whether their rating is good, average or bad.
By clicking on the dial, suppliers can download a report that
provides a detailed explanation of the specific threats and vulnerabilities
affecting their individual organisation. Reports show exactly how suppliers can
reduce their vulnerabilities, enabling them to improve their own security and
that of the NHS.
The functionality has been developed by leading cyber threat
intelligence and cyber-risk management company, Orpheus Cyber, using its
powerful and award-winning technology.
Oliver Church, CEO of Orpheus, said:
“Supply chain cyber security has never been more important.
Cyber adversaries of all types are increasingly targeting supply chains as the
weak link in order to compromise their ultimate targets. Attacks are becoming increasingly complex,
tending to focus not just on stealing data but on permanently deleting or
encrypting it. Furthermore, we frequently see significant damage to customers
when suppliers, disabled by cyber attacks, are no longer able to provide vital
goods and services – which is potentially very serious when dealing with
patient health. Because private data is often distributed through supply chains,
a breach of a supplier can easily leak sensitive information, a major concern
when dealing with the privacy of patient personal data. Legislation such as the
GDPR provides for heavy fines if private data is breached due to poor cyber
security.
“As the only highly accredited
cyber-threat intelligence company delivering award winning cyber risk rating,
we are delighted that Orpheus has been able to make its technology available to
all suppliers on The Edge4Health,
helping them to protect themselves and – by extension – the NHS.”
Over a million products and services from thousands of
suppliers are available via The
Edge4Health – a cloud-based marketplace that enables suppliers to upload
their complete catalogue, and NHS buyers to select which products should be
available to order by requisitioners in their organisation.
The platform has been developed by NHS Shared Business
Services (NHS SBS) and technology company Virtualstock to deliver cost savings
and efficiencies, better data management, better compliance and end-to-end
supply chain visibility.
Phil Davies, Director of Procurement at NHS SBS said:
“With £9 billion of annual spend, the NHS has some of the
longest and most complex supply chains in the world. Ensuring the security and integrity of these
supply chains is a priority for NHS organisations, the government, and
suppliers. Enabling suppliers to swiftly
check on their current cyber-security status is an important step forward in
mitigating the threat posed.”
Ed Bradley, co-founder of Virtualstock, added:
“In addition to cyber security insights for suppliers, NHS
trusts also have a view of their buying community cyber risk scoring via The Edge4Health. This type of visibility is likely to become
increasingly important as security considerations become ever-more prevalent
when organisations take buying decisions.”
A recent report published by Orpheus reviewed the current
cyber security of a large number of NHS suppliers and found that:
- 88% have had company emails and passwords leaked
due to attacks on third-party databases
- 37% of companies have vulnerabilities that look
attractive to cybercriminals
- 17% of companies appear to run databases that
criminals could target
- 95% of companies lack advanced email protection
Ends
About Orpheus
Orpheus is the only UK-government accredited cyber threat
intelligence company providing cyber risk rating services. We are accredited to
the highest level to provide threat intelligence and cyber resilience testing
for Critical National Infrastructure (CNI) organisations in the UK, and are
trusted by major organisations worldwide to help them understand and deal with
the cyber threats they face as a company and within their supply chains. Our
powerful and award-winning technologies collect huge volumes of cyber risk
data, which we analyse using Machine Learning and our highly skilled team to
enable you to stop your cyber risks before they happen.
About Virtualstock
Virtualstock is a fast-growing technology company providing
digital solutions which enhance routes to market and supply chains across
the retail and healthcare sectors by enabling management and visibility of full
order, inventory and product data. The business, established in 2004, works
with three of the top five UK online retailers including Sainsbury’s Argos,
John Lewis & Partners and Dixons Carphone.
Virtualstock’s cloud-based
platform, The Edge has been developed specifically for the healthcare sector
and enables healthcare providers to deliver efficiencies via its online
catalogue, marketplace and procure-to-pay solution, and healthcare suppliers to
expand their product range and customer reach.
About NHS Shared Business Services
We are the market leader in corporate services for the NHS, providing
innovative finance and accounting, employment, procurement and ICT solutions,
which deliver operational efficiencies, improved service quality and real cost
savings for our clients. Most importantly we are proud to be part of the NHS
family.
Established by the Department of
Health and Social Care (DHSC) in a unique partnership with digital experts
Sopra Steria, we deliver modern corporate services to the NHS, which improve
efficiency and quality, save time and money, and support world-class patient
care.