UK’s NHS to undertake $52m MFA overhaul

The UK government is planning to inject US$52 million in upgrading the National Health Service (NHS) staff computer login system with multi-factor authentication (MFA) technology. 

Described as “ridiculous” and one of the greatest technology frustration employees face, the login process often requires staff to enter personal details into several computer programs while consulting patients. 

In some instances, staff have to access up to 15 different computer systems at a time to perform their work. For a public healthcare system that serves more than 1 million patients every 36 hours across the UK, the existing login procedure poses delays and inefficiencies– a stark contrast to relatively seamless systems in the private sector. 

Presently, the NHS is planning to invest in technology solutions to streamline its operations, starting with reducing the time taken for employees to log in and access health records. 

The US$52 million investment will support partnerships with IT system suppliers to standardize logins and develop multi-factor authentication login systems, replacing password logins.

As a result, NHS staff are granted the permission needed to access vital data when seeing patients. The added layer of trust and compliance enables local and national systems to merge, building a link for healthcare facilitators to share data. 

“Today’s announcements mean we can start to tackle one of the biggest gripes staff have with their tech. It will allow staff across the NHS to spend more time with their patients and less time fighting their computers,” said Chief Executive of NHSX, Matthew Gould. 

The NHS plans to achieve similar success like Alder Hay Hospital in Liverpool, whereby a single sign-on technology was implemented, significantly cutting time spent logging into multiple IT systems. The new system was reported to reduce login time from 1 minute 45 seconds to a mere 10 seconds, saving over 130 hours of staff time, now directed to patient care. 

Besides promoting a seamless login procedure, the move is a bid to boost general cybersecurity hygiene. Since the current patient care journey involves logging in to various systems, NHS staff are at risk of reusing the same password out of convenience. 

The upgrade will improve infrastructure security and possibly prevent the repeat of a cybersecurity breach such as the WannaCry cyberattack. The hack costs the NHS US$119 million in recovery and more than 19,000 appointments had to be canceled. 

With rising concerns over safety procedures across the healthcare industry, many are exploring the integration of biometric technology in security systems to address security risks. 

Since biometric data are characteristics that are unique to an individual and cannot be physically altered, there is a lower chance of locked accounts when login credentials are mistyped. Essentially, a biometric login system removes the reliance on secondary information like safewords, mobile numbers or ID cards that can be shared, misplaced, or stolen. 

The healthcare system in the UK is set to embrace digital solutions to strengthen and build immunity in the sector as funds and goals are aligned to fuel the move.