The must read stories and debate in health policy

Former broadband boss in NHSI frame

A Conservative peer and former chief executive of the broadband giant TalkTalk is a leading candidate to be appointed as chair of NHS Improvement, HSJ has learned.

Dido Harding left TalkTalk in May, having said she wanted to concentrate on “more activities in public service”.

HSJ understands Baroness Harding is on the candidates list for the role and seen as a strong contender. A final decision has not yet been made by health minister Philip Dunne, who is expected to meet several shortlisted candidates.

If put forward as the preferred candidate by the Department of Health, Baroness Harding would appear before the Commons health select committee for a pre-appointment hearing.

Ed Smith, current NHS Improvement chair, is expected to step down shortly.

Baroness Harding, who sits in the Lords as a Conservative peer, faced criticism over her response to a major cyber-attack on TalkTalk in October 2015 which saw 4 million customers’ data accessed by hackers. She resigned 18 months later.

Tough on cyber-crime

Trusts will likely face stricter cyber-security standards after the WannaCry attack, while there may be additional funding to help improve resilience in some areas, a national NHS IT chief has said.

Speaking at the Digital Healthcare Show in London earleir this week, NHS England chief information officer Will Smart revealed some of the policy responses being considered to the WannaCry ransomware attack.

The global WannCry virus on 12 May had an unprecedented impact on the NHS, infecting at least 47 trusts and led to the cancelling of thousands of planned operations and outpatient appointments across the country.

Mr Smart, who is leading a review of the NHS’s response to the attack, said possible policy responses could include support for parts of the NHS with “long term underinvestment in IT infrastructure”.

This could include major trauma centres and supporting other critical care pathways, he indicated. “We need to look at what our response is to that,” he said. “But I don’t want people to think this is just about the centre putting their hands in their pocket.”

Trust boards should expect both more guidance and support on cybersecurity but, if they failed to meet expected standards, also more enforcement scrutiny, he said. The Care Quality Commission is already due to include data security standards in inspections, following a review last year.