Critics are claiming that having a non-permanent NHS Digital CEO made the NHS IT infrastructure vulnerable to Friday’s ransomware attack, which locked a number of NHS hospitals out of their computers and demanded payment in bitcoins to unlock the affected systems.
Vulnerability of NHS Digital
Rob Shaw was selected as the interim CEO of NHS Digital on 1st April, and is in charge until either he is confirmed as permanent or another permanent CEO is found.
Several newspaper reports raised questions about the NHS’s staffing notice, which was responsible for announcing the resignation of Andy Williams, the previous CEO of NHS Digital. The notice, which was published in late 2016, mentioned that Shaw would be appointed as a permanent CEO only if recruiting a replacement for Williams took a long time.
The notice mentioned that Williams was a permanent CEO and that the organisation would prefer to recruit a permanent leader for NHS Digital. Shaw was made interim CEO after the organisation could not find a suitable replacement for Williams.
NHS IT staffing problems
The ransomware attack affected nearly 70,000 devices in NHS hospitals. This brings to light the importance of hiring the right IT services staff. The NHS has already lost several IT contractors due to the introduction of IR35 legislation and trusts opting for blanket cover and placing all their contractors under this legislation without proper evaluation and assessment.
One private commercial IT contractor pointed out that it was rejected by NHS Digital because the organisation felt that it did not have sufficient experience of working with NHS trusts. However, the contractor stated that NHS Digital and NHS trusts should realise that an IT contractor working in the private sector has the knowledge and experience to understand the processes and jargon used by NHS trusts.