NHS IT teams typically employ a variety of tools and technologies to identify risks and test the effectiveness of their security controls. As a result, ‘moment-in-time’ reports are pulled from disparate systems that require data to be cobbled together to understand the organisation’s overall security posture. It’s an approach which is reactive, labour-intensive and leaves the organisation open to risk. The IT team at Poole Hospital NHS Foundation (PHFT) and The Royal Bournemouth and Christchurch Hospitals NHS Foundation Trust (RBCH) wanted to reduce its reliance on such an approach and find a more proactive way to manage its cyber security.
Poole Hospital NHS Foundation Trust (PHFT) is an acute general hospital with a 24-hour major accident and emergency department. It is the designated trauma unit for east Dorset, and provides specialist services such as cancer treatment for the whole of Dorset. The Royal Bournemouth and Christchurch Hospitals NHS Foundation Trust (RBCH) runs Christchurch Hospital and the Royal Bournemouth Hospital and provides health care for the residents of Bournemouth, Christchurch, East Dorset and part of the New Forest with a total population of around 550,000.