NHS Digital has published guidance for health and care organisations that want to use the public cloud to store patient data.
As well as the ability to work more flexibly, NHS Digital says that the cloud will lower costs by avoiding hardware and software purchases and maintenance. However, critics have questioned the security of the move.
The guidance sets out legalities and best practices for data storage and usage in the cloud, and is aimed at ensuring that NHS organisations understand how to use the cloud safely; a topic becoming even more important with the impending GDPR legislation.
The GDPR requires European citizens' data to be stored within Europe, or a country that is compliant with the European Commission's data protection regulations. The NHS's guidance echos that, with data able to be stored in the UK; European Economic Area; and ‘countries deemed adequate by the European Commission'. These include Canada, Andorra and Uruguay.
However, the Open Rights Group has said that hosting sensitive patient data offshore is ‘dangerous'.
Jay Killock, executive director of the Open Rights Group, told the BBC:
"This is a dangerous move that could open up patient data for surveillance purposes, and that could have ramifications for patient health.
"People might avoid getting care, which would obviously be very bad. Patient confidentiality has to come first."
Killock is especially critical of the UK-USA Privacy Shield arrangement (the USA is one of the countries deemed ‘adequate' by the European Commission, where covered by Privacy Shield), which he called "highly open to legal challenge."
Carl Leonard, principal security analyst at Forcepoint, had a warning for the NHS:
"Be aware that for large enterprises, 30-to-40 per cent of IT spending comprises shadow IT, which can be made up of unsanctioned cloud services. Your employees may have already moved to cloud without your knowledge."
With £6.7m in initial funding, Mosa Meat could be the first company to offer lab-grown meat to the public
Manufacturing and finance jobs will be hit, but health and education can look forward to job creation, says PwC
US startups plan to modify existing jet engines, but are likely to fall foul of environmental legislation
The Brexit white paper "gets pretty close" to company desires, but there's still work to do