Question to the Department of Health and Social Care:

To ask the Secretary of State for Health and Social Care, what assessment he has made of the implications for his policies of the cyberattack on the NHS in September 2022.

Following the cyber-attack in August 2022 on the third-party software supplier to health and care, Advanced, the majority of services in the National Health Service have been reconnected and we are working with Advanced to support NHS organisations that are going through the process of reconnection.

As with previous incidents, work is now being undertaken to review the response and identify lessons to support and improve the response to future incidents.

The Cyber Security Strategy for Health and Care, which will be published this year, will detail increasing focus on supply chain. This will include measures to support our critical suppliers to build resilience against attacks like the one on Advanced this Summer. By increasing regulatory control and standards, embedding stronger assurance processes and developing the tools to help health and social care organisations to triage supplier risks, it should enable us to respond more quickly and effectively to manage impact.