The NHS faces persistent cyber threats, from phishing emails to ransomware attacks, which can disrupt services and compromise patient confidentiality. “Cyber attacks on NHS systems have increased by 30% in the past year.” – NHS Digital.
As digital technologies become increasingly central to patient care and operational delivery, safeguarding sensitive information is more critical than ever.
We encourage you to stay informed, vigilant, and proactive in protecting our systems and data. Whether you're accessing patient records, communicating via NHSmail, or working remotely, understanding the basics of cyber security is vital.
More information on cyber threats and tips on how we can avoid these are below.
Social engineering involves criminals using tricks or deception to manipulate people into giving access to information such as patient data health care records or details of IT systems.
A social engineer might call and pretend to be a fellow employee, ask you to hold the door for them, or pose as a friend on social media channels. It is crucial that we challenge everyone who is unauthorised before giving out information or giving them access to secure areas.
Please click here for more information and top tips to stop social engineering.
Phishing is when hackers and cyber criminals send unsolicited emails containing attachments or links to try and trick us into providing access to information.
- What is phishing and top tips to avoid these
- How to spot a phishing email and what do I do if you receive one
In February 2025, a simulated phishing exercise was initiated by NHS England with all DCHS staff receiving a phishing email. Please see NHS Digital Cyber Security & Phishing Email exercise February 2025 for more details and the results of the exercise.
Click here to watch a short video of a vishing (telephone equivalent of phishing) and how hackers can hack using simple social engineering
Tailgating is when unauthorised people gain entry to a building by following a person through physical security facilities, such as doors, barriers and gates, to avoid detection.
Please click here for steps we can take to stop tailgating.
Sharing NHS information in public spaces or on social platforms puts patient data at risk.
Keep your conversations and screen time private and be aware with who, what, and where you share.
Click here to watch a short video showing how easily personal information can be found
For information on the impact that data breaches and cyber attacks can have on patient safety and care, and the steps we can take to reduce these click here
Keep up to date with the latest Data Protection Legislation (including UK GDPR) Policy and report incidents, queries or challenges.
Ransomware is a form of malicious software that makes data or systems unusable until the victim makes a payment - for further information please click here
For top tips on how to reduce the risk of ransomware attacks click here