Skip to main content

Part of Mobile backup solutions for fixed healthcare sites

Business continuity

Previous Chapter

Potential technologies and solutions

Current Chapter

Current chapter – Business continuity

View all

Next Chapter

Further reading
Page contents

Data privacy and security

As with most connectivity for healthcare delivery, the Health and Social Care Network (HSCN) is an important consideration.

Section 2 (Technical and security) of the HSCN Obligations Framework, specifically obligation ID TOW16* states that mobile connectivity could either be used as a temporary resilient connection, or for more permanent connections, provided written approvals and are obtained from the HSCN Authority. See footnote  for the full wording of TOW16.

As mobile networks don’t offer an integrated HSCN SIM service, to access HSCN, you would need either:

  • a Remote Access Server (RAS) solution from an approved HSCN Consumer Network Service Provide (CNSP), or
  • a Virtual Private Network (VPN) connection to a private healthcare domain that already has HSCN access 

This connectivity option is available to view in the online HSCN Technical Guidance – Scenario 4.

It is strongly recommended that NHS organisations make use of the support and guidance provided by the National Cyber Security Centre (NCSC).

General security notes

Review the Data Security and Protection (DSPT) Toolkit. This is an online self-assessment tool that allows organisations to measure their performance against the National Data Guardian’s 10 data security standards. As data security standards evolve, the requirements of the DSPT are reviewed and updated to ensure they are aligned with current best practice.

Refer to Cyber Essentials. This is an effective, government backed baseline scheme that will help you to protect your organisation, whatever its size, against a whole range of the most common cyber-attacks.

Testing and business continuity

Mobile connectivity is offered by mobile operators on a “reasonable endeavours” basis and it is therefore difficult to define contractual SLA’s due to the nature of use across a wide area of unknown coverage. Network coverage and quality can change without prior notification, so any business continuity planning should include regular testing of any mobile backup solution.

Failover to use of mobile solutions should be included in any testing and also the failover between SIMs within the cellular solution itself. Loss of a network can be simulated through the use of applying bars to the relevant account with the mobile operator.

Mobile backup connectivity solutions are also unlikely to have the same bandwidth as primary connectivity and therefore strategies for application prioritisation and Quality of Service (QoS) rules may need to be included in the business continuity planning for use of mobile backup solutions.

Footnote

TOW16

Where the HSCN Supplier's Solution proposes the incorporation of, for example (but not limited to), Mobile broadband, satellite broadband or microwave access (WiMAX) or a consumer-based broadband solution as an alternative to a fixed line service, by default the HSCN supplier shall ensure all the requirements as stated in this HSCN Obligations Framework are met.

For instances where (but not limited to) mobile broadband, satellite broadband microwave Access (WiMAX) or consumer-based Broadband connectivity solutions can create a compelling commercial benefit but does not fully comply with the HSCN Obligations Framework, the HSCN supplier in consultation with the HSCN Consumer may seek approval from the HSCN authority to deploy the service provided that all areas of noncompliance together with any alternative solution (if available) is clearly documented based on the HSCN Obligations Framework documentation. Approval to connect the service can only be expressly granted by the HSCN authority, and the process and approval will be required prior to the service going live.

The use of mobile broadband, satellite broadband microwave Access (WiMAX) or consumer-based broadband connectivity may also be used for cost effective site resilience and for instances where rapid (and temporary) connectivity is required until a fixed line solution is complete. The HSCN Supplier must ensure that any performance and SLA limitations are clearly stated and understood by the HSCN consumer.

By embracing cellular technology as a backup solution for main broadband lines can ensure uninterrupted connectivity and maintain essential healthcare services even during broadband disruptions. This article has provided insights into the benefits, considerations, and implementation strategies for leveraging cellular technology to build a robust backup network. Empowered with resilient backup systems, health organisations can focus on delivering exceptional patient care, increasing productivity, and fostering innovation in the dynamic landscape of healthcare.

Last edited: 19 March 2025 2:24 pm

Previous Chapter

Potential technologies and solutions

Next Chapter

Further reading

Chapters

  1. Mobile backup solutions for fixed healthcare sites
  2. Potential technologies and solutions
  3. Business continuity
  4. Further reading