More than anything over the last few days I have seen some of the so called industry professionals I have to consider my peers, wax lyrical about how the NHS should have done better. I want to take a minute to explore that statement and offer my own experience and opinion. For the record, if parts of this article offend you, tough.
Over the last 10 years I have had the pleasure of working with a large number of different NHS trusts in the context of a supplier and partner. During this time, I have made a number of observations that make me proud and sad in equal measure.
Firstly, during my entire time, I have not met a single IT or Security Professional in the NHS that does not put patient care or clinical excellence first. They truly understand the impact of a bad decision far more than the average equivalent in the private sector. This is a good thing, but can lead to a higher than normal level of risk aversion. This risk aversion however, has led to some of the most advanced, and amazing network architectures I have ever seen. I have personally worked in network architecture for many years and worked on some very interesting networks with very specific needs so I know what “good” looks like. I actually remember walking into my first NHS trust to do an independent security architecture review and genuinely being blown away by the equipment they had deployed, the overall architecture and way it was managed. Unlike some people have been saying, your typical trust has better connectivity than your average enterprise.