Tierney - stock.adobe.com

NHS Digital chief information security officer resigns

Robert Coles, who joined NHS Digital as its chief information and security officer in October 2018, is stepping down from the role for personal reasons

NHS Digital’s chief information and security officer (CISO), Robert Coles, who joined the organisation on 1 October 2018, has stepped down from the position.  

In an internal email sent to NHS Digital staff, seen by Computer Weekly, deputy CEO Rob Shaw said Coles was leaving due to personal reasons “which mean that he is no longer able to continue in his role”.

Coles, who prior to joining NHS Digital spent four years as CISO for GlaxoSmithKline, and previously held similar roles at National Grid and Merrill Lynch, will return to working as a cyber security consultant across both the private and public sector, according to the email.

In his role as CISO, Coles’s aim was to lead on cyber security across the entire health and care sector, lead national cyber working groups, help inform policy and drive improvements and standardisation.

Shaw added that in the few months Coles was in the role, he had made early progress on developing “the system-wide cyber strategy”.

The email also included a statement from Coles, who said he was sorry he was unable to continue in the role, and that he had enjoyed working with the “very talented and passionate cyber security team at NHS Digital and seeing the commitment to improving cyber resilience across the health and care system”.

“I wish everyone involved in building greater cyber resilience in the NHS the very best as they take this critical work forward,” he said.

NHS Digital is already seeking a replacement, but in the meantime, Dan Taylor, programme director for NHS Digital’s data security centre, will lead its “strong team of experts” to deliver cyber services to the NHS.

The decision to hire an NHS CISO follows the lessons learned in a review of the WannaCry ransomware attack, which called for NHS Digital to appoint a CISO to report directly to the NHS Digital CIO.  

It’s not just NHS Digital that has struggled with the CISO role. As Computer Weekly reported last year, Whitehall began, and failed, in its recruitment campaign for a government chief security officer.

Read more about NHS IT

  • Data could be a huge advantage for the NHS, but data quality and accessibility is still a big challenge, says NHS Digital CEO Sarah Wilkinson, as she promises clear guidance on standards and interoperability.
  • The NHS Long Term Plan aims to empower people through the use of technology and create a digital-first NHS, offering virtual outpatient appointments, digital GP consultations and improved cyber security. 
  • NHS Digital’s standards framework sets out renewed commitment to implement and use open standards across the NHS. 

Read more on Hackers and cybercrime prevention