New Multi-factor authentication requirement for community pharmacies aims to bolster patient data protection and safeguard against increasing cyber threats
Community Pharmacies are set to significantly upgrade their digital security as the mandatory rollout of NHSmail Multi-Factor Authentication (MFA) begins this month (August 1, 2024).
In an announcement by the Community Pharmacy England (CPE), pharmacies are urged to make the updates following a period of optional MFA implementations that began in late 2023.
According to the new requirements, the mandatory update is crucial for protecting patient privacy and the integrity of their health records.
By adding an extra layer of security beyond the standard email address and password, MFA helps safeguard against unauthorised access.
This is especially vital in light of increasing cyber threats targeting healthcare systems.
Cyberattacks, including ransomware, can compromise patient records and disrupt care delivery, making robust security measures essential.
The introduction of MFA aims to curb these risks.
According to cybersecurity research, MFA can prevent up to 80 per cent data breaches and block over 99.9 per cent of compromised accounts.
With healthcare organisations facing a high incidence of data breaches—over 93 per cent from 2017 to 2020— according to the NHS, MFA is a critical tool in mitigating these risks.
The benefits of MFA extend beyond just preventing unauthorised access.
It also helps users regain access to their accounts if they forget their passwords, protects the reputation of pharmacies and the NHS, and monitors unusual login attempts to enhance overall security.
The mandatory rollout of NHSmail MFA represents a crucial step forward in safeguarding patient data and strengthening cybersecurity within the healthcare sector.
Pharmacies are encouraged to enable MFA to fully leverage its protective benefits and ensure the continued security of their operations.