December 2008

NHS Loses Contact to Smartcards

The NHS will run a series of trials piloting contactless smartcard readers that enable access to IT systems in hospitals without needing to be physically handled – reducing time and helping to prevent the potential spread of disease. The project has been initiated by the Department of Health’s IT service, Connecting for Health (CfH), which came into operation in 2005 and supports the NHS in developing computer systems and services. In conjunction with the 12.7bn National Programme for IT (NPfIT), CfH has issued a tender for smartcard readers requesting the delivery of up to 100,000 devices over a three year period with 20,000 readers to be delivered over the first year, and 50,000 across the second year. The initial 100-reader trial will take place at an undisclosed NHS trust and will not be publicised unless successful, a wise move for NpfIT seeing as another failed IT project would be a significant blow to their reputation.

Since its inception, the risk of IT equipment becoming a vector for infection in the healthcare environment has been a primary concern for the NPfIT. Unfortunately for the NHS the current devices and solutions available have shown limited degrees of success in reducing the risk of obtaining an unwanted virus. In the past, the medium of choice for communicating information within the NHS has been paper, which is virtually impossible to disinfect. Furthermore, it’s nigh on impossible to log and trace which patients or member of staff has been in contact with each piece of paper – thereby making it extremely difficult to locate the source of any paper-transmitted infection. It’s not surprising that one of the key objectives of the NPfIT is to eliminate much of the paper communication throughout the NHS, from primary care, all the way to pharmacy and secondary care.

Advertise Here


The NHS has recently purchased NXP smartcards for all members of staff who work with the existing touch card readers. A CfH spokesman said, "We have been looking to acquire proximity smartcard readers for some time but the appropriate technology has only just become available. A key requirement is ensuring the product we procure is capable of being easily and effectively cleaned to prevent that piece of equipment from transmitting germs and bacteria."


It's a case of out with the old and in with the new. Previously, the NHS deployed CRS (Care Record Service) Gemalto smart cards, which required the user to place their smart card on a specially manufactured clean reader. Similar to a chip and PIN debit card, the smart card was printed with a staff member’s name, photograph and unique user identity number. Staff were granted access to confidential patient information based on their work and level of involvement in the care of the individual. While this improved the security of NHS records (allegedly) the risk of transmitting infection was still apparent, as although physical contact has been greatly minimised – sometimes it still occurred when the smartcard was placed on the reader. And that wasn’t the only concern. A recent survey conducted by the GP’s newspaper Pulse revealed that one in six NHS staff flouted the rules regarding confidential medical records, and shared smartcards. Despite CfH warnings that "disciplinary procedures should follow" if smartcards are used improperly, 5% of GP’s also admitted sharing their own smartcard.

Rumours around the Department of Health suggest the NXP SmartMX may be the likely candidate to acquire the tender. But does the SmartMX reader provide the desired solution for the NHS? The signs certainly look good. The reader is the first to have contact and contactless interfaces and is certified for use in the health sector, meaning phase-out of old technology can be gradual. The product can also be integrated into other smart card systems and enables physical and digital signature functionality. CfH will only place an order depending on the outcome of the trial, so it's in the interests of suppliers to get it right.

While NHS trusts move forward with contactless IT technology there are still a number of obstacles to be faced. There are still password issues with computer systems, as well as a lack of applications provided by NPfIT, many of which are not accessible with certain smart cards. Passport problems have been notoriously difficult to solve for NPfIT, due to the cost of implementation and the fact that local applications vary across each NHS trust in Britain. However, NPfIT has no choice but to push new IT projects and encourage development. Already four years behind initial targets, and rumoured to be over budget, the programme must make progress soon or face the possibility of a major re-evaluation or restructuring process. NHS chief executive David Nicholson told MPs that the NPfIT was at a "pivotal position". Speaking at a House of Commons Health Select Committee meeting, Nicholson said, "If we don't make progress soon we are going to have to sit down and think it through again. We can't go on and on like this."

The trials announced for contactless smart card readers can only be a good thing for the NHS. If successful, the project will greatly reduce the risk of infection. If unsuccessful, (which is just as likely!) the project could spell the end for NPfIT. It’s a considerable gamble. CfH officials believe it could take up to ten years to get arrangements fully nailed down. This serves as a timely reminder of how difficult the information governance of the health sector remains.

Tom Tainton – Smartcard & Identity News


17/01/2019 Headlines

Mining Bitcoin Takes More Energy than Extracting Gold or Platinum

Digital currencies, as in so-called cryptocurrencies like Bitcoin and Ethereum, may represent the future of our monetary system, but so far, they've been terrib.....Read More

$1M in Crypto Disappears after SIM Swapping by US Hacker

California authorities have indicted New York citizen on 21 felony charges of cryptocurrency hacks, including the theft of $1 million in virtual coins. The defe.....Read More

Biometric Tech Used by Banks Leads to Rise in Money Mules

The use by banks of biometrics (fingerprint identification) to verify account holders has brought greater security to minimise identity theft and impersonation,.....Read More

Cyber Attacks on Major Banks have DOUBLED in a Year Due to Mistakes by 'Overconfident' Bankers

Technology disasters at banks and finance firms have more than doubled amid an unprecedented wave of cybercrime, the City watchdog has warned.

Overconfid.....Read More

Eight Arrested Following Takedown of Multi-Million Dollar Online Ad Fraud

A giant ad-fraud campaign that resulted in losses of tens of millions of dollars to companies has been taken down. According to a report by Google and cybersecu.....Read More

Sirin to Ship its First Blockchain-enabled Smartphone

Swiss-based Sirin Labs plans to ship its first blockchain-enabled smartphone on Thursday; the device will give users a secure method to access cryptocurrency ex.....Read More

Video Interviews

Tim Jones talks on the wealth of networks

Christophe Dolique of Gemplus talks about ·SIM

Dominique Brule of Philips Semiconductors talks about Near Field Communication