Director of City’s Institute for Cyber Security, Professor Muttukrishnan Rajarajan, discusses NHS database security.

By Mr John Stevenson(Senior Communications Officer), Published (Updated )

The National Health Service (NHS) is launching its bluetooth-enabled COVID-19 contact-tracing smartphone app on the Isle of Wight.

The app will alert users if they have been in close proximity with someone who has tested positive for the coronavirus and has been developed by the digital technology unit of the NHS.

It has been suggested that areas where the app is deployed could see lockdown measures eased early.

Medical history

Director of City’s Institute for Cyber Security, Professor Muttukrishnan Rajarajan says that "while the NHS has carefully considered all options regarding privacy and identity, measures and mechanisms must be in place to ensure that the NHS database is secure and that there are no data leaks”

“Although people will want to find out about the security of data they will be sharing on the contact tracing app, they should know that their GPs and the NHS already know their medical and health history.”

Professor Rajarajan, who is also City’s Professor of Network Engineering, says:

"There have been proposals to address cyber security challenges to NHS patient data through the use of highly computationally secure homomorphic encryption techniques, so that the computing is all done in the encrypted domain rather than the plain domain. UK citizens may initially resist the app but they will eventually see its benefits and begin to adopt it. Though it took a few years for people to appreciate the benefits of online banking – with similar cyber security and data encryption considerations - they eventually embraced it."