NHS conducts £300k cyber review of Covid Pass

Written by Sam Trendall on 6 April 2022 in News

Contract signed with consultancy Mason Advisory

Credit: QuoteInspector/CC BY-ND 4.0

The NHS Covid Pass system has undergone a £300,000 assessment of its cybersecurity set-up and key risks.

Newly published commercial documents reveal that, on 18 October, the Department of Health and Social Care signed a deal with IT consultancy Mason Advisory. The engagement, awarded via the cloud support lot of the G-Cloud 12 framework, ran until 31 March and covered the provision of the tech firm’s ‘cybersecurity assessment and implementation’ service.

According to the service’s listing on the Digital Marketplace platform, it offers customers support with the “development and review of cyber strategy and roadmaps” as well as “detailed cyber maturity and resilience assessments”.

For a cost of between £600 and £1,400 per person per day, buyers can also receive outsourced expert assistance with “incident and event response management”.

The text of the contract reveals that health-service tech agency NHSX was seeking support with “security architecture and infosec risk management”.

Four types of services are listed in the deal, beginning with a “mobilisation” period in which the supplier was expected to “conduct knowledge transfer and on-board additional resource”.

Related content

Mason Advisory was also contracted to provide monthly updates on: security design; threat, controls and risk management; and collaboration and reporting.

Over the course of its five-month term, the deal was worth £293,579 to the Salford-headquartered firm. 

Three other companies were listed in the contract as subcontractors or partners to the work: Ultima Business Solutions; Grayce Group; and Trysnet Solutions.

Since the launch of the digital vaccine passport system in May 2021, millions of citizens have accessed the Covid Pass – principally via the NHS App, which now has more than 22 million users across England. All but about 250,000 of these have adopted the technology since the start of the pandemic – including 18 million that have downloaded the app since the creation of the Covid Pass.

The app offers users two types of pass: one for use in domestic settings; and another that can be used for international travel. The latter version is now available for anyone aged 12 and upwards.

The domestic passes – which are only available to adults – are no longer a legal requirement for any venues or events, although businesses can still use the system as part of their own conditions of entry, if they so wish.

The passes contain a secure QR code which staff at travel hubs or venues can scan to verify its authenticity. The Covid Pass has been certified as interoperable with the equivalent EU system, meaning the UK-issued passes can now be scanned at locations across all member states, as well as in 37 other countries and regions that have also achieved certification.


About the author

Sam Trendall is editor of PublicTechnology. He can be reached on sam.trendall@dodsgroup.com.

Share this page




Please login to post a comment or register for a free account.

Related Articles

Scottish parliamentarians ‘strongly advised’ to ditch TikTok
21 March 2023

MSPs are issued with advice following consultation with National Cyber Security Centre

‘Top Secret UK eyes only’ – MoD plots new infrastructure for highly classified information
20 February 2023

Facility in south-east England is likely to include private cloud and physical storage

NHS long-term cyber strategy sets out plan to ramp up workforce and ‘defend as one’
23 March 2023

Government sets out vision for improving resilience of health and social care sector by the end of the decade

Emergency alerts message system launches with nationwide test planned for next month
20 March 2023

SMS alerts initiative has been in the works for five years and was originally slated to launch in October

Related Sponsored Articles

Digital transformation – a guide for local government
6 March 2023

Digital transformation will play a key role in the future of local government. David Bemrose, Head of Account Strategy for Local Government at Crown Commercial Service (CCS), introduces a new...