Framework Agreements from NHS SBS - COVID-19 Update
To provide our customer and suppliers with the best possible service during the COVID-19 pandemic and to aid compliance with the Cabinet Office's procurement policy notices, we reviewed many of our framework agreements, and have, where appropriate, made alterations.
Cyber Security Services
This is a new framework agreement that offers a complete range of external support services to help NHS and wider public sector organisations manage cyber risks and recover in the event of a cyber security incident. The government announced investment in NHS Cyber Security capabilities following the WannaCry ransomware cyber attack in 2017. The framework has therefore been developed in partnership with NHS Digital and the National Cyber Security Centre (NCSC).
COVID-19 has brought the cyber threat into sharp focus due to increased use of technology to enable remote working and because digital services are playing such an important role in enabling social distancing to be introduced into care settings.
The pandemic has had the following effects on the threat landscape:
- phishing attempts have adapted to exploit interest in the virus;
- novel fraud attempts have emerged;
- new working practices such as communication and collaboration tools have shifted the attack surface;
- there has been an approx. 20% increase (from before lockdown) in opening up of standard ports (e.g. RDP 3389) for remote infrastructure management;
- targeting of healthcare sector has persisted.
Through design, delivery, testing, governance and assurance the new Cyber Security Services framework enables service continuity in patient care by ensuring patient data is secured and critical systems remain available. The framework expires in May 2022 with the option to extend for two years.
This framework provides Contracting Authorities with a compliant route to market for any workspace optimisation requirements they may have including assisting with measures to implement effective social distancing. Suppliers are able to review office space and facilities ensuring they are fit for purpose, monitor workspace usage through sensors or people counters to enable the appropriate management of workspaces, work areas, occupancy levels etc. The framework expires in April 2024.
The framework provides an OJEU compliant route to market to procure quality, value for money Outsourced Clinical Services. The framework allows approved organisations to retain capacity planning in-house and ensure patients can be seen within suitable and compliant timeframes thus helping to reduce waiting lists caused by the pause on elective admissions during the pandemic.
Approved Organisations will be able to provide additional clinical capacity by allowing patients to be seen and treated at the alternative providers' own facilities. The framework covers all clinical specialties and all HRG and Treatment Function Codes, as well as any related additional services such as patient booking services, administration, theatre rental etc.
This framework is ideally placed to help Trusts expand their capacity through subcontracting elements of the patient pathway (or the whole pathway itself) to a wide range of alternative providers in both the NHS and independent sector.
The framework expires on 30 April 2022, with the option to extend for a further 24 month period. The framework was also tendered under the Light Touch Regime, meaning there will be an opportunity at extension to re-open the award and add further providers if required.
To find out more about the full range of NHS SBS framework agreements, Framework Agreements page.