Registration & Networking

Chair Opening Address (Confirmed)

Drawing on two decades as a covert intelligence operative and ranked among the world’s top body language experts, Gavin Stone brings a rare perspective to the challenges of identity and access management in today’s NHS. With extensive HUMINT expertise, Stone has mastered the art of reading people, detecting deception, and building trust in high-risk environments.

In this thought-provoking session, he will explore how subtle human behaviours can reveal hidden risks, why identity security is as much about people as it is about technology, and how psychological insight can strengthen trust, compliance, and resilience across healthcare systems. Attendees will gain practical strategies to spot red flags, mitigate insider threats, and enhance communication when every second—and every decision—counts.

This session brings together three leaders working across trust, regional, and national levels to discuss how IAM systems are being practically deployed and governed. Topics will include harmonising legacy infrastructure, the impact of the NHS Federated Data Platform, role-based access, and implications of the UK Cyber Strategy for healthcare.

Panellists:

• Prof Joe McDonald, Founder Great North Care Record, Consultant Psychiatrist, Peripatetic Medical Director, The Access Group (Confirmed)
• Dr Michael Watts, Acute Medicine Doctor and NHS England Clinical Entrepreneur, UHDB NHS Trust (Confirmed)
• Seamfix, Speaker TBC (Confirmed)

Headline Sponsor - AdminByRequest

Their session at 10:30 am, led by Jeff Jones, will explore 5 common ransomware entry points and how Endpoint Privilege Management can help close the gaps — with actionable strategies for IT, IG, and cybersecurity teams.

Morning Break & Networking

Chair Morning Reflection (Confirmed)

Case Study - Imprivata

Many clinicians in the UK need access to both local and national healthcare systems. These distinct systems are accessed separately and typically require many separate sets, and types, of login credentials, creating significant extra complexity to the clinician’s workflow. 

NHS England, in line with most health authorities across Europe, is shifting towards open, modern standards to keep pace with technology.

If delivered in a timely fashion, and with front-line clinical workforce top of mind, this could open a whole new world of usability and workflow potential that could help to streamline clinical workflows while also improving security and patient privacy. 

Join us in this session where we will discuss how Imprivata can help with access to both local and national systems in healthcare, and how planned changes in technology could improve the delivery of care.  

Case Study - Bluefort

Join BlueFort Security and Silverfort for an insightful session on how their partnership can and has greatly assisted the NHS in navigating the complexities of MFA and IAM requirements outlined in the NCSC Cyber Assessment Framework (CAF) . The session will also showcase how Silverfort was successfully deployed into a large London based NHS Trust in January 2025 to meet CAF compliance. Finally, we will discuss how BlueFort Security, as Silverfort’s premier partner, ensures expert deployment, configuration, and ongoing optimisation to maximize the technology’s value, thereby strengthening the NHS’s overall security resilience.

In this candid one-on-one conversation, Professor Joe McDonald reflects on three decades of experience driving digital change within the NHS—from pioneering the Great North Care Record to advising national strategy. Together, we’ll explore the real-world tensions between usability, safety, and regulation in identity and access management.

Key themes will include:

• Why clinician trust and software usability matter as much as security
• Embedding patient consent without adding friction
• Lessons from failed programmes—and what the NHS is finally getting right

Case Study - SailPoint

The NHS is under pressure to improve efficiency, strengthen cyber resilience, and deliver better patient outcomes. Manual Joiner–Mover–Leaver (JML) processes, access requests, and access reviews often slow staff access, create risk, and distract from patient care.

This session explores how SailPoint helps NHS organisations automate identity governance, streamline access requests and reviews, and ensure staff have the right access at the right time. The result is improved workforce experience, reduced risk, and more time for patient-focused care. By embedding strong identity controls, SailPoint also supports NHS cyber security and compliance requirements, including DSPT and CAF, helping organisations stay secure while driving digital transformation.

Lunch & Networking

Chair Afternoon Address (Confirmed)

Case Study - CMS

In today’s complex hybrid IT world, visibility gaps, tool sprawl, and alert overload slow you down. SolarWinds Observability unifies monitoring and IT service management into one AI-powered platform to help you see everything, understand why issues happen, and fix them faster.

Available as self-hosted or SaaS solutions, SolarWinds delivers seamless hybrid cloud and on-prem observability for networks, infrastructure, applications, databases, and user experience.

• Cut Complexity with a single pane of glass
• Reduce Alert Fatigue through intelligent AI correlation
• Speed Incident Response with guided collaboration and automation
• Stay Secure with a robust, multi-layer security framework
• Boost Efficiency with AI-driven insights, auto-remediation, and streamlined workflows

SolarWinds helps you transform IT operations, improving uptime, slashing MTTR, and empowering teams to do more with less.

SolarWinds Observability: Smarter IT starts here.

In this thought-provoking fireside chat, we sit down with Dr. Michael Watts—Young Health Tech Leader of the Year 2024, NHS doctor, Associate Chief Clinical Informatics Officer, and a visionary commercial sector CEO . As a driving force behind digital innovation in healthcare, Dr. Watts brings a wealth of experience and insights from his roles across the NHS, academia, and entrepreneurial ventures.

Case Study - ManageEngine

 Streamlining Identity Governance in the NHS enhances security, compliance, and operational efficiency by automating user lifecycle management, access reviews, and audit readiness. Proven case studies demonstrate how digital transformation supports regulatory adherence (DSPT, NCSC CAF), reduces risks, and improves patient and staff experience across healthcare systems.

This session addresses what’s often overlooked in conversations about IAM: the people behind the policies. Drawing from NHS cancer analytics, service redesign projects, and digital governance work, I will unpack how identity systems, when poorly implemented, block access, erode trust, and deepen health inequalities.

We will go beyond technical fixes exploring what it takes to build inclusive, secure, and clinically relevant access systems that serve everyone. This isn’t just about technology. It’s about power, inclusion, and equity in how the NHS operates and who it leaves behind.

Identity and Access Management (IAM) is a critical framework that governs how healthcare staff access digital systems, patient data, and clinical tools. It ensures that the right people have the right level of access at the right time, supporting safe, efficient, and secure care delivery across increasingly complex and integrated health systems.

In the NHS context, IAM encompasses the verification of user identities, role-based access controls, secure authentication, and audit trails that protect patient data and ensure regulatory compliance. IAM also plays a pivotal role in managing staff onboarding and offboarding, enabling locum flexibility, and supporting interoperability across multiple Trusts, systems (such as EPRs, RIS, PACS), and third-party providers.

As the NHS accelerates its digital transformation agenda—through EPR rollouts, cloud adoption, and regional service consolidation—robust IAM becomes a foundation for digital trust, clinical safety, and operational efficiency. Poorly managed access can compromise patient safety, while streamlined, role-aligned access supports front-line productivity, system resilience, and user confidence.

IAM is no longer just an IT issue—it is a strategic enabler of clinical excellence, workforce mobility, and digital maturity.

Tea & Coffee

End of Day