Connecting for Health has failed to appoint a senior security director to oversee IT security across the NHS National Programme for IT despite a year-long search.
The government agency behind the NHS IT programme advertised the board-level position last year, but it has so far failed to find a candidate with the right skills and qualifications.
"The post of director of IT security and information governance has not yet been filled. We continue to seek a suitable candidate," said a Connecting for Health spokesman.
Security analysts said Connecting for Health may have struggled to fill the post owing to the limited pool of specialists in the UK, particularly with the salary levels offered in the public sector.
"There are not many people around at that sort of level with that sort of experience. We are looking at the top dozen in the country. You then get down to whether the salaries are enough to attract those people who are on very good salaries already," said Graham Titterington, principal analyst at Ovum.
"In the NHS, you have lots of different platforms, lots of different issues, lots of concerns. You do need someone with broad and deep expertise."
The position may also be politically challenging, following concerns raised by GPs over the security of some National Programme systems and issues of confidentiality of patient data.
The security director will be responsible for developing and implementing an information governance programme, including confidentiality, as well as data integrity for both the NHS and the National Programme for IT.
Connecting for Health hired recruitment company Harvey Nash to look for senior IT security and information governance specialists with at least five years' experience with a large organisation and practical experience of governance and security on major technology programmes.
The post appeared on the Harvey Nash website in June last year, and it was re-advertised in The Times in November. The posting has since disappeared from the Harvey Nash website.
Vote for your IT greats
Who have been the most influential people in IT in the past 40 years? The greatest organisations? The best hardware and software technologies? As part of Computer Weekly’s 40th anniversary celebrations, we are asking our readers who and what has really made a difference?
Vote now at: www.computerweekly.com/ITgreats
Read more on IT risk management
The way we talk and think about tech is crucial to helping solve the skills shortage crisis
Is tech team remuneration opening up a new form of cyber risk?
Nearly 80,000 more tech roles filled at end of 2020 compared with end of 2019, says ONS
Tech executives need new skills to lead in a remote world