.png)
In Just 2 Years, Spencer Private Hospitals %%Transformed Staff Cyber Awareness,%% Here’s How
Download now
%%More staff%% awareness
%%Actionable%% reporting insights
%%Supports%% compliance efforts
Spencer Private Hospitals is a private healthcare provider owned by the NHS in East Kent. As part of their commitment to delivering safe, secure care, the organisation recognised a growing need to address human cyber risk more directly, especially phishing, which remains one of the most common entry points for cyber threats.
Alex, who leads digital and information governance, acknowledged that while technical defences were in place, human risk wasn’t being adequately managed. “We noticed that this was a bit of a gap for us,” he explains. “The training we had was wholly inadequate, just a half-hour e-learning module that didn’t really hit the mark.”
On the compliance side, Spencer Private Hospitals must meet the UK’s Data Security Protection Toolkit (DSPT), as well as prepare evidence for cyber insurance renewals. “We’ve got to evidence that everyone is aware of cybersecurity, GDPR, and information governance,” Alex said. “Our previous setup just wasn’t cutting it.”
That led to a search for a UK-based provider that could deliver both ease of use and strong information governance controls. After evaluating a few vendors, Phishing Tackle stood out. “The demo was great. The system is really easy to use, the price was affordable, and the support, including onboarding and reporting has been excellent.”
.webp)
Over the last two years, Spencer Private Hospitals has integrated phishing simulations into their existing security workflow, replacing generic e-learning. The platform’s integration with Microsoft 365 and the addition of a “phish hook” reporting button have made it easier for staff to take action and for leadership to track results.
The reporting features have had a particularly strong impact. “We’ve recently done a deep dive into the reporting, and it really sold the message to the senior management team. It’s now a control on our risk register.”
Looking ahead, Spencer Private Hospitals plans to further leverage the platform for engagement and compliance, especially as they consider frameworks like Cyber Essentials Plus or ISO 27001.
How Phishing Tackle Helps Spencer Private Hospitals %%Manage Risk and Stay Compliant%%
Increased phishing awareness
Staff are more aware of real phishing risks thanks to targeted simulations and daily reinforcement.
Stronger reporting to leadership
Deep dives into reporting have driven senior-level buy-in and identified engagement gaps.
Supports key compliance requirements
Evidence for DSPT and cyber insurance renewals, with plans to support ISO 27001 and Cyber Essentials.
Easy onboarding and integration
Affordable, simple to use, and integrated with Microsoft 365 and Outlook.
Recommended case studies
.png)
