Do you really have confidence in your records being confidential? Do Hospital Trusts have cyber insurance?

Jonathan Paige reports 1st November 2016:  Operations cancelled after hackers hit three hospitals

Do you really have confidence in your records being confidential? NHSreaality very much doubts if Hospital Trusts have cyber insurance? Your notes are the property of the Secretary of State for Health in the Region / Post Code in which you live. The state will not compensate you, and no company is likely to insure such a reactionary and heavy footed organisation, where there are no exit interviews, and where learning from mistakes is secondary to avoiding bullying, in the culture of fear.

Three NHS hospitals are struggling to cope after being hit by a “malicious” cyberattack that forced the cancellation of all appointments, procedures and operations for two days.

Officials said that about 1,000 patients would be affected at hospitals run by the Northern Lincolnshire and Goole Trust, where the computer virus was discovered on Sunday. A major incident was declared at the Diana Princess of Wales in Grimsby, Scunthorpe General and Goole and District.Image result for computer hacker cartoon

The hospitals’ computer systems control all aspects of operations, so the virus has affected “everything from ventilation, gasses, even down to the car park barriers”, Lawrence Roberts, medical director at the trust, said.

Mr Roberts added: “We’re not sure where it came from, nor what the intention behind it was, but it certainly seems like a malicious attack.”

The news comes as a senior government minister warned that “large quantities of sensitive data” held by the health service and the government are being targeted by malicious forces from other countries. Writing in the Telegraph, Ben Gummer, minister for the Cabinet Office, said: “Cyberattacks are a reality and they are happening now. Our adversaries are varied: organised criminal groups, ‘hactivists’, untrained teenagers and foreign states.”

He added: “The government has a clear responsibility to ensure its own systems are cyber-secure. We and the rest of the public sector — including the NHS — hold large quantities of sensitive data and provide online services relied on by the whole country.”

The hospitals targeted on Sunday responded as though they were in a major incident or disaster producing multiple casulaties. They resorted to a paper-based tagging system to admit patients in A&E.

“I’ve never seen anything like it in my more than 20 years at the trust,” Mr Roberts said. “Everything we do is computer-based so our doctors had to switch back to pen and paper and carbon copies for prescriptions and discharge letters.”

He said that the trust’s cyberattack team was trying to find the source of the virus but he could not confirm where — or even which country — it had come from. Although Northern Lincolnshire and Goole’s systems are connected to other trusts, Mr Roberts said he had been told that it was unlikely the virus would spread.

All operations were allowed to proceed on Sunday when the virus was discovered, but everything after that has been cancelled. The trust plans to meet this afternoon to assess the scale of the damage and see if the hospitals can be back to full capacity tomorrow.

This is not the first time that NHS hospitals have been targeted by computer viruses. An investigation by the i newspaper this year found at least 30 NHS Trusts in England had been the victim of “ransomware” attacks in the past year. Four incidents were considered to be so serious that they had to be reported as a potential breach of data protection or confidentiality laws.

Ransomware works by implanting itself on a computer and making its data unintelligible until its senders are paid a ransom in currency such as Bitcoin.

In 2008 the Mytob worm computer virus overloaded computer networks at Barts, the Royal London and the London Chest Hospital. Services affected included accessing blood tests, X-rays and patient administration.

This entry was posted in A Personal View, Post Code Lottery, Stories in the Media on by .

About Roger Burns - retired GP

I am a retired GP and medical educator. I have supported patient participation throughout my career, and my practice, St Thomas; Surgery, has had a longstanding and active Patient Participation Group (PPG). I support the idea of Community Health Councils, although I feel they should be funded at arms length from government. I have taught GP trainees for 30 years, and been a Programme Director for GP training in Pembrokeshire 20 years. I served on the Pembrokeshire LHG and LHB for a total of 10 years. I completed an MBA in 1996, and I along with most others, never had an exit interview from any job in the NHS! I completed an MBA in 1996, and was a runner up for the Adam Smith prize for economy and efficiency in government in that year. This was owing to a suggestion (St Thomas' Mutual) that practices had incentives for saving by being allowed to buy rationed out services in the following year.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s