NHS cyber attack could leave staff without patient records ‘for three weeks’

NHS - Kirsty O'Connor/PA Wire

NHS – Kirsty O’Connor/PA Wire

A cyber attack on NHS medical records could mean medics cannot access patients’ notes for three weeks, health chiefs have warned.

The software system supporting NHS 111 and electronic records was shut down last week after it was attacked by hackers.

The breach has left thousands of hospital staff unable to access patients’ notes and histories, increasing the risk of misdiagnosis and fatal medication errors.

Meanwhile, NHS 111 staff are being forced to resort to pen and paper when trying to prioritize calls, without the use of the system that normally helps them dispatch ambulances and book out-of-hours emergency appointments.

The company that operates the systems was unable to say when the blackout would end, and hospital staff were told to prepare for at least three weeks of outages.

The attack, believed to have been carried out by a criminal gang rather than a hostile state, took place last week and put pressure on NHS staff.

“The public should use the NHS as normal”

Health officials have said 111 callers may face longer waiting times than usual, but have said the public should continue to use the NHS as normal, meaning they call 999 in an emergency.

In an email to staff, Nick Broughton, chief executive of Oxford Health NHS Foundation trust, said it had been advised to prepare for “a system outage that could continue … possibly longer than three weeks” for the electronic records system.

The email, seen by the Health Service Journal, said the system used by NHS 111 cannot be restored for two weeks.

It is understood that there is so far no evidence that patient data has been compromised by the breach. This affects Advanced, the company that supplies software to parts of the healthcare system.

However, NHS staff have warned that medics have been left in a “very dangerous” situation as they are forced to make decisions without access to patients’ medical histories.

Care homes affected by cyber attacks

Advanced’s Adastra system allows call handlers to dispatch ambulances, as well as order out-of-hours emergency prescriptions for patients and urgent appointments.

More than 1,000 care homes using the company’s Caresys software have also been affected, along with NHS trusts.

An NHS spokesman said: “While advanced work is being done to resolve software issues, proven contingency plans are in place across local health systems so the public should continue to use the NHS as normal.”

Last month, the head of the National Cyber ​​Security Center and the Information Commissioner warned businesses that they risked “encouraging” attacks by cybercrime gangs by meeting ransom demands.

‘Staff work on paper’

Last week, a letter from NHS regional officials warned that the blackout had left NHS 111 staff “working on paper” and “adversely affected” response times.

On 5 August, the Welsh Ambulance Service said the “major blackout” had affected all four nations, and warned that 111 calls could take longer to be answered over the weekend.

The letter sent to GPs, seen by health news publication Pulse, said call handlers have been unable to book patients directly for GP appointments, adding they were told to “manage calls where possible”.

Direct bookings for call handlers for other services were closed and staff have been asked to try to make them by phone or email instead.

Leave a Reply

Your email address will not be published.