UK National Health Service National Health Service, NHS

Main article: Health care in the UK

History

2024

Blood test labs shut down for 3 months in London due to cyber attack

At the end of September 2024, the London health service reported that blood testing laboratories in south-east London had only restored activity after a cyber attack on Synnovis three months later.

A ransomware virus attack in June 2024 caused disruption to various services in the Southwark, Lambeth and Bromley areas, forcing doctors to delay thousands of operations and procedures. By the end of September, the possibility of blood transfusions has not yet been restored in all hospitals, and the government intends to deal with this problem within the next few weeks.

𝓲

Freepik

Thanks to mutual assistance agreements, we were able to carry out all planned operations and transplants, says Jane Fryer, medical director of health surveillance.

While most of the services provided by Synnovis for GPs and hospitals have been restored, in some cases specialists still have to keep records manually while waiting for Synnovis to restore its IT systems providing communication between laboratories and users. Mark Dollar, chief executive officer of Synnovis, said doctors had once again gained access to a "full range of diagnostic services."

In total, due to a cyber attack, 10,146 outpatient appointments and 1,705 planned procedures had to be postponed in three months.

Meanwhile, English health service NHS England and National Data Guardian have announced an update to the cyber security framework for health and social care organisations, which came into force from 2 September 2024. As a result, the UK health service will move from using the NDG's 10 data security standards to the National Cyber Security Centre's Cyber Threat Assessment System (CAF^[1]

400GB of London patient data leaked

On June 21, 2024, the National Cybersecurity Center of Britain (NCSC), part of the Government Communications Center (GCHQ), reported that hackers had posted personal data of London patients on the Internet. As a result of the ransomware attack, approximately 400 GB of information was stolen.

It is known that cyber intrusion occurred on June 3, 2024. Attackers have infiltrated the IT infrastructure of Synnovis, a provider of post-mortem services for the NHS. After that, hackers introduced malware with encryption functions, which provoked an IT collapse in a number of large London hospitals. Medical facilities were forced to cancel hundreds of operations and appointments, and Synnovis itself was unable to process blood tests.

𝓲

unsplash

According to available information, the cybercriminal group Qilin is behind the attack. At the disposal of the attackers was a large amount of data, including the names of patients, registration numbers of the health care system, descriptions of blood tests, as well as some financial information.

The affected medical facilities included King's College Hospital in Danman Hill, south London, Guy's Hospital near London Bridge and St Thomas's Hospital in Westminster. The victims refused to pay the ransom, and the hackers released the stolen files on the Internet. Various government entities, including the National Health Service, the National Crime Agency and the National Cyber Security Centre, are continuing to investigate the incident as of the end of June 2024. It is said that restoration work will drag on for several weeks. Synnovis is forced to redirect non-urgent tests to other laboratories.^[2]

2023

Failure of the EDO megaproject

In early October 2023, it became known that the British National Health Service (NHS) was unable to implement a large-scale project to completely transfer the healthcare industry to electronic document management (EDO) on time. Instead, huge funds have been spent on organizing the storage of paper records.

In 2013, the NHS announced an initiative under which it planned to abandon paper documents by 2018 in order to "save billions of pounds, improve the quality of services and solve pressing problems." It was assumed that by March 2015, everyone could get online access to their own medical documentation stored by a general practitioner. By April 2018, detailed medical information was expected to be digitally available in the NHS database and welfare systems.

The British National Health Service (NHS) was unable to implement a large-scale project on the complete transfer of the healthcare industry to electronic document management on time

However, it was not possible to implement the plans within the specified time frame. The fact is that Britain's health sector has a very complex organizational structure, consisting of loosely connected disparate institutions. In 2015, the NHS reported that the transformation of the industry would drag on until 2020, but even these deadlines could not be met: hospitals continue to work with paper documents.

In particular, it is estimated that the total cost of organizing the storage of paper media in the healthcare sector Britain from 2017 to 2022 amounted to £1.19 billion (approximately $1.46 billion at the exchange rate as of October 10, 2023). At the same time, during the year until April 2022, hospitals spent more than £234 million ($286.93 million) on storing paper medical records. Of these, about £175 million came from organizing the storage of documents directly in medical institutions and £59 million from paying for third-party archives.^[3]

A powerful cyber attack undermined the work of ambulances in Britain. They are forced to switch to paper

On July 19, 2023, some NHS ambulance services (National Health Service) in Britain were faced with the impossibility of working with electronic medical records of patients. Because of this, medical institutions had to switch to paper document management.

The cause of the failure was a cyber attack on Ortivus, a specialized healthcare software company. Ortivus, headquartered in Sweden, said in an official statement that a hacker invasion of a data center in Britain was recorded on July 18, 2023. Ambulance services South Western Ambulance Service Trust and South Central Ambulance Service Trust, which use the Ortivus MobiMed cloud platform under an agreement signed in 2020, were affected.

Some NHS ambulance services with inability to work with patients' electronic health records

Electronic patient records are not available and are processed manually until further notice. No patient was directly injured. No other systems were affected in the cyber attack, and no customer outside the data center was injured, Ortivus said in a statement.

Together, the South Western Ambulance Service Trust and the South Central Ambulance Service Trust serve approximately 12 million people. The attackers disrupted the MobiMed ePR system, which is designed to maintain electronic medical records of patients. In addition, this platform serves to exchange data between providers of various health services. Ortivus CEO Reidar Gordebek (Reidar Gårdebäck) reported that "there is no indication that any data has been stolen or lost." The Ortivus cybersecurity operations center is working with law enforcement to investigate the incident, it said. What cyber group is behind the attack is not specified.^[4]

The largest leak in the history of the British Ministry of Health. 70 TB of HCP and patient data stolen

At the end of June 2023, the cybercriminal group BlackCat, also known as ALPHV, announced the hacking of Barts Health NHS Trust, a division of Britain's National Health System. The attackers stole a total of approximately 70 TB of confidential information.

Barts Health NHS Trust brings together six hospitals and ten health centres in East London. These include the Royal London Hospital, St Bartholomew's Clinic, Whipps Cross Hospital, Newham Clinic and Mile End Hospital, among others. The network serves more than 2.5 million citizens.

BlackCat announces Barts Health NHS Trust hack

BlackCat attackers claim that they managed to gain access to personal data of patients, information of a financial nature, information about employees, resumes of applicants, etc. Typically, BlackCat cybercriminals inject data encryption malware into the computer infrastructure of an attacked company or organization. After that, hackers demand a ransom for restoring access to files. However, in the case of the attack on Barts Health NHS Trust, nothing is said about the decryption key. This means that criminals may not have had time to encode information. However, attackers threaten to release the stolen information online if the Barts Health NHS Trust management does not get in touch to negotiate. Nothing is known about how much cybercriminals want to get for non-disclosure of data.

The attack on Barts Health NHS Trust was the largest leak in the history of the British Ministry of Health. Stolen information can be sold at auction on the dark web and then used to carry out a wide variety of fraudulent schemes, including to steal funds from bank accounts. British intelligence agencies are investigating the incident.^[5]

2022: Ransomware virus blocks British Ministry of Health systems

On August 11, 2022, it became known that the systems of a large Advanced IT service provider, which provides digital services such as patient registration NHS and 111, were blocked as a result cyber attacks using ransomware. ON The company said a full recovery could take three to four weeks. More. here

2021

British vaccination minister found real estate empire

In early July 2021, it was reported that British Minister Nadim Zahavi, who is responsible for vaccinating the population, his wife and their affiliated companies created a real estate portfolio for a total value of more than £100 million. Read more here.

British Health Ministry IT officer sentenced to 5 years in prison for misappropriating hundreds of thousands

In early July 2021, the former IT manager of the British Ministry health care Barry Stannard (Barry Stannard) was sentenced to five years and four months in prison for fraud and theft of 806,229,80 pounds ($1.1 million) from the British National Health Service. More. here

2019

Britain launches AI system predicting disease in patients

In early August 2019, the National Service health care Great Britain (NHS) announced that it would allocate $302 million to create a new laboratory artificial intelligence in the country's digitization unit. The NHS notes that the new lab will bring together scientists, doctors and technology companies to tackle major health challenges, including predicting a variety of diseases.

Britain is introducing AI into the health care system. He will assess the risks of diseases

An AI system has been created that will improve cancer screening through new technologies for mammography, brain scanning, vision assessment and heart monitoring. Also, new AI service technologies will allow doctors to better assess the need for patients for drugs and the need for surgical operations. Moreover, developed machine learning models will be able to identify patients most at risk of postoperative complications or infections, as well as conditions such as heart disease or dementia.

Another aim of the new service is to improve the skills of NHS staff who should be able to use AI systems to automate routine tasks. In addition, the AI lab must validate algorithms already in use and improve safety standards, improving their reliability while protecting patient privacy.

Thus, the use of AI should help personalize the screening and treatment of cancer, eye diseases and a number of other conditions, as well as free up staff working hours. The NHS had previously partnered with individuals to roll out AI-based services, however faced a privacy breach. The new service within the framework of the national system itself will avoid such problems.^[6]

Amazon voice assistant starts giving advice from NHS

In mid-July 2019, the National Service health care Great Britain (NHS) announced a collaboration with. Amazon Through their joint efforts, the voice assistant will be Alexa able to provide reliable medical advice to users.

The technology is supposed to allow patients to "get professional, NHS-proven medical advice in seconds" with simple voice commands. The algorithm will use information from the NHS website to give patients answers to questions such as "Alexa, what are the symptoms of chickenpox?" and "Alexa, how to treat migraines?." Elderly and blind patients are thought to benefit the most from the new function.

Amazon smart speakers began to give recommendations to the Ministry of Health

Secretary of State for Health and Human Services Matt Hancock noted that the new technology will not only allow users to directly receive verified information from the comfort of their homes, but will also reduce the burden on doctors and pharmacists. The collaboration with Amazon is another step to deliver on the NHS's long-term development plan, which was unveiled in January 2019 and involves expanding the range of health services provided through digital platforms.

Helen Stokes-Lampard, chair of the Royal College of General Practitioners, described the use of voice technology to provide information to patients as an "interesting innovation."

However, she insisted on an independent study that would guarantee the safety of this system. Otherwise, using a voice assistant will only delay seeking medical attention. Stokes-Lampard also noted that the inaccessibility of technology to some sections of the population could further exacerbate class^[7] I treat^[8]

2018: Refusal to use faxes

In December 2018, the British Ministry of Health announced the rejection of fax as part of a large-scale restructuring of its technological systems. Instead of this outdated means of communication, it is planned to use more modern and advanced communications, including the WhatsApp messenger.

British Minister health care and Social Protection Matt Hancock has banned the NHS Great Britain from purchasing fax machines. The order comes into force on January 1, 2019. By April 2020, it is planned to completely switch to modern digital technologies when working with patient data. The implementation of the requirement will be monitored by the Ministry of Health quarterly. 

British Ministry of Health refused a fax in favor of WhatsApp

Hancock says he understands the scale of the task, however, according to the minister, "we cannot afford to continue living in the Middle Ages."

In July 2018, The Guardian wrote that the NHS used about 9,000 fax machines to transfer and receive patient data. Then the Royal College of Surgeons called the use of such devices "absurd."

The use of fax has repeatedly caused problems with the confidentiality of user information.^[9]

We constantly mistakenly receive facsimiles intended for other places, but we never talk about it, "said cognitive behavioral psychotherapist Rebecca McIntyre in an interview with the BBC.

Amid these problems, some doctors have started using the WhatsApp mobile app to transfer patient data.

However, not all healthcare professionals support the idea of the NHS ditching faxes in favour of modern digital technology, as the latter are more susceptible to cyber attacks.

At the time of the WannaCry attack in 2017, our "outdated unnecessary" equipment helped with the fact that blood preparations, which are not normally stored in our blood bank at the facility, could be ordered without delay, which did not compromise patient safety, health worker Tim Owen told the BBC.

Notes