11 Health Boards Hit By Cyber Attack
13 May 2017, 07:27
Scotland's Health Secretary has said any lessons from the cyber attack on NHS computer systems will be learned.
Shona Robison said health boards affected in Scotland were recovering and there was "a level of confidence'' that GP systems would run as normal on Monday.
Eleven health boards and the Scottish Ambulance Service were hit as part of a global attack which is reported to have affected up to 99 countries.
Acute hospital sites in Lanarkshire, as well as GP surgeries, dental practices and other primary care centres around the country have been affected by the ransomware attack on IT networks, which also disrupted health services in England.
The Health Secretary said work had been carried out throughout the night to get systems in Scotland back up and running, and stressed that the incident had not impacted on patient safety or confidentiality.
She said: "We're very much into recovery phase now with a lot of work going on to get systems back up and running.
"On the GP systems, which of course were the main problem across our health boards, work is going on and there's a level of confidence that many will be back up and running before GP surgeries reopen on Monday morning.
"Lanarkshire has been more affected in terms of its acute hospitals. The manual systems have worked safely and patients haven't been negatively impacted by that and it's important to stress that.
"People have worked overnight with IT suppliers in Lanarkshire and the intention today is to begin to start testing those IT systems and to gradually and safely try to bring those back on over the course of the weekend.
"I would stress again that through all of this there has been no breach to patient confidentiality that has been detected to date so patients should be reassured by that.''
She emphasised there had been no impact on the majority of the out of hours systems across Scotland, with NHS 24 working as normal along with the Scottish Ambulance Service, where the only issue had been with desktop PCs that were non patient facing.
Following a Scottish Government resilience (SGORR) meeting on Friday night, ministers confirmed that 11 of Scotland's 14 geographical health boards have been affected.
They are NHS Borders, Dumfries and Galloway, Fife, Forth Valley, Lanarkshire, Greater Glasgow and Clyde, Tayside, Western Isles, Highlands, Grampian, and Ayrshire and Arran.
And the Scottish Ambulance Service, which is also classed as a health board, was hacked in the attack, taking the total number of boards hit north of the border to 12.
First Minister Nicola Sturgeon said after the meeting: ''Earlier, a ransomware cyber-attack of the kind which has impacted NHS England, was found to have affected 12 health boards across NHS Scotland.
''Immediate steps were taken to isolate the affected systems and to ascertain the exact nature of the malware being used.
''I have convened a Scottish Government resilience meeting to ensure that we are closely monitoring the situation.
''All necessary steps are being taken to ensure that the cause and nature of this attack is identified. There is no evidence that patient data has been compromised.''
Ms Sturgeon said Government officials are working with the affected boards and authorities like the National Cyber Security Centre to isolate any affected systems.
''Our priority is to ensure that boards get all the support required to identify the full extent of any problems, and return IT systems to normal as soon as possible, so there is as little impact on patient care as possible,'' she said.
She also thanked the NHS staff working to ensure the impact of the attack ''is kept to an absolute minimum''.
The First Minister was joined in the meeting by her deputy John Swinney and Health Secretary Shona Robison, as they were updated by officials from the National Cyber Security Centre, and the Scottish Government.
Further resilience meetings will be held over the weekend as required.
Ministers said most of the incidents have been confined to desktop computers in surgeries and primary care centres.
Patient services, including emergency services, are continuing to operate across Scotland, the Government at Holyrood confirmed.
NHS Lanarkshire is the only board in Scotland where acute hospital sites have been hit, although those hospitals are continuing to operate.
Health chiefs there urged non-emergency patients to stay away from its hospitals as it dealt with the ransomware attack.
They said in a statement: ''As a precaution, NHS Lanarkshire is closing down its non-essential networked IT systems on a temporary basis.
''All our sites remain open, however we are appealing to members of the public only to attend hospital for emergency treatment during this period.''
Scotland's biggest health board, NHS Greater Glasgow and Clyde, as well as NHS Tayside, NHS Dumfries and Galloway and NHS Forth Valley confirmed that some of their GP surgeries had been caught up in the incident.
The health board in Tayside reported that 10 GP practices in the region, which operate on a non-NHS Tayside system, were affected. Four surgeries in the Greater Glasgow and Clyde area experienced disruption to their IT systems, while three practices were impacted in Dumfries and Galloway.
NHS Borders said three of its community sites have been hit.
The remaining boards were affected to some extent, apart from NHS Lothian, Orkney and Shetland, which appeared not to have been targeted.