It would be beneficial to retain some “paper systems” following the cyberattack, although electronic records are “the most efficient and safest way of working”, heard the board of the Rotunda Hospital in Dublin. In June, Master Prof Fergal Malone provided an update to the board on initial learnings from the cyberattack on the HSE in the previous month.
The Rotunda “as a fully digital hospital and being fully integrated with HSE national systems would not have been able to withstand this type of sophisticated attack”, according to meeting minutes. In relation to the Maternal and Newborn Clinical Management System (MN-CMS)/electronic patient record back-up system, “only a snapshot of inpatient information for the previous seven days was actually available on a read-only basis.” This meant there “was no medical record for the vast majority of Rotunda patients resulting in no visibility or ability to access patient information”.
MN-CMS electronic databases were dependent on the integrated patient management system, which populates all electronic systems and which is also reliant on HSE national services. The risks of inputting large volumes of paper records onto the electronic system will include mislabelling, wrong patient IDs, medication errors, and incorrect lab samples, etc. The Master’s update also noted that staff performed “extremely well” in reverting to paper-based systems and enacting contingency measures.
It was recommended that contingency cloud-based systems and some paper systems were retained to support and supplement the electronic system and these could be activated for “future cyberattacks”. A working group was due to report on the benefits of retaining some paper-based systems.