NOTE: By submitting this form and registering with us, you are providing us with permission to store your personal data and the record of your registration. In addition, registration with the Medical Independent includes granting consent for the delivery of that additional professional content and targeted ads, and the cookies required to deliver same. View our Privacy Policy and Cookie Notice for further details.

You can opt out at anytime by visiting our cookie policy page. In line with the provisions of the GDPR, the provision of your personal data is a requirement necessary to enter into a contract. We must advise you at the point of collecting your personal data that it is a required field, and the consequences of not providing the personal data is that we cannot provide this service to you.

Don't have an account? Subscribe

HSE audit committee discussed ‘cyber risks’

By David Lynch - 25th May 2021

Cybersecurity and secure nerwork concept. Data protection, gdrp. Glowing futuristic backround with lock on digital integrated circuit.

Cyber security was on the agenda of the HSE’s audit and risk committee in March, weeks before the major ransomware attack that paralysed the health service. The committee discussed “cyber risks” and sought a general overview of the HSE’s “technological landscape and changing risk profile”, according to minutes seen by the Medical Independent (MI).
The committee’s March meeting discussed “rapid ICT deployments and changing risk profiles” and heard that the “risks over the last year have changed with a rise in focus on cyber risks”.

The committee requested a follow-up session involving the HSE Internal Audit Division and Office of the Chief Information Officer to further discuss the issue. Because of an error in uploading to the HSE website, the minutes of the March meeting are not complete. Cyber security is one of 17 ‘red’ risks on the HSE corporate risk register (CRR) approved by the HSE board.

“There is a risk to the HSE effectively protecting the confidentiality, availability and integrity of HSE data including patient data against cyber threats impacting directly on patient care and safety and staff as a result of the inability to deliver ICT and specialised medical device dependent services,” reads the CRR.

Meanwhile, the National Coordinator of the general practice information technology group, Dr Conor O’Shea, told MI it was generally accepted that Ireland spent much less on healthcare IT than other jurisdictions. Commenting on whether the attack could delay the introduction of electronic patient summaries, a unique health identifier and other IT projects, Dr O’Shea argued that the attack should not be allowed to result in further delays. More IT investment is required and lessons must be learned from this incident, he said.

Leave a Reply

Latest Issue
The Medical Independent 26th September 2023

You need to be logged in to access this content. Please login or sign up using the links below.

Most Read