Cyber security was on the agenda of the HSE’s audit and risk committee in March, weeks before the major ransomware attack that paralysed the health service. The committee discussed “cyber risks” and sought a general overview of the HSE’s “technological landscape and changing risk profile”, according to minutes seen by the Medical Independent (MI).
The committee’s March meeting discussed “rapid ICT deployments and changing risk profiles” and heard that the “risks over the last year have changed with a rise in focus on cyber risks”.
The committee requested a follow-up session involving the HSE Internal Audit Division and Office of the Chief Information Officer to further discuss the issue. Because of an error in uploading to the HSE website, the minutes of the March meeting are not complete. Cyber security is one of 17 ‘red’ risks on the HSE corporate risk register (CRR) approved by the HSE board.
“There is a risk to the HSE effectively protecting the confidentiality, availability and integrity of HSE data including patient data against cyber threats impacting directly on patient care and safety and staff as a result of the inability to deliver ICT and specialised medical device dependent services,” reads the CRR.
Meanwhile, the National Coordinator of the general practice information technology group, Dr Conor O’Shea, told MI it was generally accepted that Ireland spent much less on healthcare IT than other jurisdictions. Commenting on whether the attack could delay the introduction of electronic patient summaries, a unique health identifier and other IT projects, Dr O’Shea argued that the attack should not be allowed to result in further delays. More IT investment is required and lessons must be learned from this incident, he said.
There is still no date for the roll-out of transient elastography for liver disease testing in...
Work has begun on a “strategic review” of GP services that will “inform future contractual...
The Judge's report proposes that a Tribunal be established under legislation to hear and determine claims...
In December, the HSE released part of an external review into the case of 'Brandon', a...
The evidence on doctor burnout “should scare us and concern us”, the Director of the RCSI...
A review of public health governance structures and addressing “longstanding” IT infrastructure...
Leave a Reply
You must be logged in to post a comment.