You are reading 1 of 2 free-access articles allowed for 30 days
As with other State bodies, the Executive has suffered cyber attacks in recent years and moves are underway to protect software.
On 13 November, the Laboratory Information System (LIS) and associated IT infrastructure at the Midland Regional Hospital, Tullamore, suffered a Windows ransomware attack.
According to the HSE: “The hospital has been working in conjunction with the HSE Office of the Chief Information Officer to restore the system and reinstate a functional Laboratory Information System within a reconfigured, secure HSE environment.
“There has been no impact on patient care and business continuity plans are in operation until the full system is restored. The HSE has informed the Data Protection Commission on a precautionary basis.”
By early next year, the HSE hopes to engage a provider to install “a resilient, centrally-managed cyber security and application software deployment solution” for around 60,000 pieces of equipment.
In addition to this equipment, which would include laptops, workstations and servers, the HSE has around 10,000 mobile phones in operation and 3,000 “virtual machines”.
Currently, a number of HSE areas attend to critical operating system security patching needs via local implementations and product sets, the HSE outlined in tender documents.
Furthermore, it said a virtual national environment is in place for urgent requirements arising from, for example, deployment of security patches produced in response to ransomware events.
The solution must “build a resilient, centrally-managed solution to determine software deficits across product sets on a variety of systems within the HSE”.
It will also have to “enable a discovery programme to be run, the purpose of which will be to determine the existing security patch and application software deficit across products and systems within the HSE estate”.
The provider will be responsible for responding to and fixing all problems and faults logged by the HSE. “For all service requests which the HSE advises as ‘critical’, the HSE require a maximum four-hour on-site response time,” the HSE outlined in tender documents.