Trusts could be facing £1 million recovery bill from cyber-attack

Cyber Security, News

  • 30 May 2017
Trusts could be facing £1 million recovery bill from cyber-attack
Shireen Khalil
May 4, 2017

Trusts are yet to reveal the recovery costs of the recent cyber-attack, but one trust source is estimating a million pound plus bill.

Digital Health News contacted a total of 12 trusts across England – part of the remaining 48 initially affected – who recently got systems and services up and running again.

While most could not disclose direct financial implications as a result of the cyber-attack, a source at one of the trusts has indicated it will exceed £1 million.

An East and North Hertfordshire NHS Trust spokesperson said it is unable to provide a figure for some weeks and according to a Freedom of Information report requested by Digital Health News, Colchester Hospital University NHS Foundation Trust stated it too could not give a price tag until the incident is fully evaluated.

The trust said: “Unfortunately the trust is applying an exemption under Section 22 of the Act (Information intended for future publication) as although the trust holds the information you have requested, it will be published in the near future.”

“This exemption is subject to the public interest test and after due consideration the trust does not feel that disclosing this information before its intended publication date is in the public interest.”

The Essex trust’s Harwich Hospital had to cancel its outpatient appointments and postponed some routine appointments due to the attack. However both clinical and non-clinical IT systems are now fully operating.

Colchester Hospital confirmed it does hold information relating to the overall financial implications of the Wannacrypt ransomware , however it isn’t in a position to release it yet.

“Unfortunately although the trust does hold the information you require, we are applying an exemption to these questions under Section 31(a) Law Enforcement of the FOI Act, as disclosing this would be likely to prejudice the prevention or detection of crime.”

It said any data regarding the security of the trust’s IT systems, whether physical or technical, would fall into this exemption, as this information could be used to attack the trust’s systems.

“This exemption is subject to the public interest test, and due to the personal and sensitive information held on our systems, we do not believe it is in the public interest to release it.”

An NHS England spokesperson said it cannot disclose costs or statistics.

Click here for Digital Health News’ two-week wrap of the cyber-attack

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Prev News

Could Apple be working on its own glucose monitoring technology?

Next News

GP statistics available to public through new data hub

Related News

Patient groups oppose NHSE plans for unified clinical registry platform
Cyber Security July 3, 2024

Patient groups oppose NHSE plans for unified clinical registry platform

Patient groups for people with blood disorders have raised concerns about NHS England plans to combine clinical registries in a single platform.
Harnessing AI and cybersecurity to transform healthcare in the UK
Opinion June 28, 2024

Harnessing AI and cybersecurity to transform healthcare in the UK

The UK healthcare sector is in a transformative era, driven by advancements in artificial intelligence (AI). AI has the potential to revolutionise healthcare by improving…
Junior doctors break strike to assist at sites hit by cyber attack
Cyber Security June 28, 2024

Junior doctors break strike to assist at sites hit by cyber attack

Guy’s and St Thomas’ and King’s College Hospital NHS Foundation Trusts continue to experience major disruption following the cyber attack on Synnovis.

1 Comments

  • Dave says:
    30 May 2017 at 11:06 PM

    You should distinguish where problems a result of “attack” or result of management actions

Comments are closed.