Alder Hey Children’s NHS Foundation Trust has issued a response to claims that data published online and shared on social media has been “obtained illegally from systems shared by Alder Hey and Liverpool Heart and Chest Hospital NHS Foundation Trust”.
The update informs patients that the trust is working with partners to verify the data published, and to “understand the potential impact” that its publication may have. It also highlights that Alder Hey is taking the issue “very seriously”, working with the National Crime Agency to help ensure systems are secured.
Stating that the trust is taking “further steps” to follow advice from law enforcement, as well as to fulfil statutory duties around patient data; Alder Hey’s response also notes that the incident is not related to the ongoing “major” cybersecurity incident declared at Wirral Teaching Hospitals last week, which has seen outpatient appointments cancelled and the public urged not to attend A&E unless in the case of a “genuine emergency”.
The trust also reassures patients that services are operating as normal, and that they should attend appointments as usual. To read the update in full, please click here.
Cybersecurity wider trend
In October, we asked our LinkedIn audience what the biggest priority should be for health and care cyber security – board level buy-in, workforce education, funding and resources, or mandating supplier compliance? The top spot was an even split between funding and resources and mandating supplier compliance, with each option attracting 34 percent of the vote.
November saw NHS England open a market engagement stage, ahead of an upcoming NHS Cyber Risk Rating Platform tender, designed to support NHS organisations to “better understand their security posture” and their management of threats that could impact on operations and organisational data. The platform will support NHS providers assess and support the management of risk, NHSE states, with the webinar intended to share “a deeper understanding of our evolving service outcomes and insights into how we plan to roll out the platform to new and existing users”.
And Barts Health NHS Trust selected Cynerio’s Healthcare Cybersecurity Platform for deployment across all sites, choosing to implement the full suite including network detection and response for healthcare (NDR-H) technology capable of monitoring network traffic and detecting and responding to threats. The NDR-H tech from Cynerio sits within the hospital’s network, monitoring traffic without interference to traffic flow. It is designed to identify any unusual traffic, perform analysis and provide alerts to the team regarding any potential attacks, “resulting in full visibility and security analysis of connected devices” including Internet of Things (IoT), Internet of Medical Things (IoMT), information technology and mobile devices.
Be sure to look out for HTN’s newly launched cyber security professional network, designed to facilitate the sharing of best practice and ideas, and discuss challenges, approaches, learning, reflections, and more around cyber security in the NHS. The network will be an extension of our current programmes on cyber security, with an aim to connect peers across the industry, taking the form of closed online discussions. To find out more, please click here.
