Trusts could be facing £1 million recovery bill from cyber-attack

Cyber Security, News

  • 30 May 2017
Trusts could be facing £1 million recovery bill from cyber-attack
Shireen Khalil
May 4, 2017

Trusts are yet to reveal the recovery costs of the recent cyber-attack, but one trust source is estimating a million pound plus bill.

Digital Health News contacted a total of 12 trusts across England – part of the remaining 48 initially affected – who recently got systems and services up and running again.

While most could not disclose direct financial implications as a result of the cyber-attack, a source at one of the trusts has indicated it will exceed £1 million.

An East and North Hertfordshire NHS Trust spokesperson said it is unable to provide a figure for some weeks and according to a Freedom of Information report requested by Digital Health News, Colchester Hospital University NHS Foundation Trust stated it too could not give a price tag until the incident is fully evaluated.

The trust said: “Unfortunately the trust is applying an exemption under Section 22 of the Act (Information intended for future publication) as although the trust holds the information you have requested, it will be published in the near future.”

“This exemption is subject to the public interest test and after due consideration the trust does not feel that disclosing this information before its intended publication date is in the public interest.”

The Essex trust’s Harwich Hospital had to cancel its outpatient appointments and postponed some routine appointments due to the attack. However both clinical and non-clinical IT systems are now fully operating.

Colchester Hospital confirmed it does hold information relating to the overall financial implications of the Wannacrypt ransomware , however it isn’t in a position to release it yet.

“Unfortunately although the trust does hold the information you require, we are applying an exemption to these questions under Section 31(a) Law Enforcement of the FOI Act, as disclosing this would be likely to prejudice the prevention or detection of crime.”

It said any data regarding the security of the trust’s IT systems, whether physical or technical, would fall into this exemption, as this information could be used to attack the trust’s systems.

“This exemption is subject to the public interest test, and due to the personal and sensitive information held on our systems, we do not believe it is in the public interest to release it.”

An NHS England spokesperson said it cannot disclose costs or statistics.

Click here for Digital Health News’ two-week wrap of the cyber-attack

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Prev News

Could Apple be working on its own glucose monitoring technology?

Next News

GP statistics available to public through new data hub

Related News

Norfolk and Norwich University Hospitals investigating cyber attack
News July 25, 2024

Norfolk and Norwich University Hospitals investigating cyber attack

NHS England’s cyber security operations centre is investigating a cyber attack at Norfolk and Norwich University Hospitals NHS FT.
King’s speech sets out Labour’s plans for cyber security, digital and data
News July 17, 2024

King’s speech sets out Labour’s plans for cyber security, digital and data

Prime Minister Keir Starmer's plans to introduce legislation for cyber security, digital and data were outlined in the King’s Speech on 17 July.
Patient groups oppose NHSE plans for unified clinical registry platform
News July 3, 2024

Patient groups oppose NHSE plans for unified clinical registry platform

Patient groups for people with blood disorders have raised concerns about NHS England plans to combine clinical registries in a single platform.

1 Comments

  • Dave says:
    30 May 2017 at 11:06 PM

    You should distinguish where problems a result of “attack” or result of management actions

Comments are closed.