One week on and the WannaCrypt ransomware attack continues to impact NHS trusts across England, causing delays and disruptions to services.
Barts Health NHS Trust, the largest in England, was one of the hardest hit, having to redirect ambulances away from its three A&E units for six days.
While most of its planned surgery and outpatient appointments continue, it has had to reduce the volume of planned operations and clinics on Friday.
In a recent statement posted on its website, it said that patients will be directly contacted if their appointments need to be cancelled.
“It is possible that we will not be able to contact all patients that we need to speak to, so we apologise if we are unable to proceed with your treatment once you arrive at hospital.”
Barts was only just recovering from a massive network failure at the end of April which had left staff without access to pathology and diagnostic imaging.
Northumbria Healthcare NHS Foundation Trust was one of the first organisations to suffer from the cyber attack. It is part of the north east region which was reported to be the worst hit area in England.
According to its most recent press release, despite having the most up-to-date antivirus protection available, the trust was infected on PCs that the patch did not cover.
Questions were raised over the weekend, that trusts using Windows XP software had been left vulnerable with security upgrades not being installed.
The majority of Northumbria Healthcare’s clinical services has now returned back to usual. But the trust continues to restore other non-clinical systems.
“Northumbria Healthcare is now working hard to clear the backlog caused by the cyber-attack and ensure those patients who were directed affected have their treatment rearranged as a matter of priority”, the trust said in a statement.
The trust’s executive medical director, Jeremy Rushmer said it has been an unprecedented and a challenging time for everyone – and we need to understand why this happened.
“We will now work collectively to learn from this and continue to make our systems as safe as they possibly can be.”
The trust also quickly alerted all other NHS organisations in the region including primary care services, who were then able to quickly isolate or take additional steps to protect their systems where applicable.
Greater Preston Clinical Commissioning Group’s May board papers reveal that in its practices an average of 59% of the computers were affected. The CCG established an “incident room” that lasted from Monday to Friday.
North England Commissioning Support Unit reported on Wednesday, that almost all computers in GP practices were back online. Some still face access issues to NECS public wifi.
United Lincolnshire Hospitals NHS Trust have had to cancel its mobile breast screening appointments in Horncastle and Long Sutton. Appointments in Boston, Lincoln County are going ahead unless patients are notified otherwise.
“We are hopeful that this will be resolved next week”, the trust said on Thursday.
Another badly hit trust, Southport and Ormskirk NHS Trust, is also back in business. However, it warns that there are some delays in clinics. It had published in its board papers just days before the attack that “the trust does not have plans in place for what to do in the event of a cyber security attack”.
All trusts have thanked staff who have been working tirelessly to return computer systems and clinical services back to normal.