HSE head Paul Reid has said that the recent cyberattack had a “devastating impact” on the health service which could not be overstated, and that less than 25% of its devices had been restored to date.
According to Reid, many of the basic tools needed to treat patients were “completely disarmed.”
“We continue to make further progress, but it can’t be overstated the devastating impact that this has had on our health service,” he said.
“It’s practically been a complete wipeout of over 2,000 systems, all having to be rebuilt from a base level and re-established in a very controlled manner and in a coordinated, safe manner.
“Many organisations, public or private, could be completely overwhelmed by any such impact. But for the relentless passion, commitment of our healthcare teams, the relentless focus to protect our patients, it’s unmatched in any organisation I’ve ever seen.”
Following the ransomware attack, the HSE was forced to shut down all of its IT services, which led to thousands of hospital appointment cancellations nationwide.
“It’s not just about getting a decryption key and starting back to where you were,” Reid said.
“In essence, we have to really rebuild our systems in a whole new way. There’s been quite a serious impact and trail of destruction left behind as part of the cyberattack, which we have to clean up.”
The health chief said that for the past 3 weeks, staff have had to manually record all info, which is very technical and leaves, in his words, “no margin for error.”
“There’s no doubt that every action that they take, every minute of every day, carries enormous risk in the current environment without the full basic tools they need,” said.
Reportedly, less than 25% of HSE devices have been decrypted and restored.
Reid said that the HSE is working with gardaí and social media giants to scour the internet for dumped patient data and hopefully remove it as quickly as possible.
The HSE’s Chief Operations Officer, Anne O’Connor, spoke of the major delays being experienced by the HSE in terms of appointments.
“We know that people are concerned in terms either if they attend an emergency department what their experience will be, but also just the delays in their care if they had appointments cancelled,” she said.
She added that, because of the volume of repair work needed, there were serious risks that overworked staff could make errors while manually transcribing information for hours on end.
“There are risks associated with our own staff, who are flat out.,” said O’Connor.
“This is day 21 for us and we have people who have been working relentlessly trying to either address the IT element or the services. There are higher risks of clinical errors in manual transcription and the access of systems. The longer that goes on and the more tired staff are, we have to keep an eye on that.”
As O’Connor pointed out, these disrupted services carry the risk of delayed diagnoses for serious illnesses that could otherwise have been caught early.
“There are risks of potentially delayed diagnosis and other risks arising from cancellations and the slowing of services,” she said.