The NHS must invest in cyber security before another attack puts patients in danger, a Suffolk MP has said.
Central Suffolk and North Ipswich MP Dr Dan Poulter believes more needs to be done to make sure the ransomware attack in May – computers were disabled until a fee was paid – is not repeated.
During the attack – which has now been linked to North Korean hackers – Colchester General was forced to halt all non-urgent surgery and appointments while GP surgeries across Suffolk were advised not to use their systems.
The former health minister said: “Because of the great pressures on the hospitals and the rise in demand from patients, money for things like IT can get spent elsewhere. That is understandable.
“But every hospital needs to offer a gold standard in protecting data, patient records and the ability for the staff to care for the patients. This is an issue of patient safety.
“Most companies will spend around 10% of their budget on IT – whether that is support, investment in new equipment or skills. But most hospitals spend something like 4%.”
His comments come as the Chartered Institute of IT blamed a lack of accountability and investment for the attack not being stopped.
Dr Poulter believes putting more robust systems in place to keep hospitals safe will not “cost a huge amount” but says that instead of ring fencing cash the government should press for NHS England to include an assurance in their standard contract to care providers.
But he does recognise that GP surgeries may need support to get their security up to standard.
“Often surgeries are run like small businesses,” Dr Poulter added. “It is vital they are safe and secure as well – that might mean some extra support.
“But it is very important that we can have systems that connect on a day-to-day basis to share information. So all the elements need to be properly secure and protected.”
A spokesman for Colchester General said: “Since the cyber attack we have accelerated our plans to enhance and strengthen our resilience to future attacks by deploying an additional layer of technology, appointing a dedicated cyber security administrator and launching a staff education programme.”
The Trust has also applied for accreditation to a government scheme to help provide adequate protection.
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules here