Cyberattack: HSE faces final bill of at least €100m

Appointments for about 7,000 patients a day being cancelled due to hack on IT systems

HSE CEO Paul Reid Reid stressed there was an urgent need for learning across the public services from what had happened. Photograph: Leon Farrell / Photocall Ireland

HSE CEO Paul Reid Reid stressed there was an urgent need for learning across the public services from what had happened. Photograph: Leon Farrell / Photocall Ireland

 

The cyberattack on IT systems in the health service will cost it at least €100 million, according to chief executive Paul Reid.

This is at the lower end of estimates of the total cost, he indicated, and includes the cost of restoring the network, upgrading systems to Microsoft 365 and the disruption caused to patients.

Appointments for about 7,000 patients a day are being cancelled, almost two weeks after a criminal gang hacked the HSE systems.

Mr Reid said the HSE was keen to see an independent and objective assessment of the cyberattack.

The HSE board has discussed the need for an assessment at its most recent meeting and will finalise proposals soon, he told a weekly HSE briefing on Thursday.

In addition, the international consultants who have been helping the HSE o restore services after the attack will provide it with an objective report on the incident, he said. Mr Reid stressed there was an urgent need for learning across the public services from what had happened.

The disruption caused by the criminal hack of its systems will continue for some time to come, he said.

Progress has been made in restoring services, especially in the past 48 hours, but the HSE is “a long way” from having all services restored.

Some hospitals have multiple systems up and running, another group of hospitals have some systems operational again and a third group have no services active.

Describing the level of risk involved as “red hot”, he said the people behind the attack were “beyond contempt” and “without a base of morality”.

The actions of staff were not just about mitigating the effects of the attack but also relentlessly striving to provide a safe level of care, he said.

Patients are facing delays “across the board” in the health service, HSE chief operating officer Anne O’Connor said, though IT systems are being incrementally restored.

A patient management system has been fully restored in nine sites, while the NIMIS system for reading scans is operating now in 24 out of 64 sites.

Endoscopy is operational at five sites, while 28 labs are online and 16 are offline, she said.

Out of 80,000 devices in the health service, 14,000 have been “plugged in” as a first step to logging them in again.

Ms O’Connor said emergency departments were open and busy, some at their busiest for two years, while cancer services were back to 80-100 per cent capacity.