Progress made in restoring HSE systems but disruption continues, says Donnelly

Initial tests on decryption key provided after cyberattack have been positive, says Minister

Minister for Health Stephen Donnelly has said although some machines in voluntary hospitals are working, radiology, oncology and laboratory services remain disrupted following last week's cyberattack.

Progress had been made up to Thursday night in getting some systems back in a number of voluntary hospitals, he told RTÉ Radio's Morning Ireland.

Among the services that have returned are the radiology system NIMIS (National Integrated Medical Imaging System), laboratory systems and patient administration systems, he said.

Radiation oncology remained a problem, the Minister said, as disruption continued across many hospitals following the cyberattack. Some machines were running but not at the level the Health Service Executive (HSE) needed.


Mr Donnelly said it was an “absolute priority” for the HSE to get machines back up and running, with teams working around the clock.

The work being done to restore all the patient systems would make the systems themselves stronger and more robust in the short and medium term, he said.

On Friday, two emergency medicine consultants warned that emergency departments are facing continued delays.

Anyone who needs to go to an emergency department should bring any previous prescriptions or details of medication with them, they told RTÉ Radio’s Today with Claire Byrne show.

Sligo hospital consultant Dr Fergal Hickey also called for a unique patient identifier number system that would mean that in the current situation the patient’s paper file could be found easily.

“We’re flying blind here, we don’t have a patient’s previous information.”

An electronic identification number should have been developed before now, but no progress has been made in the last decade, he said.

Dr Emily O’Connor, emergency medicine consultant at Connolly hospital in Dublin, said the challenge for the HSE was that any patient identification system would have to be user friendly. She warned that if any system had too many firewalls it would not be efficient for medics who were not computer literate.

The emergency department in Connolly hospital had dealt with 150 patients in the last 24 hours, she said, all of whom had to be manually registered and triaged before being seen by a clinician. A whiteboard was being used to co-ordinate treatment of patients, she explained.

Dr O’Connor said very critically ill patient was being treated, but the process was “unbearably slow” for some patients. “We’re like canaries in the mine.”

Dr Hickey added that every effort was being made to minimise risk to patients, but that a unique identifying number would help enormously.

At present patients are being given a number for every hospital they attended while if they had the one number it would make it easier to find their details no matter which hospital they attended for treatment, according to Dr Hickey.

Data protection concerns had been previously raised, he said when it was suggested that the PPS number could be used as the unique patient number. “Doing nothing isn’t an option. We are now seeing the impact of not having that.”

If a patient had a common name that would cause problems in accessing files and details, he said.

Dr O’Connor agreed, pointing out that a unique patient identifier could be of benefit when it came to cross-border treatment as well.

Mr Donnelly also said the initial responses from tests on the validity of a decryption tool provided to the HSE were positive.

He said the offer of the decryption key had come as a surprise and it was unclear why it had been provided. An Garda Síochána and the health authorities believe the tool was provided by the gang behind the attack.

When asked why the criminal gang had given them the tool, Mr Donnelly said it could be for any number of reasons and it was not useful to speculate. Mr Donnelly reiterated that no ransom was paid or will be paid to the gang behind the attack.

The Russian-speaking cyber gang was on Thursday night still threatening to publish the HSE information it accessed, including personal information relating to patients, on the dark web (a network within the internet) and to sell some of it to other criminals if the $20 million ransom is not paid.

While the decryption tool must undergo a series of tests before any effort is made to use it, several sources said the tool appeared to work and, specifically, was compatible with the encryption the HSE fell victim to.


On Newstalk Breakfast, Minister of State with responsibility for eGovernment Ossian Smyth also emphasised that no ransom had been paid. "The Government 100 per cent did not pay a ransom or get anyone indirectly to do so."

Mr Smyth said that getting the data back was like having your house burgled and then getting the contents back in a skip. Tests still had to be carried out on the data to ensure it was safe.

He added that he did not think anyone believed that providing the decryption tool was an act of goodwill. “All will come out in the wash.” It would have made absolutely no sense to pay money to the criminals, he added.

The threat to release patients’ data was being taken very seriously and it was entirely possible that this could still happen. If anyone was contacted about their data they should contact the helpline 1 800 666 111 immediately, he said.

The injunction secured in the High Court on Thursday was a standard approach in such circumstances, he said, and was taken to obstruct anyone attempting to share information that appeared on the dark web. It was relevant to anyone who would consider sharing that information.

“Unfortunately there are some people who think these things are funny,” he said. “We are taking this thing very seriously which is why we went to the High Court.”

In the short and medium term the work that was being done at present on all systems was making them stronger and more robust, he said. There had been a substantial increase in IT funding in the HSE, staff had been doubled.