The home secretary has said NHS trusts should “make sure they do upgrade” their IT systems in response to the huge cyberattack which hit the NHS yesterday.
Amber Rudd told the BBC: ”I would expect NHS trusts to learn from this and make sure they do upgrade,” She indicated that the Care Quality Commission looked at IT systems and indicated the regulatory may have a greater role, saying ”they will be advising [trusts] to [upgrade]”.
She was asked about the widspread use of Windows XP in the NHS and acknowledged it “is not a good platform for keeping your [systems] safe as the modern ones”. The outdated operating system was released in 2001 and largely superceded by 2010, meaning it is particularly vulnerable to infection and exploits.
Mr Rudd told the Radio 4 Today programme: ”I would expect them [trusts] all to move forward with [upgrading].”
She said some parts of the NHS could have avoided infection because they had properly updated their systems, for example by installing a patch which was released earlier this year. “Is it that some areas are following good advice?” she said. Ms Rudd said this would be reviewed.
HSJ has reported on a large London hospital trust which had identified internally the risks from outdated systems, due to years of under investment. It had begun updating from Windows XP.
The home secretary said: “So far all we have seen is patients inconvenienced…. the NHS are brilliantly managing to weave through this disruption.” She said patient records had not been compromised.
She said NHS trusts were encouraged to seek support from national cybersecurity teams where needed. “They’ve all been asked to check their systems over night. They will now be finding out what level of difficulty they have.”