Written answers
Tuesday, 29 June 2021
Department of Health
Cybersecurity Policy
Róisín Shortall (Dublin North West, Social Democrats)
Link to this: Individually | In context | Oireachtas source
467. To ask the Minister for Health the steps he is taking to protect the sensitive medical data targeted in the ransomware attack; the type of data affected; and if he will make a statement on the matter. [27069/21]
Stephen Donnelly (Wicklow, Fianna Fail)
Link to this: Individually | In context | Oireachtas source
As this Parliamentary Question relates to an operational issue, it is a matter for the HSE. However, members of the Oireachtas are advised that the HSE is currently unable to access the information to answer Parliamentary Questions due to the recent cyber-attack, which has required a temporary shut-down of HSE IT systems. The disruption to service is on-going, and the HSE is working hard to restore its IT capacity and resume normal services. Members of the Oireachtas will be advised as soon as the HSE is again in a position to provide responses to PQs and are encouraged to resubmit their Parliamentary Questions at that point.
Róisín Shortall (Dublin North West, Social Democrats)
Link to this: Individually | In context | Oireachtas source
468. To ask the Minister for Health the expertise that exists within the health service to detect and prevent ransomware cyberattacks; and if he will make a statement on the matter. [27071/21]
Stephen Donnelly (Wicklow, Fianna Fail)
Link to this: Individually | In context | Oireachtas source
In the wake of the recent ransomware attack, the Health Service Executive has deployed additional expertise, resources and technology to provide enhanced monitoring of systems and networks. This is considered an interim measure as they procure a permanent Security Operations Centre to provide security and threat incidence monitoring and response including:
- monitoring and alerting on portals and software;
- monitoring and incident management of all devices on the network to ensure that all devices are compliant with rules/policies;
- threat incident response including triage, close and/or escalation.
No comments