Ruairi Ó Murchú (Louth, Sinn Fein)
Link to this: Individually | In context | Oireachtas source

2439. To ask the Minister for Health the status of the recovery plan for HSE services and patients impacted by the cybersecurity incident; and if he will make a statement on the matter. [28585/21]

Stephen Donnelly (Wicklow, Fianna Fail)
Link to this: Individually | In context | Oireachtas source

On 23 March 2021 the HSE published the “Safe Return to Health Services ” Plan. This Plan provided an operational framework for the safe return to services in a COVID environment at a local level. It included an overview of the services to be resumed, the target for their safe return and some detail on the conditions and challenges that have to be met. It is important to emphasise that every phase was informed by clinical guidance and putting patient safety first.

Following an analysis of need, capacity and patient safety, and taking into account scenario models, the Plan outlined a phased approach for the proposed restoration of services across Community Services, Acute Operations, Cancer Services and Screening Services.

While much progress has been made on the Plan, health care services have also been impacted by the cyber-attack. The HSE has been working since 14 May last to recover the effects of the cyber attack on its systems. The attack had the impact of removing access to most patient and care systems as well as the central business systems of the HSE. Over the last weeks many of these systems have been recovered and services have recommenced. There was a priority focus on key systems in the hospital and community areas with a view to resuming vital services. Some of the key areas recovered included, radiotherapy, laboratory, imaging, pharmacy, mental health systems, email and patient administration systems.

At present most systems are operational and services are returning to normal activity. There is a challenge in back entering data and indeed loss of records at a time when the HSE was working mostly on paper based processes

As this Parliamentary Question also relates to operational issues, it is a matter for the HSE to reply. However, members of the Oireachtas are advised that the HSE is currently unable to access the information to answer Parliamentary Questions due to the recent cyber-attack, which has required a temporary shut-down of HSE IT systems. The disruption to service is on-going, and the HSE is working hard to restore its IT capacity and resume normal services. Members of the Oireachtas will be advised as soon as the HSE is again in a position to provide responses to PQs and are encouraged to resubmit their Parliamentary Questions at that point.

Ruairi Ó Murchú (Louth, Sinn Fein)
Link to this: Individually | In context | Oireachtas source

2440. To ask the Minister for Health the status of the full extent of the cyber security incident; and if he will make a statement on the matter. [28586/21]

Gary Gannon (Dublin Central, Social Democrats)
Link to this: Individually | In context | Oireachtas source

3343. To ask the Minister for Health the service framework, governance framework and technical framework in place prior to the HSE ransomware attack as recommended by the HSE Chief Information Officer. [41406/21]

Gary Gannon (Dublin Central, Social Democrats)
Link to this: Individually | In context | Oireachtas source

3344. To ask the Minister for Health the service framework, governance framework and technical framework now in place since the ransomware attack on the HSE. [41407/21]

Stephen Donnelly (Wicklow, Fianna Fail)
Link to this: Individually | In context | Oireachtas source

I propose to take Questions Nos. 2440, 3343 and 3344 together.

The Health Service Executive (HSE) reported to the Joint Committee on Health on 23 June 2021 with an update on the extent and response to the cyberattack which can be found on the Oireachtas website at the following link:

data.oireachtas.ie/ie/oireachtas/debateRecord/joint_committee_on_health/2021-06-23/debate/mul@/main.pdf

The cyberattack had the impact of removing access to most patient and care systems as well as the central business systems of the HSE. I have been advised that over the last weeks many of these systems have been recovered and services have recommenced. Some of the key areas recovered included, radiotherapy, laboratory, imaging, pharmacy, mental health systems, email and patient administration systems.

The HSE has deployed additional expertise, resources and technology to provide enhanced monitoring of systems and networks. This is considered an interim measure as they procure a permanent Security Operations Centre to provide security and threat incidence monitoring. With the support of the Department of Health, it will continue to invest strategically in technical infrastructure, cyber defences and the resources necessary to protect the systems and data that are vital to the safe operation of the health system.

The Department of Health became aware of some irregular activity on its network on the afternoon of Thursday 13 May 2021, and immediately notified the National Cyber Security Centre (NCSC) and implemented further security measures. The attack was contained and prevented from executing across the ICT infrastructure. All ICT systems were immediately shut down as a precautionary measure.

Improved security measures have already been put in place within the Department of Health ICT systems. A complete security review of the ICT infrastructure is currently being finalised and specialised software has been installed to mitigate against malicious software, and to provide early warning notifications of same. The system is fully monitored, providing for a rapid response to any notified incidents.

The Department of Health and the HSE continue to liaise closely with the National Cyber Security Centre and other strategic stakeholders to ensure that best practice is followed as it relates to all aspects of cyber security.