RSS Alerts

Share

More services

Related Links

Related Stories

  • UK Government squares up to privacy campaigners over health data
    The UK’s new proposals for the storage and sharing of personal health data, announced by prime minister David Cameron today, are likely to cause a head-on collision with privacy activists.
  • Calderdale and Huddersfield NHS trust investigates laptop patient data loss
    Officials with the Calderdale and Huddersfield NHS foundation trust have revealed they are staging a high-level investigation into the theft of a laptop from a hospital that resulted in the loss 1,500 patients' personal details last December.
  • Nosey NHS staffer looked at patient records 330-plus times
    An NHS IT manager in Yorkshire has been warned he faces a prison term after he admitted illegally spying on medical records of patients. Data security specialist Imperva says the fact that he was able to do this highlights the need to lock down private data in large organisations, and only allow viewing on a need-to-access and auditable basis.
  • Comment: The Future of Smartphone Security
    Daniel Burrus, founder and CEO of Burrus Research, outlines the future of smartphone security, including insight into how smartphone apps will affect the information security industry
  • Royal Wolverhampton NHS trust loses patient data
    Royal Wolverhampton Hospitals NHS Trust lost a CD containing the unencrypted records of 112 patients from the intensive care unit of New Cross Hospital's heart and lung unit, the Information Commissioner's Office (ICO) has found.

Top 5 Stories

News

NHS hit by over 8000 viruses in one year

14 July 2009

The NHS was infected by over 8000 (computer) viruses over the last year, many of which could have been avoided if information security policies and technologies were properly adopted.

In November, the Mytob worm caused problems in three major London hospitals where it overloaded computer networks, affecting services such as blood test results, X-rays and patient administration. According to More4 News, the incident could have been avoided if security updates had been applied to their network months earlier.

The UK news service requested information from all NHS trusts in England, and through the 75% that replied, it was revealed that over 8000 viruses got through information security systems with 12 incidents affecting clinical departments – and ultimately, patient care.

Earlier this year, NHS trusts in Scotland were struck by the Conficker worm freezing staff out of computers for two days, which amongst other departments, caused problems for a cancer treatment centre – where any delays could jeopardise patient health.

In an official report into the incident, it was found that antivirus systems had been turned off or not properly applied, and that it was therefore completely avoidable.

The NHS is currently building a £13 billion network linking together medical records of everyone in England. In a statement to More4 News, the NHS said: “Electronic patient records systems are protected by the highest level of access controls and other security measures. These levels of security are fare higher than any which can be imposed on access to paper records or the majority of local NHS IT solutions.”

Infosecurity notes, however, that with the UK Government’s past track record of data loss incidents, it will be interesting to see how efficient these information security measures will be.

Andrew Clarke, senior vice president, international at endpoint security solution provider Lumension of Scottsdale, Arizona, USA, said, however, that “it is important to note that the NHS hasn’t stood still for the last six months when it comes to updating its security defences. We’ve seen various NHS organisations, including NHS Scotland, looking for new security solutions to address both emerging threats and enforce data protection.”

He warned, however, that relying on antivirus applications alone to keep systems secure from viruses and other attacks, is not enough: “Although it still plays a role in helping to protect against the latest known security outbreaks, it is not able to defend against emerging threats on its own. After all, it is a reactive approach to security that relies on the application of thousands of security signatures before an outbreak occurs.

“By taking a proactive approach to security to control applications, malicious code won’t get the chance to execute - putting an end to mass propagating viruses that disrupt computer systems on a mass scale”, Clarke added.

This article is featured in:
Data Loss  • Encryption • Internet and Network Security • Malware and Hardware Security • Public Sector

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012