It was not a great week for cyber security in healthcare around the world as malicious actors let loose, taking out Waikato DHB’s IT systems on Tuesday and having a go at the Alaskan Department of Health later in the week. Those incidents follow the massive attack on Ireland’s healthcare service last week, which was described by its CEO as catastrophic and affected the whole country. It is still recovering, but so is the Scripps Health network in San Diego, which continues to struggle two weeks later.
Early reports linked the perpetrators of the Irish attack to Waikato but that has since been disputed by the Ministry of Health, and it is still not clear who or what is responsible. One unexpected consequence has been disruption to the DHB’s payroll system – not only are clinicians having to revert to pen and paper, but the beancounters are too. The Victorian health system, which has had its fair share of cyber issues in the last few years, got a bit of cash in Thursday’s state budget to fix some of its cyber gaps, including money for next generation anti-virus protections, a Security Operations Centre, and a recovery service in the event of a successful attack.
Orion Health CEO Ian McCrae didn’t hold back this week in a letter he penned to New Zealand’s Auditor-General John Ryan, asking Mr Ryan if his beancounters could take a close look at the procurement of the new Salesforce-based solution being rolled out to support the COVID-19 vaccination program.
Calling the reported expenditure of $38 million for the system scandalous, Mr McCrae took the NZ Ministry of Health (MoH) to task over what looks like a behind-closed-doors approach to the procurement as well as its expense, claiming he and his team could have had a system up and running in a month for 50 grand and a bit of spare change.