NHS England’s response to the cyberattack ‘could have been better coordinated’ a report from Cambridge University Hospitals NHS Foundation Trust has said.
In a report to the trust’s board of directors, trust leaders said the hospital wasn’t told when a major incident was declared or what was expected of them once it was.
NHS England’s response to the cyberattack ‘could have been better coordinated’ a report from Cambridge University Hospitals NHS Foundation Trust has said.
In a report to the trust’s board of directors, trust leaders said the hospital wasn’t told when a major incident was declared or what was expected of them once it was.
The report said: ‘NHS England could have been better coordinated, particularly at the beginning of the incident. The Trust was not formally notified that NHS England had declared a major incident and their expectations of the Trust.’
The report was written by Shamsu Choudry, the trust’s resilience manager; Julie Smith, acting director of operations; and Zafar Chaudry, chief information officer, added that their incident team managed the discussions surrounding diverts ‘and arbitrated the different requests without having the full regional picture’.
The report states that NHS England only engaged with trusts it knew to be affected by the attack but argues that ‘there is an equal need to coordinate and maintain operational performance’ across all trusts.
While the virus did not affect Cambridge trust’s IT infrastructure, the trust took precautionary measures by disabling external emails and disconnecting NHS mail.
An NHS England spokesperson said: ‘Whilst the NHS has tried and tested plans for major incident response, the recent global cyber attack presented a unique set of challenges.
‘It is testament to the dedication of NHS staff that despite some disruption to services, safe patient care was maintained throughout the attack. Learning from this incident has already informed how we will manage any future cyber attacks.’
