Tuesday, February 4, 2025
Latest:
The Register

Cyberattack on NHS causes hospitals to miss cancer care targets

TH Author

NHS execs admit that last year’s cyberattack on hospitals in Wirral, northwest England, continues to “significantly” impact waiting times for cancer treatments, and suspect this will last for “months.”

Silhouette of a woman with clouds signifying health concerns

Cancer patient forced to make terrible decision after Qilin attack on London hospitals

READ MORE

During the attack, which began on November 25 2024, the main clinical system was pulled offline and by December 5 the teams were still battling to get systems back online. The hospitals said criminals broke in via a shared “digital gateway service,” causing them to resort to pen and paper operations and cancel outpatients appointments.

A week-by-week breakdown of the Wirral University Teaching Hospitals (WUTH) trust’s progress in meeting NHS waiting time targets showed that in December, the number of patients waiting for cancer treatment soared to the highest levels seen in 2024.

The NHS sets all regional trusts’ metrics for treating cancer patients. One of these is the 62-day referral to treatment (RTT) standard which aims to provide patients with their first course of treatment within 62 days of being referred for an initial diagnosis. 

WUTH’s December data showed the number of 62-day waiters exceeded 100 for every week in the month – the first time that has happened since June. The number of waiters also rose to the highest weekly number all year by the time December 30 came around, with the total standing at 174.

For comparison, the number hadn’t risen above 90 throughout the entirety of the three months prior.

The trust’s performance against the 104-day standard, whereby cancer patients wait for 104 days or longer to receive their first treatment, also dropped to uncommonly non-compliant levels. 

The five weeks in December saw the number of 104-day waiters rise to unacceptable levels. WUTH had only recorded two other weeks throughout the year that fell short of the standard, with all others meeting it, and in most cases, doing so comfortably.

“The clinical divisions are continuously working through options to reduce the backlogs of patients awaiting elective treatment and progress is being made to improve waiting times for patients,” wrote Hayley Kendall, COO and deputy CEO at WUTH trust, in a recent board of directors update [PDF].

“The cyber incident was seen to impact elective performance both in terms of the loss of activity that would have provided treatment/diagnostic and stopped waiting times for patients, and on the ability to validate the waiting times position. Performance across RTT, cancer, and diagnostics was affected. Operational teams are working through plans to recover lost activity.”

Kendall noted that meeting the waiting standards post-COVID is still a work in progress, but said that prior to the cyberattack in late November, this was advancing positively. 

However, the attack, which bled into early December, is expected to continue impacting patient care throughout January. Despite the report being published on January 29, the data covered in it only concerns March-December 2024.

Kendall said that it’s normal for a dip in performance to be seen around the Christmas months due to predictable staffing issues, but the cyberattack exacerbated this, impacting cancer treatment performance, and she said it would take a number of months for the caregivers to recover.

The cyberattack also impacted other areas of WUTH’s ability to care for general outpatients and inpatients during December. Kendall said gynecology was the worst affected for 65-week and 52-week waiters although signs of improvement were showing in January.

Overall, WUTH missed many of its treatment targets for December. Kendall attributed this mainly to the cyberattack, which led to canceled appointments and elective procedures. She also mentioned the interruption of recording activity to Cerner, the Oracle-owned health system used for administering electronic prescriptions, although she said staff are working to ensure activity is properly recorded as part of the cyber cleanup.

The Register approached the trust for additional information but it didn’t respond.

Financial loss

In the most recent report [PDF] to the trust’s board of directors, Sue Lorimer, chair of the Finance Business Performance Committee, hinted at the costs associated with the attack, the nature of which is still unknown.

It was never claimed by a known cybercrime or ransomware outfit, and when asked for more details at the time, WUTH referred us back to its approved statement, which merely stated a major incident was declared for cybersecurity reasons.

The report noted that a full financial breakdown of the incident will come in future board updates, but Lorimer confirmed the attack has contributed around £3 million ($3.7 million) to the trust’s overall £14.7 million ($18.15 million) forecasted deficit.

Lorimer said “the trust’s cash position is significantly lower than required for effective operation,” although additional funding requests for a total of £7.5 million ($9.2 million) were approved to cover January and February’s costs. The trust is also requesting £13 million ($16 million) to cover March, approval of which is pending.

“The Committee received feedback on the response to the cybersecurity incident noting the learning from this and acknowledging the excellent response from all team members.”

Cyber function plods along

Chris Mason, WUTH’s CIO, told the board that while the impact on patient care suffered in December, the trust’s cybersecurity function continued to meet performance standards, for the most part.

He said the trust responded to 100 percent of CareCERT alerts within the 72-hour compliance window, servers’ responsiveness was above the 95 percent threshold, and P2 service desk targets were also met.

The team is still struggling to make a dent in the backlog of subject access requests, however, and Mason also pointed to a well-told cyber story, especially in recent weeks, that staff vacancies continued to present an issue.

Cyber and coding roles are among those that need filling, with WUTH’s Technical Infrastructure Team currently managing cybersecurity duties while the role of Cyber Manager is waiting to be filled.

An increase in staff accepting new jobs in the wider region and a number of retirements in the business intelligence and information department has grown the staffing shortfall to 13.9 percent as of January 29. ®

READ MORE HERE