A National Health Service Trust in the United Kingdom has reported being attacked with a computer virus. The incident was so severe it has forced the Trust to shutdown the majority of its computer systems. Without access to computers, three NHS hospitals have had to cancel all scheduled operations on November 1. More than 1,000 appointments and scheduled operations were cancelled as a result of the infection.
The virus was discovered by the Northern Lincolnshire and Goole NHS Trust, which runs Goole and District Hospital, Princess of Wales Hospital in Grimsby, and Scunthorpe General Hospital. The decision was taken to shutdown its computer systems in an effort to isolate the virus and prevent its spread. Efforts are now continuing to remove the virus from all affected systems.
The hospitals have kept their emergency departments open and the ambulance service is still operational, but without access to computer systems the hospitals are only dealing with medical emergencies. Patients have been advised not to visit the hospitals unless medically necessary. Where possible, patients have been transferred to neighboring hospitals for treatment and doctors have resorted to pen and paper while the computer systems are out of action. While computer systems have been affected, the NHS Trust reports that patient safety has not been compromised.
Dr Karen Dunderdale, deputy chief executive for the NHS Trust said appointments have been cancelled for two days while the infection is removed. She also said the situation is being reviewed on an hourly basis. Clinicians will continue to see, treat, and operate on patients who would be at significant clinical risk if their medical treatment is delayed.
It is unclear whether further operations and appointments will need to be cancelled and when the NHS trust will be able to access its computer systems, although it is hoped that normal service will be resumed by Wednesday.
At present, little is known about the nature of the virus, how it was installed on the NHS Trust’s network, and the risk it posed to systems and data.