Health and Safety Consultancy Services for SMEs in Birmingham, West Midlands and beyond

NHS cyberattack could be a health and safety nightmare
Posted by David Cant on May 15, 2017

NHS cyberattack could be a health and safety nightmare

cybercrime in the workplaceWhen news broke that NHS hospitals across the UK had fallen victim to ransomware, there was obvious shock and concern. At least 48 trusts were infected, taking computer systems offline and seriously disrupting the treatment of patients.

The full scale of the attack has yet to be revealed, but it is clear that key systems have been compromised by hackers.

What happened?

Each of the affected hospitals has become infected with a special form of the computer virus known as “ransomware”. These infections encrypt files and data, rendering them inaccessible. The only way to regain access is to pay a ransom to the hackers or to restore the damaged files from backup. Depending on how many files are affected, this could take many days.

Security analysts believe that the attack relies on the victim – in this case, the NHS – having the outdated software or inefficient security provisions. It is believed that many of the infected computers at the NHS are still running Windows XP which Microsoft withdrew support some years ago.

The NHS has delayed upgrading and patching their systems for a number reasons, not least the enormous cost involved in such a project. In addition to the cost of upgrade licenses, the trusts each need to test to ensure that clinical systems work properly.

What does it mean for you?

The NHS attack is a warning for all businesses. Insufficiently protected computers anywhere are vulnerable to similar attacks. Any construction firm experiencing a similar infection will find their operations severely disrupted – at potentially significant cost.

Worse still, the inability to access key information has placed patients’ lives at risk. Our reliance on computer systems means that health and safety have now become a digital issue too.

How would losing access to your risk assessments affect site safety? Or any health details you keep on your employees? You rely on these details to plan the measures that keep people safe – without them, your provisions will lack key details and be less safe as a result.

To avoid an NHS-like malware disaster, your business will need to seriously consider how it approaches IT security. Delaying upgrades and patches may help to contain costs in the short term, but could also spell disaster if you do fall victim to cyber criminals.

Don’t be caught out

Your business has a duty to do everything it can to protect employees and members of the public. If a computer systems breach means that you cannot fulfil that duty, you could find yourself in trouble with the HSE and the Information Commissioner’s Office (ICO).

To avoid an NHS-like disaster, you should conduct a risk assessment on your IT systems too – including a check on whether your software needs to be updated. You never know – you may just save someone’s life.

To learn more about risk assessments, please get in touch.


Director at Veritas Consulting. The SME's favourite go-to consultant for health and safety know-how. Bucket loads of experience. Fluent in practical advice. Solutionist with a brain you can pick.

You can find him across Social media - Twitter and Facebook also Linkedin

This post has been filed in: Blog

Post a Comment

Your email is never published nor shared. Required fields are marked *


(Spamcheck Enabled)

Latest Blog Posts
The workplace is no place for risks The workplace is no place for risks Risk-taking is unacceptable when it comes to issues of health and safety, but why do some people... Read More
New Health and Safety apprenticeship announced New Health and Safety apprenticeship announced The UK marketplace is no stranger to skill shortages, but for the first time, lives could be at... Read More
Health and safety advice from a UN weapons inspector Health and safety advice from a UN weapons inspector A UN weapons inspector may be used to working with bioweapons – but their health... Read More
Follow all of the latest Veritas Consulting news on our RSS feed