Health and Safety Consultancy Services for SMEs in Birmingham, West Midlands and beyond

NHS cyberattack could be a health and safety nightmare
Posted by David Cant on May 15, 2017

NHS cyberattack could be a health and safety nightmare

cybercrime in the workplaceWhen news broke that NHS hospitals across the UK had fallen victim to ransomware, there was obvious shock and concern. At least 48 trusts were infected, taking computer systems offline and seriously disrupting the treatment of patients.

The full scale of the attack has yet to be revealed, but it is clear that key systems have been compromised by hackers.

What happened?

Each of the affected hospitals has become infected with a special form of the computer virus known as “ransomware”. These infections encrypt files and data, rendering them inaccessible. The only way to regain access is to pay a ransom to the hackers or to restore the damaged files from backup. Depending on how many files are affected, this could take many days.

Security analysts believe that the attack relies on the victim – in this case, the NHS – having the outdated software or inefficient security provisions. It is believed that many of the infected computers at the NHS are still running Windows XP which Microsoft withdrew support some years ago.

The NHS has delayed upgrading and patching their systems for a number reasons, not least the enormous cost involved in such a project. In addition to the cost of upgrade licenses, the trusts each need to test to ensure that clinical systems work properly.

What does it mean for you?

The NHS attack is a warning for all businesses. Insufficiently protected computers anywhere are vulnerable to similar attacks. Any construction firm experiencing a similar infection will find their operations severely disrupted – at potentially significant cost.

Worse still, the inability to access key information has placed patients’ lives at risk. Our reliance on computer systems means that health and safety have now become a digital issue too.

How would losing access to your risk assessments affect site safety? Or any health details you keep on your employees? You rely on these details to plan the measures that keep people safe – without them, your provisions will lack key details and be less safe as a result.

To avoid an NHS-like malware disaster, your business will need to seriously consider how it approaches IT security. Delaying upgrades and patches may help to contain costs in the short term, but could also spell disaster if you do fall victim to cyber criminals.

Don’t be caught out

Your business has a duty to do everything it can to protect employees and members of the public. If a computer systems breach means that you cannot fulfil that duty, you could find yourself in trouble with the HSE and the Information Commissioner’s Office (ICO).

To avoid an NHS-like disaster, you should conduct a risk assessment on your IT systems too – including a check on whether your software needs to be updated. You never know – you may just save someone’s life.

To learn more about risk assessments, please get in touch.


David Cant is a Chartered Safety and Health Practitioner with a brain you can pick. Fluent in practical advice. He has a wealth of Industry experience and is the Director of life at Veritas Consulting.

You can find him on - Twitter and Facebook also Linkedin

This post has been filed in: Blog

Post a Comment

Your email is never published nor shared. Required fields are marked *


(Spamcheck Enabled)

Latest Blog Posts
How to fake health and safety documentation How fake health and safety documentation will earn you a jail sentence First, let’s be clear – learning how to fake health and safety... Read More
Your desk is killing you Sitting at your desk is killing you. The British economy is increasingly service driven, which means that more of us are spending the working... Read More
Workplace deaths increase in Northern Ireland Workplace deaths increase in Northern Ireland Disturbing news from Northern Ireland as workplace deaths increase by 30% in one year. Figures published by HSENI... Read More
Follow all of the latest Veritas Consulting news on our RSS feed