NHS trusts across England have experienced over 1,300 hours’ worth of downtime over the last three years, according to new figures revealed by enterprise mobility and IT specialist Intercity Technology.

The company carried out a Freedom of Information request and, of the 143 trusts that were approached, 80 responded. The findings revealed that 31% (25) of these had experienced outages across their IT systems between January 2015 to February 2018, with 92% (23) relying on in-house IT teams for the security monitoring of their networks.

Of the 25 trusts that had suffered downtime, 14 did so as a result of a security breach. In total, the trusts experienced 18 security breaches over the last three years, leading to over 18 days’ worth of downtime. These attacks included the now infamous Wannacry ransomware attack, while others fell victim to the Locky and Zepto viruses, the most severe of which knocked systems offline for two weeks.

One trust alone experienced an average of one breach per year, while others provided insight into cyber attacks which affected servers, PCs and internal systems. Another trust also detailed an issue in which an unauthorised device was plugged into a network which disrupted two wards in 2017, resulting in downtime of approximately two hours.

More positive findings include the fact that five trusts experienced downtime after they took their systems offline as a precautionary measure, following news of the Wannacry attack.

Ian Jackson, the chief commercial officer at Intercity Technology said: “NHS trusts across England are currently being pushed to the limit. It’s not surprising that they often don’t have the resources to dedicate 24/7 support to their IT systems, and the majority of these breaches could be an unfortunate consequence of this.

“Technology has proven to help facilitate the provision of care within the NHS, boost efficiencies and alleviate some of the strain on the system. However, if the benefits are to outweigh the potential risks, it’s important to ensure that there are sufficient resources, whether in-house or external, to continuously monitor the network and address any issues before they impact daily activity.”

[subscribe-form]