NHS, Pharmacies Warn of Possible Delays After Global Tech Outage

The warning comes after the trade union for doctors said normal GP service will not be resumed immediately as the outage had caused a ‘considerable backlog.’
NHS, Pharmacies Warn of Possible Delays After Global Tech Outage
A general view of staff on a NHS hospital ward at Ealing Hospital in London, England, on Jan. 18, 2023. PA
Victoria Friedman
Updated:
0:00
NHS England and pharmacies have warned of possible delays to services as they recover from the aftermath of Friday’s global IT outage which also affected airports, media outlets, and banks.

An NHS spokesperson said on Monday that while systems were now back online, “there may still be some delays as services recover, particularly with GPs needing to rebook appointments.”

“Patients with an NHS appointment this week should continue to attend unless told not to,” the spokesperson said, adding that the NHS hoped to keep disruption to a minimum.

Nick Kaye, the chairman of the National Pharmacy Association, also said that as pharmacists recover from last week’s outage, “we expect service in some community pharmacies to be slower than usual today.”

“Please be patient with your local pharmacy team if you are visiting them, as they may still be prioritising emergency prescriptions from their local GP surgeries as well as experiencing increased demand as services return to normal,” Mr. Nick said.

The IT outages were triggered on Friday by a defect in a content update for Windows hosts from the cybersecurity firm CrowdStrike. The issue caused many services to go offline globally, leaving devices displaying a “blue screen of death”—which indicates a critical error led to a system crash—instead of rebooting and functioning normally.

‘Considerable Backlog’

The warning came after the British Medical Association (BMA), the trade union for doctors, said on Sunday that GP services “cannot be resumed immediately” after the incident caused a “considerable backlog.”

On Friday, GP surgeries reported they could not book appointments or access patient files on their records system, supplied by EMIS.

Dr. David Wrigley, deputy chairman of GPC England, the GPs’ representative body at the BMA, said that without a computerised clinical system, many surgeries were forced to go back to using pen and paper. As a result, much of the work that needed to be completed on Friday has been shifted onto this week.

“Even if we could guarantee it could be fully fixed on Monday, GPs would still need time to catch up from lost work over the weekend, and NHSE (National Health Service England) should make clear to patients that normal service cannot be resumed immediately,” Dr. Wrigley added.

The BMA said its GP committee would be working with EMIS to secure a “better system of IT back-up” to ensure this “disaster” is not repeated.

Affected Less Than 1 Percent of All Windows Machines

CrowdStrike has issued a fix, with the cybersecurity company saying on Sunday that a “significant number” of the some 8.5 million affected Windows devices were now back online.

While Windows estimated that the CrowdStrike incident affected less than 1 percent of all Windows machines, the economic and societal impacts were widespread, because many enterprises which operate critical services use CrowdStrike.

Linux and Mac operating systems were not affected.

CrowdStrike was quick to assure clients and the public on Friday that global outages were not due to a cyber attack.
George Kurtz, CEO of CrowdStrike, said he was “deeply sorry” for the disruption caused.

Synnovis Ransomware Attack

Recovering from the CrowdStrike incident is just the latest cyber issue that has affected the NHS in recent months.
In June, hackers attacked Synnovis, which provides blood testing services, with ransomware, affecting IT systems at several London hospitals.

The incident resulted in the NHS making an urgent appeal for universal blood donors, because the cyber attack meant hospitals were not able to match blood types with patients as quickly as usual.

The NHS later confirmed that criminals had published some stolen data online.

Disruption to services has lasted for weeks, and as a result of the attack, thousands of appointments and operations were postponed.
In March, NHS Dumfries and Galloway reported a “focused and ongoing cyberattack,” which resulted in the release of data relating to a small number of patients.

Other cyber attacks have been perpetrated against the health service in recent years. In August 2022, Advanced, which supplies vital systems for the NHS, suffered a cyber breach. As a result a number of systems, including the NHS 111 service and software used to check in patients and maintain medical notes, were taken offline. And in 2017, a WannaCry ransomware attack hit the NHS and affected 80 out of 236 hospital trusts across England.

PA Media contributed to this report.