Abstract
A systematic analysis of Hospital Episodes Statistics (HES) data was done to determine the effects of the 2017 WannaCry attack on the National Health Service (NHS) by identifying the missed appointments, deaths, and fiscal costs attributable to the ransomware attack. The main outcomes measured were: outpatient appointments cancelled, elective and emergency admissions to hospitals, accident and emergency (A&E) attendances, and deaths in A&E. Compared with the baseline, there was no significant difference in the total activity across all trusts during the week of the WannaCry attack. Trusts had 1% more emergency admissions and 1% fewer A&E attendances per day during the WannaCry week compared with baseline. Hospitals directly infected with the ransomware, however, had significantly fewer emergency and elective admissions: a decrease of about 6% in total admissions per infected hospital per day was observed, with 4% fewer emergency admissions and 9% fewer elective admissions. No difference in mortality was noted. The total economic value of the lower activity at the infected trusts during this time was £5.9 m including £4 m in lost inpatient admissions, £0.6 m from lost A&E activity, and £1.3 m from cancelled outpatient appointments. Among hospitals infected with WannaCry ransomware, there was a significant decrease in the number of attendances and admissions, which corresponded to £5.9 m in lost hospital activity. There was no increase in mortality reported, though this is a crude measure of patient harm. Further work is needed to appreciate the impact of a cyberattack or IT failure on care delivery and patient safety.
Highlights
The global ransomware attack, WannaCry, took hold across multiple continents and organisations on Friday 12 May, 2017.1 not directly targeted, one of the biggest causalities of this attack was the National Health Service (NHS) in England.[1]
Hospital trusts had on average 1% more emergency admissions (1.1 admissions, 95% confidence interval 0.2 to 1.9) per day during the WannaCry week compared with baseline weeks, though compared to an average of 107 emergency admissions per trust per day, this is not a clinically significant increase in activity, and activity was higher than the baseline period in the weeks before and after WannaCry, so this is unlikely to be related to the attack
There was
Summary
The global ransomware attack, WannaCry, took hold across multiple continents and organisations on Friday 12 May, 2017.1 not directly targeted, one of the biggest causalities of this attack was the National Health Service (NHS) in England.[1]. 1 p.m. that day and by 4 p.m. a major incident was declared as the scale of the problem became more apparent.[1] The attack was brought to a halt on the evening of the 12 of May by a cyber researcher who had activated a kill switch, which stops the spread of the malicious software, and prevented further devices from being infected.[1] Over the week, the cyberattack resulted in significant disruption across the NHS for patients and healthcare staff, which included reverting to manual processes (e.g.: reporting blood results, paper notes); disruption to radiology services; cancelled outpatient appointments, elective admissions, and day case procedures; and for five infected acute trusts, emergency ambulances were diverted to other hospitals.[2]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
