This became public in September, 2016, when U.S. software firm Citrix used a Freedom of Information request to get information on 63 N.H.S. Trusts. In 42 responses, 24 stated that they were “not sure” about upgrading away from the system, according to the Inquirer.

Also in September, 2016, Vice Motherboard used FOI requests, as well. It sent them to over 70 N.H.S hospital trusts and found that at least 42 National Health Service trusts in England are still using the Windows XP operating system, with many of them confirming that they no longer receive security updates for the software. Legal experts say that the N.H.S. hospitals may be in breach of data protection regulations.


"If hospitals are knowingly using insecure XP machines and devices to hold and otherwise process patient data they may well be in serious contravention of their obligations," Jon Baines, Chair of the National Association of Data Protection and Freedom of Information Officers (NADPO),” stated by e-mail to the site.

If the Microsoft patch has not been installed, it should be immediately, Kaspersky Lab advised.

In February, experts warned that as bad as ransomware attacks were in 2016, health care IT professionals had better brace themselves for worse in 2017.

"The threat from ransomware is not only growing, but evolving to allow hackers to target vulnerable organizations and their most valuable data files, and adjust ransom demands accordingly,” Katherine Keefe, global head of Beazley BBR Services, said, adding that “the sustained increase in these threats in 2016 indicates that even more organizations will be attacked in 2017, and need to have incident response plans in place before they get a ransomware demand.”

One of the highest-profile hospital ransomware events took place in February, 2016. Hollywood Presbyterian Medical Center in Los Angeles fell prey to an attack, ultimately paying a $17,000 ransom to reclaim its computer network.

Back to HCB News

Health IT Homepage