Following the global cyber attack that crippled NHS services on Friday, we’ve had several calls and emails from clients wanting reassurance that their patient data is safe. We’ll address that next, but first, a recap of the news.
The health service suffered a weekend of chaos after hackers demanding a ransom infiltrated parts of the health service’s computer system. Operations and appointments were cancelled and ambulances diverted as up to 40 hospital trusts became infected by a ‘ransomware’ attack demanding payment to regain access to vital medical records.
It wasn’t just the UK or the NHS which was affected – researchers with security software maker Avast said they had observed 57,000 infections in 99 countries. Mikko Hypponen, chief research officer at the Helsinki-based cybersecurity company F-Secure, called the attack “the biggest ransomware outbreak in history”.
We seek to reassure our clients that such an attack would be extremely unlikely, if not impossible, due to e-clinic’s setup and security. Several clients asked whether it would be safer to hold a backup on site. Our Managing Director Mark Lainchbury had the following to say:
“e-clinic data is not only backed up but replicated daily across two UK based tier-3 secured data centres (Wakefield and Derby) using a secure, private link. Our remote app is 256-bit encrypted and the whole platform is fully ISO27001 compliant. ISO27001 is the highest data security rating offered by the International Standards Organisation and this compliance is one of the primary reasons e-clinic is more expensive than most of our competitors.”
One client asked if it would be safer to make an on-site backup of their own. Mark responded: “I would be very reluctant to recommend taking a backup outside our platform, since that would actually make the data less secure. Databases at rest are very much more vulnerable to the kind of malware that’s hit the headlines this weekend than databases which are cloud-hosted. Sending a backup of your files outside the platform would create an opening which would put your files at a higher level of risk.”
He continued: “Of course, no one can guarantee that your data will never be hacked or lost. However, your data is much more likely to remain safe and secure with our cloud-hosted package, for all the reasons I have outlined above. We are very confident that the service and security we offer is head and shoulders above that of most, if not all, alternative clinic management packages out there.”
With some reporting from The Telegraph