GP blood testing restored three months after Synnovis cyber attack
- 23 September 2024
- NHS London has confirmed that GP blood testing services have been restored following the June cyber attack on Synnovis
- Some manual processes remain while Synnovis restores the IT systems that provide the electronic link between laboratories and service users
- Jane Fryer, medical director at NHS London, said that work is underway to restore blood transfusion services in the next few weeks
GP blood testing services across south east London have been restored following the cyber attack on Synnovis, NHS London has confirmed.
The ransomware attack in June 2024 caused disruption to pathology services in Southwark, Lambeth and Bromley, with thousands of operations and procedures postponed.
In an update, published on 19 September 2024, Jane Fryer, medical director at NHS London, said: “Testing services have been returned to GPs across all south east London boroughs and we are working hard to fully restore blood transfusion services in the next few weeks.”
She added that there are now “consistently low numbers of appointments and procedures being cancelled and postponed”.
“Mutual aid arrangements have enabled us to maintain planned operations and transplants for our patients across south east London,” Fryer said.
Although most of Synnovis’ services for GPs and hospitals are now operating at full capacity, some manual processes remain while Synnovis restores the IT systems that provide the electronic link between laboratories and their service users.
Mark Dollar, chief executive at Synnovis, said that GP users had been given access to the “full repertoire of medical diagnostic services once again”.
“I am pleased to report that these final transfers went smoothly and that GP services in our new hub laboratory continue to operate efficiently and effectively.
“The majority of hospital services are now operating as they were before the cyber attack, although some of our processes are still being conducted manually while we rebuild digital interfaces,” Dollar said.
He added that plans are underway to resume the programme to transform pathology services for patients across south east London, which was paused in June immediately following the cyber attack.
“We continue to make good, steady progress in delivering our restoration plan and, once again, I would like to thank patients, clinicians and other service users for their understanding, support and patience throughout,” Dollar said.
Data for the fifteenth week after the attack (9-15 September 2024) show that across the two most affected trusts, King’s College Hospital NHS Foundation Trust and Guy’s and St Thomas’ NHS Foundation Trust, six acute outpatient appointments and one elective procedure had to be postponed because of the attack.
This means so far 10,146 acute outpatient appointments and 1,705 elective procedures have been postponed across the two trusts.
Meanwhile, NHS England and the National Data Guardian announced an updated cyber resilience framework for health and social care organisations, starting from 2 September 2024.
The change will see the NHS Data Security and Protection Toolkit gradually transition from using the NDG’s 10 data security standards to the National Cyber Security Centre’s cyber assessment framework (CAF) as its underpinning assessment mechanism.
Prime minister Keir Starmer’s plan to introduce a new Cyber Security and Resilience Bill, which will expand regulation to cover more digital services and supply chains, was announced in the King’s Speech on 17 July 2024.
