A warning to users of Windows XP.
If you are still using Windows XP on your IT systems (in whole or on just some PCs) you could easily be inviting cyber criminals to come in and rifle through your sensitive patient information. This obsolete IT operating system no longer receives security updates and provides easy pickings to hackers who want to ‘nick’ sensitive information or even take control of your healthcare IT infrastructure – just like they did in Lincolnshire. Though, as yet, they remain ‘tight lipped’ as to how their systems were ‘invaded’.
Research suggests that anything up to 75 per cent of NHS health and care providers still use Windows XP in one form or another. All it takes is one weak link in your chain of PCs to wreak havoc.
Experience teaches us that, despite all the potential problems, and, while accepting that health and care organisations may have other priorities for diminishing cash resources, if security does not become your top priority it is likely you will fall victim to hackers and ransomware.
Sadly, the problems from not fixing your Windows has been known for some time. The ICO issued a warning over two years ago – yet still it happens.
By the same token, this ties in with the ICO advice to data controllers to ensure all systems are up to date, including websites, which was one of the themes of the cybersecurity webinar it ran a few weeks ago.
The British Pregnancy and Advisory Service suffered a hack a while back due to insecure systems and was fined £200 000. The fact the hackers were caught and sent to ‘clink’ would be cold crumbs of comfort.
As a health and care provider it is your responsibility to make sure you have "appropriate technical and organisational measures" in place to keep your information safe.