Harold Thimbleby, the Professor of Computer Science at Swansea University, together with Martyn Thomas, Professor of Information Technology at Gresham College, recently delivered a lecture at the Museum of London. The main thrust of their presentation was the claim that NHS computer system problems could be responsible for between 100 and 900 deaths per year.
Bugs in the system
Professor Thomas said to the Independent that a, ‘significant proportion of clinical negligence claims in the NHS are due to bad computer systems [and] buggy computers systems [which] cause professionals to make mistakes. Badly designed computer systems could be at the heart of […] all the causes of harm that are reported as serious adverse events’. He emphasised that due to the current culture in the NHS, the human health care professionals are likely to be blamed for adverse events that are primarily due to computer glitches and which are very little to do with human error.
The NHS is hugely reliant on computers and digital devices. They are used to store patient records, test results and appointments. They are also vital for the proper functioning of equipment such as scanners and life support machines. This means that privacy, efficiency and lives are at stake if the IT systems are not fit for purpose. For these reasons, Professor Thomas’s calls for a public inquiry into the safety of hospital software appear to have significant merit. He also calls for better regulation of NHS computers, with more research into IT errors and the resulting consequences. This seems both reasonable and sensible.
Public Accounts Committee and the WannaCry attack
Professor Thomas also addressed the WannaCry ransomware attack against the NHS last year, which he claims could have resulted in the deaths of many people. Thankfully there are no official reports of patient harm or patient data becoming compromised in the wake of the security breach. Instead, the cyber attack prompted a review of NHS computer systems, with the unsettling findings that 200 of the 236 NHS Trusts were vulnerable to the assault.
NHS officials who met the MPs of the Public Accounts Committee at the start of this week, conceded that the true extent of the attack may never been known. The NHS Digital deputy chief executive Rob Shaw said, ‘We will never mitigate against all cyber attacks. We’ve got to accept the fact that there will be something that will get through’. The chief executive of NHS England, Simon Stevens also admitted to the committee that no estimate of the national cost of the breach was available or even possible.
The January 2018 Welsh NHS computer failure
Despite raised awareness of the potential problems facing IT in the NHS, just 2 weeks ago the BBC reported on a widespread failure of computers systems across the Welsh NHS. The situation was described as chaos and meant that doctors were unable to access test results, patient medical histories or hospital correspondence. The backlog was further perpetuated because staff were unable to access patient details in order to contact them and postpone their appointments.
The Welsh Assembly’s health spokeswoman Angela Burns said that the IT issues were ‘incredibly concerning, especially in the aftermath of last year’s ransomware attack’.
There is a growing debate around funding for the NHS. MPs have described the current system as unsustainable without structural reform and additional money. Suggestions for moving towards improvement have included transforming National Insurance contributions into a health and social care tax. Other suggestions for raising funds include taxing workers over the age of 40 at a higher rate than younger workers and getting more affluent pensioners to pay more in contributions.
The notion of ring-fencing a tax for Health and Social Care has not been popular among MPs in previous governments. However, Sir Nick Macpherson, a former civil servant from the Treasury supports that very idea, under the condition that it is renewed every 5 years. Health Secretary Jeremy Hunt also supports the idea of spending reform, but suggests that a 5 year review is less helpful towards NHS development than his proposed 10 year spending plan.
While the debate around funding for the NHS continues, it is clear that cyber security should be a priority. Indeed, in the wake of the WannaCry attack, the Department of Health and Social Care has allocated £175 million to address cyber security over the next three years and over £4.2 billion in technology for the NHS. It is hoped that this cash injection will go towards protecting the NHS now and in years to come. Or perhaps that is being a bit too optimistic? We’ll soon see.
To speak with a lawyer in the personal injury department about an injury you have sustained call us on 020 7485 8811 or fill in our online form.