It has been suggested that more HSE IT systems will move to ‘cloud’ services following the
cyber attack on the Executive.

HSE’s Interim Chief Information Officer (CIO) Mr Fran Thompson told the HSE performance and delivery committee meeting on the 18 June “that part of the lessons learnt [from the cyber attack] so far is that cloud services have survived and have seen less impact then the majority of systems which are stored on
HSE servers”.

Mr Thompson was making a report to the committee on the impact of the cyber attack that struck the HSE in May. “This suggests more systems will move to cloud services, such as email systems, and new-born and maternity services,” Mr Thompson added, according to the meeting minutes. “Overall, this will need to be reflected in Government policy with a move from operational expenditure to capital expenditure.”

The committee was informed that “large elements” of the financial impact of the cyber attack will involve bringing “forward improvements and costs that were already planned but not due to take place immediately, but rather over the next two or three years”.

Separately, HSE Chief Clinical Officer Dr Colm Henry told the 15 June meeting of the HSE safety and quality committee that the attack was “the most significant cyber crime attack on an Irish State agency”

According to minutes, the committee also discussed how to “maintain progressive e-health initiatives going forward, while staying prepared for another cyber attack in the future and highlighted the importance of having effective back-up systems and noted the effectiveness of paper trails during this attack”.