A senior Southern HSC Trust official has confirmed the root-cause of the major IT outage, which paralysed the new ‘encompass’ electronic care record on September 17, has now been identified – only she can’t reveal what it was just yet due to “commercial sensitivities”.
Addressing the board of the Southern Health and Social Care (HSC) Trust on Thursday, November 27, Elaine Wilson, director of Planning, Performance and Informatics, was in a position to reassure members that the major incident was not the result of a cyber-attack.
She stated at the board meeting: “This report is an update on the progress that has been made since the major incident on September 17, in relation to understanding what the cause of the incident was, and learning from that.
“I want to reiterate the Trust’s regrets [in relation to] the impact the outage had on patients and service users. Our system went down for one working day, which caused about 1,600 patients to be rescheduled.
“We are content that all of those patients have now been rescheduled, and we are not aware of any harm that has arisen as a result of the outage.
“In relation to the incident itself, we set up an Incident Review Group which is chaired by our external chair, Professor Graham Evans, who is an expert in these areas and has come very highly recommended to the Trust.
“The group has now been meeting for a number of weeks, and we set up four sub-groups underneath that. Those four groups have been doing significant work to gather evidence and review the impact of the outage, and to really start to learn.
“The timeline for reporting in each of these sub-groups was that they would each report by the end of November to the Incident Review Group. I’m happy to report that all of the reports have now been submitted into the Incident Review Group team.
“At the time, one of the first priorities that we had was to understand the cause of the incident.
“While the cause of the incident is now known, due to the commercial sensitivities of the findings of that group, we’re not able to report that to Trust board at this stage, as it remains confidential in nature, however the Incident Review Group report will be presented to Trust board in January.
“One thing I can say is to confirm that the cause was not linked to a cyber-attack, and was not related to the robustness of the Trust’s IT infrastructure. We will report back on that in some more detail.
“We are not waiting for the end of these reports to start to learn from this incident. While it was regrettable, it has been a huge learning opportunity for the Trust, and we continue to embed some of the new learning that we have in relation to our business continuity arrangements, on how we deal with these types of incidents.
“We know, in relation to IT, we can’t ever guarantee that things will not happen that will put our systems down. So, that learning is already out within our own Trust, and we have already started to share that across the other Trusts in the region as well.”
Professor Graham Evans praised the Trust for the way they had managed to get everything back and running so quickly.
Addressing the panel via a video feed, he stated: “The Trust, along with its Health and Social Care partners, and technology partners, were working in a very collaborative and collegiate manner during the incident, which is to be commended.
“Incidents of this nature are highly disruptive, and they are quite challenging to the patients and populations that we serve. However, during the incident, I did think from the information I’d been able to gather, that the Trust did work in a very responsible and responsive manner.
“Getting the Trust’s technical infrastructure up and running essentially within a business day, is to be commended.
“It’s worth noting that these incidents can often be multifactorial, essentially around people, process and technology, and it’s when these freaky components converge and things go wrong, that it’s more difficult to actually find the true root-cause.
“These incidents can often span over several days. The fact that the organisation, along with its partners, were able to get back up and running so quickly, is testament to its technical infrastructure, and the systems and processes that are in place.
“However, lessons have been learned to minimise those re-occurrences in the future. But you’ll never eliminate such a risk.
“But overall, the sub-groups that have been feeding into the review are working very well, and we will be reporting in the very near future all of the facts, to establish how we move forward.”
