Original URL: http://www.theregister.co.uk/2010/02/12/nhs_toolkit_takedown_analysis/

NHS Toolkit takedown will inconvenience docs, not patients

Medics and sec-experts assess 3-week sicknote

By John Leyden

Posted in CIO, 12th February 2010 13:48 GMT

Analysis Patient care will not be affected by an NHS decision to pull a doctors' appraisal website offline to improve its security, but the life of UK doctors will be complicated.

The return of the NHS Appraisal Toolkit, which provides an online database that allows NHS doctors to prepare for their annual appraisals, is not due until 3 March. The removal of the resource means the assessment of the performance of 27,000 hospital doctors and GPs who use it will almost certainly be delayed, the GP who was the first to tell us that the site had been laid low explained.

"There is no back-up for those doctors using the system," the family doctor, who asked not to be named, explained. "They have been told they can phone the helpline and have their forms emailed to them (but not to their appraisers). Some but not many may have local copies on their desktops. Otherwise, it's a question of trying to get the info and keeping your fingers crossed."

The timing of the closure coincides with the run-up to appraisal deadlines for many doctors, so it could hardly have come at a worse time for many medics.

"Deadlines are technically fluid, but there is a contractual obligation for GPs to engage in a Primary Care Trust's appraisal process, which would normally run from April to March," the doctor explained.

"Hopefully PCTs will be amenable to date changes, I understand that there is a message from the Dept Health for them to be flexible. Otherwise the appraisals this year could be a bit of a waste of time as the info won't be available to either party. If they are rescheduled, that is all well and good, but many people will be at best significantly inconvenienced."

He added that some doctors may be forced to pay for locum cover to cover rescheduled assessment meetings. Despite the inconvenience and potential expense to doctors, patient care ought not to be affected.

"An important point though is that if appraisals don't happen, no one will be suspended or have to stop working, so patient services should be unaffected," the doctor explained. "In fact I would stress that, patients should be unaffected by this problem."

The doctor described the unscheduled suspension of the site as another example of an "NHS IT mess-up" and speculated on the reason for the suspension, which may be related to a move to upgrade the site to support more modern browsers.

"Whether it is related to the NHS mostly (almost exclusively) using IE6, I don't know. I hope there hasn't been an actual security breach because I suspect many doctors have potentially sensitive information in their appraisal documentation," he concluded.

The Department of Health said on Tuesday that the site was suspended as a precaution after an audit highlighted possible security shortcomings. It stressed that no breach had taken place, which is just as well because the site is a treasure trove of highly sensitive medical data containing information on doctors' performances alongside named patient data including near diagnosis mistakes, critical incidents and the like.

In a statement, the Department of Health explained the ministerial decision to take down the site.

There is no evidence of any security breach or loss of data. Given the importance of given the importance of preserving confidentiality of staff and patient information, it is not acceptable to take any risks. The Department of Health is working closely with the supplier to ensure that the service is restored as soon as possible and apologises for any inconvenience this may cause doctors in the meantime. It is hoped that full service can be resumed within three weeks.

The suspension of the toolkit creates chaos for thousands of doctors and their appraisers, but the implications of a successful hacking attack would be far more severe and longer lasting.

David Harley, director of malware intelligence at security firm Eset, and a former NHS IT manager for five years, explained there was higher sensitivity over the security of health service sites compared to commercial websites.

"While three weeks seems a lot of downtime for a maintenance check, it's not necessarily sinister. There was a highly visible MTAS (Medical Training Application Service) leak re junior doctor data in 2007 that caught the eye of the Information Commissioner, and a subsequent welter of other data leakage reports, from thumb drives and CDs, so there will be sensitivity in the department of health (and higher)."

NHS Connecting for Health has always been largely focused, in terms of security, on confidentiality, he explained. "I'd expect them to take a possible breach very seriously," Harley explained.

Harley added that the precautionary suspension of IT services in the NHS is rare but not without precedent. "It's not unprecedented for NHS IT services to be taken down during a security breach, even if the short term impact was significant, though the few incidents in my personal experience were all malware-related." ®