Protecting against cyber attack

Update on available support and advice for NHS organisations that have reported issues due to the cyber attack on 12 May 2017.

Update 15 May 2017: submission deadlines for providers

If you’re likely to have difficulty meeting agreed submission timetables, please discuss this with your regional lead at NHS Improvement.

If your trust is able to make your submissions then please continue to do so.

In light of the cyber attack, we have reviewed the upcoming submission deadlines detailed below. Please keep checking this page for the latest updates.

Weekly agency collection

We are taking these actions for the weekly agency collection due by Wednesday this week (data from the week commencing 8 May 2017):

  • the collection will remain open for an additional week 
  • next week the portal will be open for submissions from weeks commencing 8 and 15 May 2017

If your trust is able to submit this week then please continue to do so. 

If you have any urgent queries about this then please call Martin Innes, Senior Operational Agency Data and Intelligence Lead, NHS Improvement: 0203 747 0579. 

Finance collections

We have two key finance collections due this week - we won't be sending any blanket email communications but instead we're taking these actions: 

  • changes to the performance against Control Total 2016/17, due by the 17 May to enable any redistribution of the STF returned balance, will now be collected directly by your NHS Improvement regional finance contacts (normal contact details)
  • your M1 2017/18 finance collection originally due on 16 May is now due by midday Monday 22 May 

You can send any questions regarding these returns to the Sector Reporting team:

Update 14 May 2017: information for providers and deploying patches

We've written to NHS providers' chief executives and chief operating officers on the ransomware cyber attack. Our email outlines the following information:

  • actions to take immediately
  • deploying the patch
  • using email and connecting to N3
  • what to do if there's evidence of re-infection
  • reducing the risk of future attack
  • further support

Letter from NHS Digital: explaining patches to protect against cyber attack PDF, 374.9 KB

Information on how to reduce the risk of this type of attack and details of the patches that can remove the vulnerability.

Information for patients

The NHS has continued to treat patients throughout the weekend. We have been working with 47 organisations providing urgent and emergency care who have been infected to varying degrees. Most have found ways of working around this but seven, including St Barts in London, have asked for extra support.

If you have a hospital appointment you should still attend unless you are contacted and told not to.

We have also been offering advice and assistance to GP surgeries, who will open as usual tomorrow. Again, if you have an appointment you should still attend unless contacted and told not to.

People should continue to use the NHS wisely and remember that they can seek help and advice from a range of other sources, such as pharmacies and NHS 111.

Bearing in mind the impact of the global cyber attack I would urge people to be patient with staff.

Dr Anne Rainsberry, NHS incident director

Related content

Is there anything wrong with this page?

Help us improve this website

Do not include any personal, sensitive or confidential information.