Update on the security measures taken by the NHS Wales Informatics Service

Since Friday 12 May, the NHS Wales Informatics Service has been working round the clock to protect NHS Wales’ digital health and care services from a global cyber-attack that has affected thousands of organisations and industries world-wide.

To date digital services in NHS Wales have been unaffected.

 

The NHS Wales Informatics Service is working with all its partners to ensure that clinical staff can and indeed should continue to use digital solutions to support the delivery of care.

To continue to protect NHS Wales from disruption the NHS Wales Informatics Service is continuing to monitor the situation closely and has taken a number of actions and put in place extra security controls.

 

As a precaution all emails received from external senders, NOT from NHS Wales email addresses [@wales.nhs.uk], have been blocked and deleted.  This affects all external emails received from Friday morning. This will be reviewed on Monday afternoon and further updates will be posted. This deletion will include emails from Unitary Authorities, Social Services, Police, Welsh Government, suppliers, NHS England, educational establishments and ESR notifications. 

 

Outbound and internal email are not affected.

 

Changes have made to internet facing firewalls and temporary restrictions placed on personal access to external webmail services, e.g. Gmail, Hotmail

 

Work is ongoing to continue to monitor our national digital services and to ensure our protection is as strong as it can be and to support NHS Wales’ organisations with appropriate security measures.

 

The NHS Wales Informatics Service provides real-time monitoring of NHS Wales’s digital services and IT systems, which are all designed to have strong security measures.