Vaughan Gething, Cabinet Secretary for Health and Social Services
On the morning of the 24 January a technical issue occurred, which caused an outage at the two data centres operated by the NHS Wales Informatics Service (NWIS) on behalf of NHS Wales.
This incident affected twenty-six nationally-hosted systems, including systems which manage appointments and which share patient referrals, tests results, laboratory results and GP test requests. The NHS Wales email system was also impacted.
During the incident, all Health Boards activated business continuity plans to ensure both NHS Wales staff and patients were supported during this outage and as a result, care and treatment continued to be provided. However, as this incident impacted our frontline staff, there were delays experienced by patients, for example in receiving test results.
By 16:15 the same day all systems were operational, with business-as-usual service being resumed by 20:00.
I would like to thank all of our NHS Wales technical staff who worked hard to resolve this issue as quickly as possible. I would also like to thank all of our frontline staff who continued to provide excellent services to the people of Wales under difficult circumstances.
Following resolution of the issue, NWIS initiated an investigation to establish the cause of the data centre outage and I agreed to issue a written statement once this review had concluded.
Firstly, I can confirm this was not a cyber attack and that the integrity of patient records was not compromised by this incident.
I can also confirm that the investigation found the cause of the incident to be a problem with the firewall equipment which occurred when a routine firewall change was applied. The manufacturer of the equipment has confirmed that the firewall acted in an unpredictable way and that the change made should not have had a detrimental effect.
The manufacturer identified changes to the configuration of the firewalls to avoid a similar circumstance and these were applied successfully to the firewall equipment at 7.30 on Wednesday 31 January. Further changes have also been made to provide greater monitoring of firewall activity.
While this type of IT failure is unusual in NHS Wales, my officials are working with Health Boards and NWIS to develop a new cyber attack and IT incident communications, to alert and update stakeholders in the case of future incidents.
This statement is being issued during recess in order to keep members informed. Should members wish me to make a further statement or to answer questions on this when the Assembly returns I would be happy to do so.