NHS staff were locked out of vital email systems over the weekend, believed to be as a result of a failed data centre upgrade by solutions provider, Accenture.
The company could now be facing major financial penalties after the crash crippled the communications system used by more than 1.2 million members of staff.
NHSmail suffered ‘widespread outages’ on Saturday, with users locked out of the portal, email in Outlook or Outlook Web Access.
It took around six hours to resolve the issue and it is yet unknown how many people were affected and to what, if any, degree patient care was impacted.
No-one will argue against security updates to help fight growth of email impersonation attacks, but this NHSmail outage is a clear reminder that IT can always go wrong
In a statement, NHS Digital service director for live services, Neil Bennett, said the problem ‘was caused by a fault in a third-party hardware device’.
And, according to the Health Service Journal (HSJ), which cited sources close to the matter, the firm could now be facing ‘big penalties’ if it is deemed that it failed to meet its contractural requirements.
The HSJ added that, not only did Accenture’s testing fail to detect the error in the upgrade; but back-up systems also failed.
Speaking to BBH following the problems, Gareth Lewis, head of public sector and defence at Mimecast, said it has highlighted the need fro all trusts to put a robust ‘plan B’ in place.
He added: “As the NHS looks to move to Office 365, it may be the right time to consider the resilience options for all cloud services.
“Email is important for every organisation, but even more so when critical and timely information is being shared that can disrupt clinicians’ workflows and patient care.
There needs to be plan B for when a primary email provider goes down. Otherwise, there’s also a risk employees could use unsanctioned tools to get the job done
“No-one will argue against security updates to help fight growth of email impersonation attacks, but this NHSmail outage is a clear reminder that IT can always go wrong.
“This is why there needs to be plan B for when a primary email provider goes down. Otherwise, there’s also a risk employees could use unsanctioned tools to get the job done.
“All organisations need a robust continuity plan for email so it stays up and running regardless of any future incidents.”