More NHS dentists could be forced to close after major cyber attack leaves some nearing financial ruin

More NHS dentists could be forced to close after a major cyber attack has left some nearing financial ruin, i has learned.

It comes as NHS dentistry is already in crisis, with dental practices in Castle Douglas in Scotland and Norwich in Norfolk becoming the latest to announce closures over the past week, leaving thousands without access to affordable treatment.   

Dr Sam Shah, an NHS clinician and the former director of digital development at NHS England, warned that the impact of the cyber attack meant services would become unsustainable “at a time when dentistry is already broken.”

There is a growing number of “dental deserts” across the country, with some patients resorting to pulling out their own teeth and filling cavities with blu tack.

Dr Shah said further closures are on the table after a ransomware attack on 4 August wiped out Adastra – a system used by most NHS 111 services, some GP out-of-hours providers and some dental triage providers, impacting around 40 million patients in total.

The system is now up and running in the majority of sites, but the month-long outage from August to September jeopardised the existence of some dental practices.

While Adastra was offline, NHS 111 services were forced to operate manually, with call handlers making informed decisions about where to refer patients, rather than relying on the patient management system.

This meant referrals took longer and some patients ended up at locations that were closed or did not offer the correct services.

Dr Shah said seriously ill patients were triaged into the right care. However, the outage meant that out-of-hours dental providers did not get the same number of referrals as usual, causing financial losses.

He said: “If the funnel through which patients are coming to service providers – in this case, urgent and out-of-hours dental providers – isn’t working, this isn’t just about the patients not getting the right care in the right place. Those providers also become unsustainable and unviable.”

His own dental out-of-hours services were getting less than half of the usual number of referrals per session, losing up to 70 per cent of the usual number of patients while the system was down.

He continued: “That means we don’t get paid as a provider. But of course, we have to pay our staff. And that suddenly makes our service very, very difficult to run as a result of an attack that is completely outside of our control.

“The way that NHS dental services work, we only get paid if we treat patients. If we don’t get patients, we do not get paid. But of course, it was no fault of our own that those patients weren’t coming through.”

He added that it will take a few months to work out the financial loss in detail, but it is already clear the impact is “fairly significant”, with the “viability of services” at risk.

More on NHS

It comes after i previously revealed that mental health and domiciliary care services have been severely affected by the cyber attack, with records still missing, patient safety being compromised, and medication doses at risk of being missed. 

i can also reveal that some private GPs are still practicing without any access to patient records after the cyber attack wiped out Crosscare – a clinical management system used by 26 independent practices.

“It’s not safe, it’s dangerous,” said Dr Shaima Villait from the BMA private practice committee, explaining that independent GPs have had to “start from scratch”. They were left without access to patient medical history or notes for the last 20 years, piling “huge pressure” on them to practice from memory.

This comes as a growing number of patients are choosing private GPs as independent providers step in to fill widening gaps in NHS provision.

Dr Villait said: “All patient medical records went up in smoke with no access at all. GPs have recently been offered the option to request data, but it would be read-only access and provided on a first-come-first-served basis.

“GPs have had to start from scratch. They’ve had to apologise to patients about the loss of medical records, although no fault of their own. They’ve had to be as safe as possible without the past medical history.”

She said the lack of updates from the software company, Advanced, meant doctors were unable to make effective contingency plans to support patient care.

“NHS 111 was affected and understandably had to take priority, but it was the lack of transparency on when the data would be available to GP’s that was very frustrating,” she told i.

“If GPs were advised how long the system would be down, they would have been able to make contingency plans but they received no updates and just redirected to a portal which had the same message every day,” she added.

Last week, Advanced announced plans to restore Crosscare to its customers by 6 December, meaning GPs would have been treating patients without full access to their records for four months.

The August cyberattack has made healthcare providers realise that relying on one company for vital clinical systems is “precarious”, according to Dr Fay Wilson, the director of Badger Group, an out-of-hours service in Birmingham.

The group provides NHS services and is founded on a cooperative of NHS GPs. It was heavily impacted during the Adastra outage, due to using the system for vital clinical record keeping.

While 90 per cent of Adastra customers now have the system online again, the system only came back online for the Badger Group last week.

“As an organisation, [the cyberattack] has taught us a lesson that we should keep our data in several different places and not rely entirely on one on one organisation or one system,” she said.

An Advanced spokesperson said: “We remain resolutely focused on the recovery, test and restoration of core system functionality for all customers affected. We have committed to a detailed plan and timeline and we’re continuously sharing our progress against this plan with our customers.

“We will continue to share updates as we progress through each stage of the repair process.”

An NHS England spokesperson said: “While Advanced work to resolve their software problems, we are supporting local health systems who are working incredibly hard to continue providing care and keep patients safe with tried and tested contingency plans in place, so the public should continue to use the NHS as normal.”

A government spokesperson said: “We are working closely with Advanced in supporting social care providers to minimise the impact of this incident.

“Since 2016, we have invested £300m to build cyber resilience, and we continue to invest in the health and care sector’s cyber security – including through our ‘cyber programme’ to drive down risk and extend protection.”

Source

Leave a Reply

Your email address will not be published. Required fields are marked *