The HSE has said that €100 million would be a “small figure” in terms of the total cost of the cyberattack.
Up to 7,000 outpatient appointments a day are being lost as a result of the attack by a criminal gang that has played havoc with the health service, a briefing heard on Thursday.
Chief executive Paul Reid has said he would back an independent investigation into the incident.
Speaking on Thursday, Mr Reid said €100 million would be “a small enough figure” when it comes to the total cost of dealing with the attack.
Our hospitals & health services remain under extreme pressure and dealing with a higher level of risk every day. It's still hard to rationalise an attack on a health system. We're making progress but this will take some time yet. We appreciate everyone's understanding. @HSELiveAdvertisement
— Paul Reid (@paulreiddublin) May 24, 2021
He said: “There’s a number of costs that we will incur by purely getting the systems back up, and secondly, upgrading some systems during this process.
“There’s a resource cost with all of that. Then there will be the costs bases on out services and the impact on trying to recover services.
“I said at the outset this will be in the tens of millions. And there’s no doubt that €100 million would be a small enough figure in terms of the total costs of this.”
The ransomware attack resulted in the HSE having to close down all its IT services, causing widespread delays and the cancellation of appointments at hospitals across the country.
50 per cent capacity
HSE chief operations officer Anne O’Connor said that outpatient services are currently operating at around 50 per cent capacity, meaning around 7,000 appointments a day are being lost.
But she said this is only one area affected, and it will be some time before the impact across all patient groups is clear.
Mr Reid warned that disruption will continue for “some time to come”.
He said: “The risks to our health service right now are carried across all aspects of healthcare.
“Therefore, in any analysis or any judgment of what the risks are in the health system right now, they’re extremely red hot.
“We are truly sorry for patients who are suffering this impact and the impact it’s having on those patients.”
He added: “I just want to say to all of those people and patients we are doing the very best we can to mitigate and minimise the disruption.
“But the reality is, there will be disruption for some time to come just yet.”
Mr Reid also said he would back an independent investigation into the cyberattack, saying lessons must be learned from it.
Criminals have attacked our health service and IT systems are shut down. This is a serious and high risk event.
We thank you for your patience and understanding. We’re working incredibly hard to keep essential services going. Visit https://t.co/f0I8Yw77y3 for service updates. pic.twitter.com/OejHQwo5s8
— HSE Ireland (@HSELive) May 23, 2021
“We are keen to have an independent and objective and assessment of the incident,” he said.
“At a second level, there is a real need across the public service and across Government services, to have a learning from this event and to assess our national protections across it as well.
“I certainly am very open to an independent assessment, that’s what our board are currently finalising.”
Dr Paolo Palmieri, a cyber security lecturer at University College Cork, told breakingnews.ie that it may be days or weeks before individuals are targeted, warning that fraudulent schemes and identity theft could occur if the information is sold on the dark web.