Visit our Clinical Hub ยป
07 June 2017
print version

Q. What advice is available on avoiding ransomware attacks?

A. The main advice is to ensure that:

  • You update/replace any computers running Windows XP
  • You ensure that all update patches are applied to all Win-dows computers
  • You have in place up to date anti-virus software
  • You and your staff are aware of the risk of opening email attachments
  • You have both online and off line backup systems for your patient data
  • You contract with an IT company to carry out a security audit in your practice
  • You only use your practice computers and network for health-related work, no private web browsing or email or social media on practice networks

For further discussion of these issues please see the FAQs section of the ICGP website, There is a one-hour GPIT video on ransomware available at Also available under 'Publications & Reports' in the GPIT section of the ICGP website,, are documents on 'No Data, No Business: ICT Security Guidelines' and 'GPIT Policy Document on Acceptable Usage of the Internet'.

The world geo-political situation means we can expect further threats to GP systems and patient data, as collateral damage to what is happening worldwide. It is important for GPs to take the security of their patient data seriously and to invest in a security audit and follow-up remediation of any risks identified. Losing patient data is a disaster for all concerned.