Skip to main page content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Access keys NCBI Homepage MyNCBI Homepage Main Content Main Navigation
. 2023 Apr:7:e2200149.
doi: 10.1200/CCI.22.00149.

The Impact of a National Cyberattack Affecting Clinical Trials: The Cancer Trials Ireland Experience

Harry Harvey  1 Hailey Carroll  1 Verena Murphy  2 Jo Ballot  3 Maureen O'Grady  4 Debra O'Hare  1 Gavin Lawler  5 Erica Bennett  6 Michelle Connolly  7 Emma Noone  8 Mary Grace Kelly  9 Ashley Bazin  10 Ailish Daly  11 Eibhlin Mulroe  2 Ray McDermott  2 Seamus O'Reilly  1   2
Affiliations

The Impact of a National Cyberattack Affecting Clinical Trials: The Cancer Trials Ireland Experience

Harry Harvey et al. JCO Clin Cancer Inform. 2023 Apr.

Abstract

Purpose: Cyberattacks are increasing in health care and cause immediate disruption to patient care, have a lasting impact, and compromise scientific integrity of affected clinical trials. On the May 14, 2021, the Irish health service was the victim of a nationwide ransomware attack. Patient care was disrupted across 4,000 locations, including 18 cancer clinical trials units associated with Cancer Trials Ireland (CTI). This report analyses the impact of the cyberattack on the organization and proposes steps to mitigate the impact of future cyberattacks.

Methods: A questionnaire was distributed to the units within the CTI group; this examined key performance indicators for a period of 4 weeks before, during, and after the attack, and was supplemented by minutes of weekly conference call with CTI units to facilitate information sharing, accelerate mitigation, and support affected units. A total of 10 responses were returned, from three private and seven public hospitals.

Results: The effect of the attack on referrals and enrollment to trials was marked, resulting in a drop of 85% in referrals and 55% in recruitment before recovery. Radiology, radiotherapy, and laboratory systems are heavily reliant on information technology systems. Access to all was affected. Lack of preparedness was highlighted as a significant issue. Of the sites surveyed, two had a preparedness plan in place before the attack, both of these being private institutions. Of the eight institutions where no plan was in place, three now have or are putting a plan in place, whereas no plan is in place at the five remaining sites.

Conclusion: The cyberattack had a dramatic and sustained impact on trial conduct and accrual. Increased cybermaturity needs to be embedded in clinical trial logistics and the units conducting them.

PubMed Disclaimer

Conflict of interest statement

The following represents disclosure information provided by authors of this manuscript. All relationships are considered compensated unless otherwise noted. Relationships are self-held unless noted. I = Immediate Family Member, Inst = My Institution. Relationships may not relate to the subject matter of this manuscript. For more information about ASCO's conflict of interest policy, please refer to www.asco.org/rwc or ascopubs.org/cci/author-center.

Open Payments is a public database containing information reported by companies about payments made to US-licensed physicians (Open Payments).

Seamus O'Reilly

Honoraria: Roche, Novartis Ireland Ltd, Pfizer, AstraZeneca

Consulting or Advisory Role: Pfizer, AstraZeneca

Travel, Accommodations, Expenses: Roche, AstraZeneca, Nordic Bioscience

No other potential conflicts of interest were reported.

Figures

FIG 1.
FIG 1.
Potential impact on patient care in a cyberattack.
See this image and copyright information in PMC

References

    1. Chang J: 119 impressive cybersecurity statistics: 2020/2021 data & market analysis. Finances Online [Internet]. 2022. https://financesonline.com/cybersecurity-statistics/
    1. Jercich K: The biggest healthcare data breaches of 2021. https://www.healthcareitnews.com/news/biggest-healthcare-data-breaches-2021
    1. Herald N: Waikato DHB cyber attack: Radiation therapy resumes for cancer patients. New Zealand Herald. 2021. https://www.nzherald.co.nz/nz/waikato-dhb-cyber-attack-radiation-therapy...
    1. Joyce C, Roman FL, Miller B, et al. : Emerging cybersecurity threats in radiation oncology. Adv Radiat Oncol 6:100796, 2021 - PMC - PubMed
    1. Conti Cyber Attack on the HSE : Independent post incident review. Commissioned by the HSE Board in conjunction with the CEO and executive management team. https://www.hse.ie/eng/services/publications/conti-attack-on-the-hse-ful...

Publication types