subscribe Support our award-winning journalism. The Premium package (digital only) is R30 for the first month and thereafter you pay R129 p/m now ad-free for all subscribers.
Subscribe now
The National Health Laboratory Service is considered the backbone of SA’s health system. File photo: DEON RAATH/GALLO IMAGES
The National Health Laboratory Service is considered the backbone of SA’s health system. File photo: DEON RAATH/GALLO IMAGES

The National Health Laboratory Service (NHLS) has yet to fully restore its systems more than three weeks after a cyberattack crippled its operations.

The NHLS is considered the backbone of SA’s health system, as it provides diagnostic tests and holds electronic records for patients using the public health system. It also offers some highly specialised tests that are not available in the private sector.

The cyberattack on June 22 forced the NHLS and doctors to revert to paper records, and delayed test results and operations. It also disrupted the NHLS’s financial and human resources systems, affecting its ability to pay staff and suppliers. The NHLS initially said it expected its systems would be fully operational by July 15.

“Rebuilding our systems has been an intricate and challenging endeavour. It entails not just restoring data and services, but also ensuring the infrastructure is robust, safe and resistant to future intrusions,” the NHLS said in a statement.

“Some systems are now operating, with more being available as soon as appropriate security measures are completed. We are making considerable progress and are committed to completing the restoration of all components,” it said.

Chair Eric Buch said it was unclear when the NHLS would be fully operational. An investigation by its audit and risk team was under way to determine whether the NHLS could have been better protected. No demand for ransom had been made, and the NHLS was not engaging with any parties claiming to be the hackers behind the cyberattack, he said, adding, “our focus is to rebuild a secure, clean system”.

The NHLS cyberattack came shortly after the National Health Service was targeted by hackers who stole patient data managed by pathology testing service Synnovis, disrupting thousands of GP and hospital visits. 

While the cyberattack had compromised the NHLS's ability to access its own data, there was no evidence that patient information had been stolen, said Buch. 

It was too soon to determine the financial impact of the cyberattack, but the NHLS expected a dip in revenue as the volume of tests ordered by the provinces had likely fallen, he said.

The NHLS said it had taken steps to mitigate the effect of the attack on its systems, including using an NHLS-designed platform called eLABS to provide clinicians with TB and HIV-related results that were generated before the security breach.

The platform also allows electronic registration of samples, and electronic results for newly registered specimens. The NHLS has also implemented a critical tests list to ensure urgent tests were prioritised.

The NHLS previously said no patient data had been compromised or lost. The attack had targeted selected points in the NHLS IT system to block communication from its laboratory information service and other databases to and from users. This meant its systems were inaccessible both within the NHLS and to outside parties such as hospitals and doctors. Its laboratories remained fully functional, but were unable to automatically issue electronic test results to doctors, or provide data on patient histories. As a result, doctors have had to either telephone the NHLS or collect test results in person.

Update: July 16 2024
This story was updated to include comment by NHLS chair Eric Buch

kahnt@businesslive.co.za

subscribe Support our award-winning journalism. The Premium package (digital only) is R30 for the first month and thereafter you pay R129 p/m now ad-free for all subscribers.
Subscribe now

Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.

Speech Bubbles

Please read our Comment Policy before commenting.