Chamber and committees

The Scottish Government has funded the creation of 68 additional training places in clinical radiology since 2014 in line with recommendations made by the Scottish Shape of Training Transition Group (SSoTTG). The number of funded posts in clinical oncology has also increased by 15 over the same period. The SSoTTG is currently undertaking its annual review of medical training establishments and will be submitting recommendations later in the year for expansion taking place in 2025. This annual review will consider the need for expansion in all medical specialties, including clinical radiology and clinical oncology, to ensure that Scotland has a sufficient supply of trained doctors coming through the system to meet anticipated future demand for consultants. Recommendations to expand are informed by medical workforce modelling undertaken by NHS Education for Scotland.

The investigation into this attack is on-going, and will take several more months to conclude, as such it is not currently possible to determine.

Patient data is typically held on the IT infrastructure of the Health Board delivering, or having previously delivered, the individuals care. This can include data initially generated by other Health Boards or health and care organisations that is transferred to the NHS Dumfries & Galloway (e.g. referral letters) in order for them to deliver the best quality care.

Only data held on the NHS Dumfries and Galloway IT infrastructure was stolen during this cyber-attack.

The patient data stolen during this incident was contained within the NHS D&G IT infrastructure. The vast majority of data related to people who are currently registered as NHS Dumfries and Galloway patients. However, some people currently registered as patients elsewhere will also have interacted with NHS Dumfries and Galloway in recent years, for example receiving treatment while travelling or on holiday, and it is possible that information relating to them may also have been stolen.

In addition, data controlled by National Records of Scotland was also stolen. I refer the member to the answer to question S6W-27770 on 22 May 2024 for more information. All answers to written Parliamentary Questions are available on the Parliament's website, the search facility for which can be found at https://www.parliament.scot/chamber-and-committees/questions-and-answers .

Patient data is typically held on the IT infrastructure of the Health Board delivering, or having previously delivered, the individuals care. This can include data initially generated by other Health Boards or health and care organisations that is transferred to the NHS Dumfries & Galloway (e.g. referral letters) in order for them to deliver the best quality care.

Only data held on the NHS Dumfries and Galloway IT infrastructure was stolen during this cyber-attack.

The National Cancer Medicines Advisory Group (NCMAG) will review the use of Anastrozole, Tamoxifen and Raloxifene as a preventative treatments for post-menopausal women at a moderate or high risk of breast cancer at a rescheduled meeting in Autumn 2024.

In anticipation of potential NCMAG advice, Scottish Government is considering how these drugs may fit in to a chemoprevention care pathway within NHS Scotland, including patient identification and monitoring.

The information requested is not held centrally, it is the responsibility of NHS Health Boards to implement these controls.

The Scottish Government Public Sector Cyber Resilience Framework which applies to all public bodies in Scotland, including health boards and Local Authorities is the framework to which Network Information Systems Regulation 2018 NHS Health Board compliance audits are conducted against.

Controls within the Scottish Government Public Sector Cyber Resilience Framework require that multi-factor authentication is implemented to cover and manage security risk, defending systems against cyber-attack, detecting cyber security events, and minimising the impact of cyber security incidents.

The Scottish Government prepared its draft Transport to Health Plan in 2023, we are continuing to engage with the relevant partners on the commitments contained within the plan. It is expected that the plan will be published by September 2024.

The Scottish Government prepared its draft Transport to Health Plan in 2023, we are currently engaging with the relevant partners on the commitments contained within the plan. It is expected that the plan will be finalised by the end of September 2024. We do not intend to publish the draft plan while it is still being developed.

Scottish Government welcomed the transport to health and social care report from the Mobility and Access Committee (MACS) and agreed to develop a transport to health plan in response.

Progress has been made against the recommendations including bringing more focus and prominence in work with the relevant partners including Regional Transport Partnerships and Health Boards to take forward specific actions and commitments towards better joined up care planning and working.

Recognising the importance of the recommendations, Transport Scotland have included Transport to Health as one of seven thematic workstreams in their approach for delivery of the Accessible Travel Framework

The programme of NHS reform will consider the recommendation that transport should be built in as an integral part of the care pathway.