Community pharmacies risk cyber breaches unless IT systems upgraded, warns pharmacy tech group

From 14 January 2020, free security updates will no longer run on any Microsoft Windows 7 operating system.

Computer in pharmacy

Community pharmacy IT systems could face cyber security breaches if pharmacists do not update their computer operating system before January 2019, the Community Pharmacy IT Group (CPITG) has warned.

The group, which includes representatives from the Pharmaceutical Services Negotiating Committee (PSNC), National Pharmacy Association, Royal Pharmaceutical Society, Company Chemists’ Association and the Association of Independent Multiple Pharmacies, has advised community pharmacists to update their Microsoft Windows 7 operating systems to Windows 10 before the tech company ends its free support of the older system on 14 January 2020.

After this date, Microsoft will no longer provide Windows 7 users with free security updates, although contractors are able to pay Microsoft for extended support.

The CPITG briefing, published on 23 September 2019, explained that, without the security support, “malware can spread much more easily on obsolete platforms because, without security updates, known vulnerabilities will remain un-patched”, and therefore, “such systems may be targeted by hackers”.

The briefing added that the change in support may require pharmacies to invest in “new [computers], and in some cases new printers”. 

“Windows 10 can run on older hardware, but as Windows 10 is a modern operating system it might struggle to work well on older machines,” the briefing said.

In a statement on its website, the PSNC advised contractors who are planning to upgrade computer hardware “to consider upgrading their Windows operating system at the same time”.

The PSNC also said that there are precautions pharmacies can take if this means delaying the update to computer operating systems until after the January date.

If pharmacies are still using Windows 7 computers after the cut-off date, the PSNC said pharmacists should “beware of fake anti-virus websites, pop-ups, emails, and phone calls”, and “limit any browsing to approved pharmacy websites only”, as well as only accessing trusted files.

The briefing also noted that pharmacies completing NHS Digital’s mandatory Data and Security Protection Toolkit by 31 March 2020, will be required to answer questions relating to the Windows operating systems they use.

Last updated
The Pharmaceutical Journal, Community pharmacies risk cyber breaches unless IT systems upgraded, warns pharmacy tech group;Online:DOI:10.1211/PJ.2019.20207102

You may also be interested in