No, just take some anti hack measures.

The company has been overcharging the NHS by £millions.

https://www.independent.co.uk/news/uk/politics/exclusive-overcharging-by-outsourcing-giant-serco-costs-nhs-millions-9695342.html

// Internal documents leaked to Corporate Watch in August 2014 indicate that the company overcharged the NHS for diagnostic tests. A 2013 internal audit by Guy's into three of the 15 laboratories run by Viapath found its invoicing and billing systems were “unreliable” and contained “material inaccuracies”, amounting to an overcharge of £283,561 over a sample three-month period. A variety of complaints by clinicians were recorded, centring on a policy of employing staff who were less experienced and less expensive. In a review of its first four years, marked “strictly confidential”, Chief Executive Richard Jones admitted that it had “achieved much less than hoped” and that “initial attempts at transformation were badly handled and ended up costing money rather than saving it”. //

11:26, not very good ones it seems.

In the world of IT Russian hackers are Accrington Stanley level, if we are getting hacked by them then the system is seriously weak. They tend to pick on municipal targets beacause they have the softest defences.

...that's not to say there are no decent Russian Hackers but if they are any good they are snapped up by the west, either in organised crime or for very good salaries in the private sector. The Russian state hackers are the ones that could not get a decent job.

11:40 "My point is when systems go down everything stops.  With hard back-up, that needn't happen" - it need not happen if the organisation has a good DR setup. We have DR sites that we flip flop every six months. If one got nuked we could switch to the other in a matter of minutes. Though that would be least of our worries!

Paper files?  Why not go the whole hog and use tablets of stone with a chissel?

As TTT says the security is the problem, so many Public sector departments dont have the first clue.  Neither do they have any clue when negotiating contracts.  Hapless the lot of them.

One way round this would be to have the NHS on a hard backbone.  i.e. no internet.  But that costs of course and its far better to spend money on huge manager salaries and diversity champions.

Yes TTT, DR and BCP seem alien concepts to these people.  Probably never heard of local failover either.

Whats the betting they dont even have working and tested UPS?

The Hospital Trusts know their internal systems are weak, which is why they employ private companies to look after various IT requirements. It is those outside contractors that have been remiss in this hack.

Time for a return to the relative safety of a back-up of paper files? not  really - simply un-do-able

the number of trade transactions in  the european areanow exceeds a trillion a year ( 1000 bn) - UK never processed  moe than 250 million

and so  it  is in health

//It is those outside contractors that have been remiss in this hack.//

No.  The contract should state the requirement, the Vendor Manager should ensure it is done and the QAT/UAT teams should test.  There should also be an indpendant PEN test organised by the Vender Manager (Civil service) to ensure compliance.

There is no getting around it, in this case Hospital Trusts are utimately resonsible (Just as Venables was/is for the scandal)

//the number of trade transactions in  the european areanow exceeds a trillion a year ( 1000 bn) - UK never processed  moe than 250 million//

What on earth are you blabbering on about?

is PP not answering the question in the OP about returning to a paper regime? Sadly, the world just isn't geared up for such things anymore except maybe in a few corner shops.

Not that paper files are a cure-all: the hospital's lost all mine.

I reckon most of these hacking events are state sponsored. Either Russian or Chinese government.

It wasn't always the case but that's the way it seems to be going.