I wonder if we can look at whitelisting the following files which are actually xlsm resources, but which are distributed as .exe files.
BACKGROUND
These are Power Query enabled Excel files, used for practices to track patients for the new Vaccination and Immunisation QOF indicators, since clinical systems make this particularly difficult. The result of this is a loss of income for the practice, we estimate around £16k-£20k for the average practice. Much of this loss is due to poor coding or transmission from previous practices. Of concern though is that some is due to the child being lost to follow-up, compounded by coding errors. The PCIT Monitor tools seek to help a practice resolve both issues, most importantly the clinical element.
Please see our KB support article for more background: https://support.primarycareit.co.uk/portal/en-gb/kb/articles/using-the-vi-tools
Our Clinical Risk Management Team have identified that, for the processing that occurs within the BI layer of Excel to be kept unaltered, we need to distribute the file in a locked format. This also prevents the file from being saved and transmitted with patient identifiable data loaded. Different CSUs and regions have different thresholds for allowing these files to run. Sophos (I think quite rightly) identifies the resulting executable as a potential security risk (Generic ML-PUA (Potentially Unwanted Application)).
File names:
PCIT VI001 Monitor.exe
PCIT VI002 Monitor.exe
PCIT VI003 Monitor.exe
PCIT VI004 Monitor.exe
They contain some VBA to automatically write an index worksheet for users and help with navigation, as well as allowing a file browser to load the data source for the BI layer to process.
If you need more detail the support team at Primary Care IT are happy to help and can be reached on theteam@primarycareit.co.uk
Many thanks