Attacks on Health: The Flawed, Politicized WHO Surveillance System
This paper examines the World Health Organization's Surveillance System for Attacks on Health Care (SSA), established in 2017 to monitor threats to health care in conflict, identify patterns, and inform prevention and response. It argues that the SSA is structurally compromised by an inherent contradiction between its humanitarian coordination function and the quasi-legal implications of documenting "attacks on health care" — a term grounded in international humanitarian law that implies intentionality, attribution, and legal culpability. This contradiction, compounded by methodological flaws, politicised pressures, and weakened norms of humanitarian neutrality, produces systematically biased and unreliable data. The resulting distortions not only misinform policy but enable the politicised misuse of health data to advance unsubstantiated allegations of international law violations, undermining global efforts to protect health care in conflict. Specific patterns of omission are documented across multiple contexts: Hamas's systematic militarisation of health facilities in Gaza — including tunnel infrastructure beneath hospital compounds and armed interference with medical staff — is absent from SSA datasets. Iranian security forces' criminalisation of health care during the 2025–2026 protests went unrecorded for months. The Houthi kidnapping of over 70 UN and health workers in Yemen remains absent from the record entirely. At the WHO Executive Board's 158th session in February 2026, SSA data was cited to claim that "almost 1,000 people have been killed in documented attacks by Israel" — nearly half derived from the Al-Ahli Hospital explosion, later attributed by multiple independent analyses to a misfired Palestinian rocket. The record remains uncorrected.
HEALTHCARE
"The SSA captures a wide range of disruptions to health care delivery — from direct IHL violations to broader conflict-related impacts — but applies a single legally charged label to all of them indiscriminately. This is the primary mechanism through which operational data is converted into legal and political claims."
Six Interconnected Failures
01: Mandate ambiguity enables definitional overreach. Applying the legally charged label "attacks on health care" to a broad operational dataset creates a mismatch between what the data captures and what the terminology implies.
02: Definitional overreach undermines verification. There is no institutional incentive to apply verification standards rigorously when the mandate itself conflates operational and legal documentation.
03: Weak verification is sustained by opacity. The system suppresses not only personal identifiers but the contextual and institutional information that would allow external scrutiny, making it impossible in most cases to match a reported incident to an external news account.
04: Opacity entrenches selective reporting. Data is concentrated where humanitarian infrastructure is densest and international attention highest. Violations by actors who control reporting access go systematically unrecorded.
05: Selective reporting enables misuse. The WHO formally disclaims attribution while structurally enabling it — through senior official statements and regional body communications that imply specific attribution without making it explicit.
06: No correction mechanism. Errors persist and circulate unchallenged — hardening into authoritative claims despite their limitations, with no formal process to flag, review, or correct the record.
Seven Recommendations
01: Resolve the Mandate Ambiguity. Formally affirm that the SSA is a public health tool, not a legal documentation mechanism.
02: Recenter the System on Prevention and Health Outcomes. Evaluate the SSA by its contribution to protecting health care, not by incident counts or political impact. Orient it toward actionable insights for risk reduction and real-time Health Cluster coordination.
03: Reform Definitions and Classification Frameworks. Replace "attacks on health care" with precise and non-politicized terminology such as "conflict-related disruptions to health care". Publish contextual indicators — including potential claims of prior military use of a facility, whether damage resulted from direct targeting or collateral effects, and whether caregivers or patients could have been acting in combatant roles — to enable causal analysis and the development of effective prevention strategies.
04: Strengthen Verification Methodology. Expand verification to cover incident characteristics, not only occurrence. Establish transparent criteria for partner reliability, explicitly assessing whether partners operate under the influence of actors whose conduct they report.
05: Increase Transparency and Enable Independent Scrutiny. Expand public data access to include metadata on source categories, public reporting, and incident details. Enable independent auditability.
06: Address Systematic Bias and Underreporting. Diversify data sources beyond partner reporting. Systematically capture underreported categories: militarization of facilities, coercive interference in care, criminalization of health personnel, and area-wide threats.
07: Establish Safeguards Against Misuse. Embed usage disclaimers in all outputs. Establish a formal correction mechanism. Require WHO communications to align with its mandate; make the unpublished SSA communications strategy public and subject to external review.
The full article by Center for Medical Integrity is available here.