- Allscripts is still working to fully recover from a period of EHR downtime brought on by a ransomware attack targeting its cloud-based EHR and electronic prescribing of controlled substances (EPCS) systems less than a week ago.
The ransomware attack affected EHR-based applications hosted in the company’s Raleigh and Charlotte, North Carolina data centers, according to HIStalk.
Some users of Allscripts Professional EHR and EPCS systems were still manually writing prescriptions and relying on paper records as of Monday.
“Both our Shield and Hosting teams are still working diligently to resolve the EPCS issue,” said Allscripts in a January 18 statement to users. “We will provide an update as soon as there is a status change or the issue is resolved. We apologize for any inconvenience this has caused.”
An Allscripts user told HISTalk other functions affected by the ransomware attack include InfoButton, regulatory reporting, clinical decision support, direct messaging, and Payerpath. Allscripts has not posted any statements about the period of EHR downtime on its website.
The Moss Free Clinic in Virginia relies on Allscripts cloud-based EHR and EPCS systems and was one of the limited number of Allscripts users still dealing with the administrative consequences of the attack on Monday.
“You can’t look at anything, all the patients’ history and everything is there,” Medical Director Patrick Neustatter told Fredericksburg.com. “It’s crazy.”
While administrators were unable to consult the system to see which patients had appointments in the days the system was down, Executive Director Karen Dulaney said the clinic did not cancel any appointments. However, administrators were unable to schedule future appointments.
Physicians and nurse practitioners manually wrote out patient encounter notes, and scribes complained about the challenges of interpreting messy handwriting. While most systems at the clinic were back online Monday morning, prescriptions still had to be handwritten on paper.
Neustatter said “people’s care would have suffered” if the majority of systems had remained offline much longer given the amount of necessary clinical information that was virtually inaccessible to providers in the days after the attack.
Fredericksburg-area clinician Steven Mussey was not affected by the attack, but said a statement from Allscripts to users depicted the problem as minor. However, he had heard from area doctors and administrators that he problem was significant and threw many practices into “frantic meltdown mode.”
The virus was determined to be a high-risk form of ransomware known as SamSam.
Shortly after the attack, Allscripts spokesperson Concetta Rasiarmos told HealthITSecurity.com the ransomware incident had only affected a limited number of Allscripts applications.
“We are working diligently to restore these systems, and most importantly, to ensure our clients’ data is protected,” Rasiarmos stated.
Rasiarmos also insisted no patient information had been compromised during the security event.
“Although our investigation is ongoing, there is currently no evidence that any data has been removed from our systems,” Rasiarmos continued. “We regret any inconvenience caused by this temporary outage.”
The Allscripts network includes more than 180,000 doctors, 2,500 hospitals, and 7.3 million patients.
A handful of hospitals have been forced into EHR downtime in recent months.
Jones Memorial Hospital in New York endured a two-week stretch of EHR downtime after a cyberattack infected its MEDITECH system in late December. The hospital was able to continually provide care throughout the security incident, and no patient financial or medical information was compromised.
Earlier this month, Michigan-based Henry Ford Health System was also forced into EHR downtime as a result of a power outage. While systems were only down for one day, the health system did experience some delays in patient care delivery.