Electronic Health Records

Adoption & Implementation News

EHR Downtime Results from Ransomware Attacks at CA, IN Hospitals

More hospitals and healthcare organizations experiencing EHR downtime as they suffer from ransomware attacks.

By Sara Heath

Ransomware attacks have been putting hospital technologies out of commission, pushing some healthcare organizations into EHR downtime.

The attacks, which involve viruses infecting hospital files, lock users out of IT systems until they pay a ransom to obtain an encryption key.

Just recently, two hospitals in California and Indiana have reported suffering a ransomware attack. 

At Alvarado Medical Center in San Francisco, California, IT experts are handling an IT infection, according to Paul Sisson of the San Francisco Union-Tribune. According to the article, hospital leaders are not saying which systems have been infected with the ransomware, only that no patient or employee files were affected.

This incident comes just after Chino Valley Medical Center and Desert Valley Hospital both reported a ransomware attack. The two hospitals reportedly mitigated the situation without paying a ransom, but the hospitals’ clinical workflows were greatly disrupted by the incident.

Both hospitals are owned by Prime Healthcare Services, as is Alvarado Medical Center. Prime Healthcare Services has not clarified whether this incident at Alvarado Medical Center is related to the two aforementioned attacks.

According to hospital spokespeople, it is business as usual at Alvarado. No critical IT systems were affected during the attack. 

“The hospital remains fully operational, and no patients have been turned away,” says Alvarado spokeswoman Laura Gilbert, according to Sisson. “All significant clinical systems needed for operations are fully functional. Our IT team took great efforts to protect and restore our systems and a ransom was never paid.”

Unfortunately, that doesn’t appear to be the case at an Indiana hospital dealing with a similar ransomware attack. According to Mike Perleberg of EagleCountry Online, Kings Daughters Health IT systems have been infected with the Locky ransomware.

Although patient files have not been affected, the hospital did reportedly shut down all of its health IT systems and is processing patient files manually.

Both of these incidents come after MedStar Health made headlines from its ransomware attack, which caused them to shut down their EHR systems.

As of March 31, MedStar Health was still experiencing some EHR downtime. According to hospital statements, providers reverted back to paper documentations and relied on system backups to deliver patient care.

"After a careful assessment and testing overnight, we are working to restore the majority of our IT systems today," the statement read.

"We are using backup systems, including paper documentation — a process used before the advancements of technology — where necessary, and as an additional layer of support to our clinical operations. We will continue to partner with experts in the field of IT and cybersecurity, as well as law enforcement, to continually assess the situation as we safely restore functionality."

According to representatives from Cerner Corporation – the EHR vendor which serves the DC-area healthcare system – the MedConnect EHR system was not affected, and was up and running at certain hospitals. 

"While all systems were taken offline as a precaution, Cerner solutions — including the MedConnect EHR system — were not penetrated. The MedConnect system is now online at limited facilities, and we continue to work closely with our client as the broader IT framework is brought back online," the spokesperson told EHRIntelligence.com.

Ransomware attacks and subsequent EHR downtime pose a considerable threat to the healthcare industry. Providers reliant on IT systems to access important patient information are left with few options when EHRs go offline. IT professionals and hospital executives are left in a difficult situation as they are torn between serving patient needs by paying the ransom and not cooperating with cyber criminals.

Healthcare professionals are lamenting this conundrum, stating that it is reprehensible that individuals should attack institutions geared toward serving patient needs.

“The attempt to negatively impact an institution designed to save lives and care for those in need is a sad and troublesome reality of our times, not only for MedStar Health, but for our entire industry and the communities we serve,” MedStar President & CEO Kenneth A. Samet, FACHE, said in an official statement.




Sign up to continue reading and gain Free Access to all our resources.

Sign up for our free newsletter and join 60,000 of your peers to stay up to date with tips and advice on:

EHR Optimization
EHR Interoperability

White Papers, Webcasts, Featured Articles and Exclusive Interviews

Our privacy policy

no, thanks

Continue to site...