Maryland Health System Restores EHR One Month After Ransomware Attack
Greater Baltimore Medical Center (GMBC) HealthCare, a Towson, Md.-based health system, announced last week that it has begun to restore the organization’s electronic medical record (EMR) system after it was taken offline following a December ransomware attack.
On Dec. 6, GBMC HealthCare detected a cyber incident that impacted its information technology (IT) systems. While the organization itself didn’t release many details about the attack, according to a December report from CBS Baltimore, a nurse at the health system told the media outlet that the two weeks following the cybersecurity incident has already set the organization back decades. “Everything is on paper documentation,” the nurse said to the outlet, on the condition of anonymity. She added, per that report, “The fax machine just started printing out hundreds of pages, just saying, ‘you’re being attacked, you’re being attacked, you’re being attacked.’”
A month later, on Jan. 6, the hospital released a statement saying it will begin “restoring its EMR system, after being taken offline as a precaution.” The statement continued, “Our telephone and email systems are again functional. While GBMC regrets the incident caused some procedures to be rescheduled, this step was the prudent thing to do. We are confident we are on the right path and our work to provide the COVID-19 vaccine is on course.”
GBMC HealthCare operates several facilities, including the Greater Baltimore Medical Center, Gilchrist, Greater Baltimore Health Alliance, and GBMC Health Partners. The incident reportedly impacted the Greater Baltimore Medical Center and Gilchrist Hospice Care, according to a recent Baltimore Sun story.
John Chessare, M.D., the health system’s president and CEO, said in a message to patients last week that the telephone systems are now back up after a period in which callers were either getting a dead signal or would be subject to very long wait times, The Baltimore Sun reported. “We were attacked, and all our tightly connected computer systems went down. In addition, we have telephones that work via computers; they went down, as well. So, if you are our patient, let me extend our sincere apology to you, as you are not able to access your own medical record, you are not able to communicate with us through our patient portal, which is called MyChart,” Chessare said in that message. He added that all of those systems have been brought back up, according to the story.
Officials at GMBC noted that there is no evidence at this time that any patient information has been misused, and that they’re working with outside experts and law enforcement. The investigation is in its early stages, they added.
This incident is the latest in a series of costly cybersecurity attacks that continue to disrupt patient care operations. The University of Vermont Medical Center admitted last month that a recent ransomware attack and recovery that followed likely cost the hospital about $1.5 million a day in lost revenue and expenses. That system’s CEO said it did not pay attackers the ransom and only considered it for “about five seconds.” Federal agencies do not recommend paying ransoms. Payment does not guarantee files will be recovered, they have noted.