Health Systems Struggle to Recover From Cyber Attacks

Nov. 18, 2020
Several weeks after ransomware attacks, systems remain down and patient care is still disrupted

Health systems victimized by the recent wave of cyberattacks continue to face disruptions to care. For instance, in a recent statement, University of Vermont Health Network CEO John Brumsted, M.D., said his organization doesn’t yet have a timeframe for full recovery and restoration.

Vermont Gov. Phil Scott has called the Vermont National Guard into service to bolster UVM Health Network resources. Yet despite daily gains, the University of Vermont Medical Center and other sites are experiencing outages across a number of systems.

They now have read-only access to their Epic EHR. This gives providers access to patients’ existing health records up to Oct. 28. There is no access to the MyChart patient portal. The IT team continues its work to restore back-end systems that support patient-facing applications. A timeframe for full restoration remains unknown.

The radiology department wrote that, “We no longer have the ability to accommodate any outpatients in the department of radiology, and must divert outpatient requests to UVM Health Network affiliates. Until our systems are back online, this includes breast imaging — every type of mammogram, breast ultrasound screening and biopsies at all locations within the University of Vermont Medical Center. Our Imaging staff have limited access to patient data, but are reviewing schedules daily and contacting patients for those they know about.”

Surgeries & Procedures are open for emergency care, including traumas, strokes, heart attacks, and for other seriously ill adults and children, but some non-urgent elective procedures have been rescheduled and affected patients have been notified.

Brumsted wrote that the health system asks “for continued patience and understanding as we work without the tools and information we rely on to serve you efficiently.” He said they are “investing significant time and human resources in manual processes that, while slower than in normal times, allow us to deliver care to those who need it most.”

He added that federal authorities have directed UVM Health Network “not to discuss the details of the attack on our IT systems in order to preserve the integrity of their investigation. What I can tell you is that this attack was very broad in its reach. That means our response and restoration must be very carefully planned to be sure we can safely and securely restore our systems.”

UVM Health Network is not alone in having trouble rebounding quickly from the cyberattack. In a statement emailed to the Klamath Falls Herald and News, Paul Stewart, president and chief executive officer of Sky Lakes Medical Center in Oregon, said, “This will definitely have a detrimental impact on our bottom line, but it’s too soon to know the magnitude. While we will refuse to pay any extortion, we have cut back on some elective and outpatient services while our systems have been down. We are also having to spend money on new equipment that we had not anticipated, such as PCs and servers, etc., as well as extra labor expense. We cannot yet quantify the total impact, but it will likely be significant. We have some business-interruption insurance but do not anticipate it covering the full impact of the ransomware attack.”

Sponsored Recommendations

10 Reasons to Run Epic on Pure

Gain efficiency & add productivity to your Epic data center. Download now to learn more!

Payer Platform Services and Support

Let’s leverage Payer Platform for smooth, seamless operations.When tasks are important and need to be done right, you trust the experts. The same is true for your...

Pure Powers Progressive Payers

Increase your business agility with Pure’s digital payer platform.Legacy storage solutions cannot keep up with the ever-expanding initiatives in the payer market. To deploy...

Executive Handbook: Ten Transformative Trends 2024

The editors of Healthcare Innovation have published their annual Ten Transformative Trends ensemble of articles