One of the nation’s largest health systems, Ascension, is responding to a cyber security incident that is impacting clinical operations and access to medical records.
Catholic health system Ascension has 140 hospitals and 40 senior care facilities across 19 states and the District of Columbia with approximately 134,000 employees.
The health system put out a statement about the incident. “On Wednesday, May 8, we detected unusual activity on select technology network systems, which we now believe is due to a cyber security event. At this time we continue to investigate the situation. We responded immediately, initiated our investigation and activated our remediation efforts. Access to some systems have been interrupted as this process continues.”
Ascension said its care teams are trained for these kinds of disruptions and have initiated procedures to ensure patient care delivery continues to be safe and as minimally impacted as possible. “There has been a disruption to clinical operations, and we continue to assess the impact and duration of the disruption.”
The Detroit Free Press was able to interview several clinicians about the event. ”There was a security concern, so they shut down the system," one physician told the Free Press. "It's affecting everything.”
Another Ascension Michigan doctor told the Free Press: "We have no access to medical records, no access to labs, no access to radiology or X-rays, no ability to place orders. We have to write everything on paper. It's like the 1980s or 1990s. You go to the X-ray room to look at the X-rays on film, you call the lab they tell you what the results are over the phone. So it's just much more cumbersome, but we do have training for these moments."
Ascension said it has engaged Mandiant to assist in the investigation and remediation process, and it has notified the appropriate authorities. It also is reaching out to business partners to ensure they are aware of the situation so they can take appropriate steps to safeguard their systems.
