The EMS team raced against the clock to get their cardiac patient to the nearest hospital. But as they got closer, the dispatcher called to divert them to another facility fifteen minutes farther away. The closer hospital was in the midst of a cyberattack, unable to access its computers, and scrambling to care for patients already there.
This scene is more common recently as cyber thieves boldly attack healthcare institutions without regard for the consequences. Last week, Tri-City Medical Center in San Diego diverted ambulances and patients to other facilities because of a ransomware attack; last month Westchester Medical Center Health Network in Hudson Valley, NY did the same thing.
In addition to EMS diversions, other negative impacts include delayed surgeries, complications from medical procedures, incorrect medication dosing, and increased mortalities.
Tri-City Medical Center in San Diego
Tri-City Medical Center is an acute care public hospital with 144 beds serving the San Diego County communities of Carlsbad, Oceanside, and Vista. On Thursday morning, November 9 Tri-City detected a cyberattack causing it to shut down IT systems and start diverting emergency patients elsewhere. According to the Tri-City website, they engaged a third-party cybersecurity team to investigate, and notified law enforcement.
In addition to the diversions, Tri-City rescheduled pending surgeries and appointments; but continued to care for some walk-in patients with emergencies.
As of today, there is no more detail about the type of cyberattack or whether patient data was compromised. The investigation is ongoing.
Westchester Medical Center Health Network in Hudson Valley, NY
The first news of the cyberattack came on Monday October 16, when WMCHealth posted an announcement on its website to let patients know that HealthAlliance of the Hudson Valley, including HealthAlliance Hospital, Margaretville Hospital, and Mountainside Residential Care Center, was experiencing a potential cyberattack and IT system outage.
Ambulances serving Westchester Medical Center Health Network (WMCHealth) were diverted for about three days, from Thursday October 19 through Saturday evening, October 21. However, emergency stroke patients were still being diverted after this, according to WMCHealth’s website.
By October 20, WMCHealth decided to shut down shut down all connected IT systems at the three affected facilities. Its last website update, on October 23, noted that they were working to restore full IT capacity, “a process that is ongoing, but we have regained all necessary capabilities to resume full operations.” There has been no further update since.
Cyberattacks Threaten Healthcare and Patient Safety
These two cyberattacks are similar to others that have threatened patient safety recently.
- Ransomware interrupted operations and negatively affected patient care at CommonSpirit Health last year. News reports at the time described a pain medication overdose and delayed cancer surgeries resulting from the electronic records system was out of service.
- A ransomware attack in October, 2023 on five hospitals in Ontario, Canada disrupted patient care for several weeks. Full system recovery is expected to last into mid-December.
- In August, 2023 a ransomware attack on Prospect Medical Holdings, which operates 16 hospitals and more than 165 clinics and outpatient centers in Connecticut, Pennsylvania, Rhode Island and Southern California caused wide disruptions throughout its network affecting patient care.
- Smaller regional healthcare providers are particularly vulnerable to cyberattacks. In June, a rural Illinois medical system, St. Margaret’s Health, shut down permanently placing some of the blame on a 2021 ransomware incident that interrupted revenue and operations.
A Wider Trend
In January, 2023 the Ponemon Institute published a research study about the effects of ransomware on patient safety. The study is an update to the Institute’s research published in September, 2021 on the same topic.
The research shows that more patients are being negatively affected by cyberattacks over the last two years.
Below are several key findings.
- Almost half of the healthcare organizations who responded to the Ponemon survey said they had experienced a a ransomware attack in the past two years, an increase from 43 percent in 2021. In the past two years, 93 percent of these respondents experienced at least one (65 percent) or between two and five ransomware attacks (28 percent).
- More than half of those who experienced ransomware say it disrupted patient care.
- The most prevalent impact was an increase in patients transferred or diverted to other facilities from 65 percent of respondents last year to 70 percent of respondents this year. Complications from medical procedures increased significantly from 36 percent of respondents to 45 percent of respondents; and 21 percent of respondents say ransomware has an adverse impact on patient mortality rates.
The study recommends that healthcare organizations use benchmarking – comparing themselves against other organizations and cybersecurity standards – to improve decision making around cybersecurity planning.
HIPAA Security Rule is a Benchmark
Preventing ransomware is achievable. The best defense to cyber crime is strong HIPAA compliance, including a Risk Analysis, and following the Security Rule.
For ransomware specifically, the recent StopRansomware Guide from the Cybersecurity & Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) contains the most up-to-date strategies about how to fight back against the latest threats.
At The HIPAA E-Tool® we understand today’s cybersecurity challenges facing healthcare. We’ve designed a solution to strengthen HIPAA compliance and give you answers you need to prevent ransomware and focus on patient care. Without interruptions.