A ransomware attack can cause an upheaval to hospital operations, from forcing systems to revert to paper records, temporarily suspend services and even, in some cases, permanently close their doors.
Wood Ranch Medical clinic in Simi Valley, Calif., closed Dec. 17, 2019, after losing all its patients’ medical records to a ransomware attack earlier that year. The ransomware attack encrypted patients’ health records and the clinic’s backup hard drives, which WRM said it was unable to restore.
“The damage to our computer system was such that we are unable to recover the data stored there and, with our backup system encrypted as well, we cannot rebuild our medical records,” WRM wrote in a statement to its website.
Battle Creek, Mich.-based Brookside ENT and Hearing Center also chose to permanently shut down after an April 2019 ransomware attack. When hackers infected the medical center’s records system with ransomware, they demanded a $6,500 ransom from the clinic’s co-founders so they could buy back access to the medical files. The clinic chose not to pay the ransom, and hackers erased all the system’s files, including patient records and appointment schedules.
The clinic’s co-founders John Bizon, MD, and William Scalf, MD, decided to retire early as a result of the cyberattack. The practice closed April 30, 2019.
While some hospitals and clinics may shut down permanently due to a cyberattack, others might take temporary measures such as halting patient admissions or canceling appointments. In September 2019, Campbell County Health suspended new inpatient admissions and canceled some surgeries for at least two days due to a ransomware attack. The Gillette, Wyo.-based health system closed services including endocrinology, cancer, cardiac rehab and radiology.
On Oct. 1, 2019, all three Tuscaloosa, Ala.-based DCH Health System hospitals temporarily closed to new patients as the result of a ransomware attack. DCH Regional Medical Center, Northport Medical Center and Fayette Medical Center diverted patients to alternative hospitals for 10 days until the health system could restore its computer systems and lift the diversion protocol.
More articles on cybersecurity:
CHS settles patient data breach for $5M
AdventHealth Orlando data incident affects info of 1,514 individuals
OCR settles HIPAA Right of Access case with Dignity Health for $160K
© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.