CommonSpirit Health has recently provided an update on the progress that has been made in recovering from an October 2022 ransomware attack that affected many facilities across its network. The attack was detected on October 3, which forced the health system to take its IT systems offline, including its MyChart electronic health records (EHRs). CommonSpirit Health, Catholic Health Initiatives (CHI Health), MercyOne, and St. Luke’s Health facilities were affected and have been operating under emergency procedures since the attack. CommonSpirit Health had previously stated that there was no impact on patient care and associated systems at Dignity Health, TriHealth, and Centura Health.
It has now been more than a month since the attack and business operations have yet to return to normal; however, CommonSpirit Health has recently confirmed that the majority of impacted locations now have access to their EHR systems again and patients of those facilities should now be able to access patient portals to view their medical records. Appointment scheduling systems are still affected, so patients have been advised to contact their provider’s office directly to arrange appointments.
A forensic investigation into the attack was launched; however, the priority has been patient safety and bringing affected systems back online as quickly and safely as possible. The forensic investigation is trying to establish the methods used by the attackers to gain initial access to its network to allow security updates to be performed, and to determine the extent, if any, that patient data has been compromised. CommonSpirit Health will provide further updates pending the outcome of the investigation. The incident has been reported to law enforcement and third-party cybersecurity consultants have been engaged to assist with the recovery.
While some healthcare organizations have been able to recover from ransomware attacks relatively quickly within 1 or 2 weeks following an attack, longer disruptions are common, with the average recovery time being 22 days. There are several factors that can affect the recovery time, including the extent of the attack, the complexity of the IT environment, and whether a practiced incident response plan was in place. The importance of planning for security incidents and having a practiced incident response plan was recently emphasized by the HHS’ Office for Civil Rights in its October 2022 Cybersecurity Newsletter.
The post CommonSpirit Health Says EHRs Mostly Back Online Following Ransomware Attack appeared first on HIPAA Journal.