Wednesday, October 19, 2022

Ransomware Attack Hits CommonSpirit Health

 As a reminder to all the dentists out there who read this blog every day, you have to be vigilant and take cyber security seriously.  Attacks are happening all too frequently and can be devastating.  Here is the statement from hospital system CommonSpirit Health...  For the full response, follow this link.

We have been managing a response to a cyberattack that has impacted some of our facilities. Patients continue to receive the highest quality of care, and we are providing relevant updates on the ongoing situation to our patients, employees, and caregivers. Patient care remains our utmost priority and we apologize for any inconvenience this matter has created. 

As previously shared, upon discovering the ransomware attack, we took immediate steps to protect our systems, contain the incident, begin an investigation, and ensure continuity of care. Our facilities are following existing protocols, which includes taking certain systems offline, such as electronic health records and patient portals. In addition, we are taking steps to mitigate the  disruption and maintain continuity of care. To further assist and support our team in the  investigation and response process, we engaged leading cybersecurity specialists and notified  law enforcement. 

We continue to conduct a thorough forensics investigation and review of our systems and will also seek to determine if there are any data impacts as part of that process.  

There is no impact to clinic, patient care and associated systems at Dignity Health, Virginia Mason Medical Center, TriHealth or Centura Health facilities. For the other parts of our health system that have seen impacts on operations, we are working diligently every day to bring systems online and restore full functionality as quickly and safely as possible.  

Central to our decision-making has been and will continue to be our ability to carry out our mission in a manner that is safe and effective to those we serve. At CommonSpirit Health, we are dedicated to meeting the needs of the communities we serve and are guided by our core set of values, which include integrity, excellence, and collaboration. We are grateful to our staff and  physicians who are doing everything possible to mitigate the impact to our patients and ensure continuity of care. 

1 comment:

  1. I wish more healthcare companies would stop hiring point-and-click admins. There's a tremendous value to actually knowing how stuff works. In the last 20 years of managing IT in a number of healthcare environments, I've had *zero* data loss--including when a 32-site network got fully cryptolocker'd. Back up and running in under 30 minutes at *all* sites, not 30 minutes per-site. We've even had a server stolen. They had full access to their patient data in about 15 minutes thanks to our disaster recovery environment. No data loss. We had a sprinkler head break and destroy a server, switch, UPS, and a few other things. Office back online in 4 hours.

    The tools to accomplish that just aren't available in a point-and-click environment.