On March 28, MedStar Health, based in Columbia, Md., shut down its computer networks to halt the spread of malware that stopped certain users from logging into the system. The virus did not affect patient records or the health system's Cerner system, according to a MedCity News report.
Here are seven things to know about the cyberattack and the health system's response.
1. Cerner's solutions, including the MedConnect EHR, at the health system were taken offline as a precaution, according to the MedCity News report. The EHR is back online at some of the health system's locations.
2. During the system downtime, MedStar turned away some patients, according The Washington Post. The health system's IT was down across its 10 hospitals and more than 250 outpatient locations.
3. The hospital released a statement yesterday saying it was working to restore the majority of its IT systems. According to The Washington Post, hospital staff can view patient records but cannot update them. While the systems are down, MedStar is relying on paper documentation and backup systems.
4. There was speculation the attack was another ransomware incident, but MedStar does not indicate as such in its statement. The Washington Post reports a number of health system employees said they saw pop-up messages on their computers demanding payment in bitcoins, including one woman who said a pop-up ransom note demanded the equivalent of roughly $19,000. MedStar makes no mention of the nature of the virus.
5. "Despite the challenges affecting MedStar Health's IT systems, the quality and safety of our patients remains our highest priority, which has not waned throughout this experience. Fortunately, the core ways in which we deliver patient care cannot be altered, manipulated or harmed by malicious attempts to disrupt the services we provide," said Stephen R.T. Evans, MD, executive vice president of medical affairs and CMO of MedStar Health in the prepared statement.
6. Though hospital spokespeople denied the incident impacted patient safety, The Washington Post included anonymous quotes from clinical staff members saying otherwise. Two nurses commented on the "chaotic" environment caused by the downed IT systems, while a physician indicated the situation affected patient safety, according to the report.
7. The FBI is investigating the malware attack.