Fraud Management & Cybercrime , Healthcare , Incident & Breach Response
Ontario Hospital Among Latest Healthcare Cyberattack Victims
Also: 2 US Hospitals Still Recovering From Incidents Last WeekAn Ontario hospital says it is operating under significantly diminished conditions as it deals with a cybersecurity incident that began over the weekend.
See Also: Gartner Guide for Digital Forensics and Incident Response
Ross Memorial Hospital, a 183-bed Canadian community hospital in Lindsay, says in a statement posted on its website Tuesday that it has declared a "Code Grey" late Sunday night.
Code Grey is activated when a hospital experiences loss of utilities, such as power or water, and loss of critical IT systems.
Ross Memorial says its technology team is working with third-party cybersecurity experts to investigate the incident.
"In the meantime, as high-quality patient care is our priority, we are managing our established protocols to maintain continued delivery of our critical hospital services," the hospital says. "Our systems restoration plan is also ongoing, and we are communicating with our local, regional, and provincial partners regarding next steps."
The hospital is advising patients with "less urgent" conditions to consider seeking alternate options for care, such as their primary healthcare provider, pharmacist, after-hours clinic or virtual care while the facility deals with the situation.
Long Road to Recovery
Recent cyber incidents of similar magnitude felt by other hospital systems suggest it may be a while before operations at Ross Memorial can return to normal.
A Florida hospital system that experienced an incident on Thursday causing it to divert emergency patients and yank systems offline remains under "downtime procedures" and is still routing some patients to other facilities.
That entity, Tallahassee Memorial HealthCare, has resorted to using paper for work that is typically handled with electronic processes, such as registration, admission and patient care documentation, including prescriptions.
A Maryland hospital that last week confirmed it had been the victim of a recent ransomware attack is still unable to provide certain patient services as it recovers from the incident. As of Wednesday, Atlantic General's outpatient medical imaging and walk-in laboratory services remained "temporarily closed until further notice" as the entity deals with the incident (see: Cyberattack Wave on Healthcare Reaches Florida and Maryland).
Thomas Cope, chief security officer at security firm Next DLP, says these recent incidents underscore the importance of all hospitals preparing for similar potential IT outages.
"First and foremost would be to review and test backup and restore procedures so if a hospital does get hit they can recover to a clean system," he says.