CommonSpirit Health has lately given an announcement about the development that has been done in recouping from a ransomware attack in October 2022 that impacted a lot of services throughout its network. The health system detected the attack on October 3, which compelled it to take down its IT systems, which include its MyChart electronic health records (EHRs). The attack affected the facilities of CommonSpirit Health, MercyOne, Catholic Health Initiatives (CHI Health), and St. Luke’s Health. All operations are following emergency protocols since the attack. Previously, CommonSpirit Health made a statement that the attack did not impact patient care and related systems at Centura Health, TriHealth and Dignity Health.
Over a month has passed since the attack and there are no normal business operations yet; nevertheless, CommonSpirit Health has lately stated that the most of affected locations already have EHR systems access. Patients belonging to those app can now access patient sites to access their medical documents. Consultation scheduling systems remain affected, therefore patients are told to get in touch with their provider’s business office directly to book appointments.
Forensic experts launched an investigation into the attack; nevertheless, CommonSpirit Health puts patient safety first and affected systems will be back online as fast and as securely as possible. The forensic investigation is attempting to set up what the attackers did to obtain preliminary access to its system enabling security changes to be executed, and to find out the magnitude of patient data compromise, if there’s any. CommonSpirit Health will give more updates awaiting the result of the investigation. The health system has reported the incident to the proper authorities. Third-party cybersecurity experts were called in to help with the restoration.
Although a number of healthcare companies have recovered from ransomware attacks fairly easily within 1 or 2 weeks after an attack, extended interruptions are typical. Twenty-two days is the average time of restoration. There are a number of variables that can impact the recovery time, such as the magnitude of the attack, the sophistication of the IT environment, and if the incident response plan was ready. The value of planning for security occurrences and obtaining a practiced incident response plan was lately accentuated by the HHS’ OCR in its October 2022 Cybersecurity Newsletter.