Cyberattacks on Hospitals Cause Significant Disruption at Neighboring Healthcare Facilities
A recent study has confirmed that healthcare cyberattacks not only cause disruption at the organization that experiences an attack but also at emergency departments at neighboring hospitals, where patients face longer wait times due to increased patient numbers which place a strain on resources.
The study involved a retroactive analysis of two academic emergency departments operated by a healthcare delivery organization (HDO) in San Diego, which were in the vicinity of an unrelated HDO that experienced a ransomware attack. The researchers looked at adult and pediatric patient volume, emergency medical services diversion data, and emergency department stroke care metrics for four weeks prior to the attack, during the attack, and four weeks after the attack.
The ransomware attack in question occurred on May 1, 2021, and affected an HDO with 4 acute care hospitals, 19 outpatient facilities, and more than 1,300 combined acute inpatient beds. The attack prevented access to electronic medical records and imaging systems and affected the HDO’s telehealth capabilities. Staff were forced to use pen and paper to record patient information and emergency traffic was redirected to unaffected facilities. The attack caused disruption for 4 weeks, and around 150,000 patient records were compromised.
An attack on one hospital will often see patient numbers increase at neighboring hospitals, and the increased volume of patients and resource constraints impact time-sensitive care for health conditions such as acute stroke. The researchers found there were significant disruptions to services at the neighboring healthcare facilities, even though they were not targeted or directly affected by the ransomware attack. Compared to the period before the attack, there was a 15.1% increase in the daily mean emergency department census, a 35.2% increase in mean ambulance arrivals, a 6.7% increase in mean admissions, a 127.8% increase in patients leaving without being seen, a 50.4% increase in visits where patients left against medical advice, and a 47.6% increase in median waiting room times.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
The researchers chose acute stroke care as an example of a time-sensitive, resource-intensive, technologically dependent, and potentially lifesaving set of complex actions and decisions, that required a readily available multidisciplinary team working in close coordination. The researchers observed a 74.6% increase in stroke code activations and a 113.6% increase in confirmed strokes compared to the pre-attack phase.
Since a ransomware attack on one hospital impacts other non-targeted healthcare facilities, the researchers suggest that ransomware and other cyberattacks should be classed as regional disasters. The researchers report no significant difference in door–to–CT scan or acute stroke treatment times, but suggest the disruptions due to ransomware attacks could easily lead to negative patient outcomes. “These findings support the need for coordinated regional cyber disaster planning, further study on the potential patient care effects of cyberattacks, and continued work to build technical health care systems resilient to cyberattacks such as ransomware,” wrong the researchers, who also suggest this should be made a national priority given the increase in cyberattacks on healthcare organizations in recent years.
The study – Ransomware Attack Associated With Disruptions at Adjacent Emergency Departments in the US – was conducted by Christian Dameff, MD, MS, Jeffrey Tully, MD, and Theodore C. Chan MD, and was published in JAMA Open Network.
