EHR system restored at Ascension following cyber attack

  • 19 June 2024
EHR system restored at Ascension following cyber attack
The stars and stripes: the US Department of Defense has picked Cerner to provide a new EHR.

US non-profit health system Ascension has confirmed that its electronic health record (EHR) system has been restored across all of its sites following a ransomware incident last month. 

The Catholic health system’s EHR and various systems used to order tests, procedures, and medications were left out of operation by the cyber attack on 8 May 2024.

In a cybersecurity update, published on 14 June 2024, a spokesperson for Ascension said that clinical workflow in its hospitals and clinics would now “function similarly to the way it did prior to the ransomware attack”.

“This also means patients should see improved efficiencies in appointment scheduling, wait times for appointments and prescription fulfilment,” they continued.

The spokesperson added that investigation into the incident is ongoing, along with the remediation of additional systems.

“The developments shared today represent a highly encouraging milestone in our organisation’s journey toward full recovery,” they said.

In a cyber security update on 12 June, Ascension said that it believes cyber criminals gained access to the system when an individual working in one of its facilities accidentally downloaded a malicious file that they thought was legitimate.

Although Ascension has no evidence that any information has been taken from its EHR and clinical systems, a spokesperson said that the attackers took files “from a small number of file servers used by our associates primarily for daily and routine tasks”.

They added that these files may contain protected health information and personally identifiable information for some patients.

The ransomware attack on Ascension is one of several cyber attacks which have caused major disruption to services at large healthcare organisations this year.

More than 800 planned operations and 700 outpatient appointments were rearranged in the week following a cyber attack on pathology service provider Synnovis, which took place on 3 June 2024.

Meanwhile, NHS Dumfries and Galloway has warned almost 150,000 patients to assume that their personal data is likely to have been stolen and published online following a major cyber attack in March.

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Related News

Over 6,000 operations and appointments delayed by London cyber attack

Over 6,000 operations and appointments delayed by London cyber attack

More than 6,000 operations and appointments have been postponed at London hospitals affected by the Synnovis cyber attack, NHS England has confirmed.
Patient groups oppose NHSE plans for unified clinical registry platform

Patient groups oppose NHSE plans for unified clinical registry platform

Patient groups for people with blood disorders have raised concerns about NHS England plans to combine clinical registries in a single platform.
Harnessing AI and cybersecurity to transform healthcare in the UK

Harnessing AI and cybersecurity to transform healthcare in the UK

The UK healthcare sector is in a transformative era, driven by advancements in artificial intelligence (AI). AI has the potential to revolutionise healthcare by improving…