Updated on 2022-10-12
US hospital network CommonSpirit Health is still struggling to get its IT systems up and running more than a week after they became infected with ransomware. Hospitals are still experiencing IT outages and disruptions to appointments. The attack began around October 3.
- Years ago, all businesses learned that if the power went out in the data center, business stopped. Backup power or facilities were required and became common. Once those were in place, the first power outage pointed out another important requirement: regular testing of switching over to back up mechanisms. These days outsourced (mostly cloud) services are the “new electricity” and those backup processes *and* testing of those processes are needed to reduce the impact that Common Spirit’s customers are reporting.
- Are you prepared to selectively take affected systems offline after an attack to rebuild them? Do you know the interdependencies of such actions? Can you reconcile transactions on connected systems? Dependency mapping, particularly in mature environments can be incredibly difficult, and may necessitate a response posture of taking large numbers of components offline rather than surgically addressing one at a time. Take a lead from actions taken during maintenance windows, typically based on lessons learned, for planning your approach.
Read more in
- CommonSpirit Update
- Hospitals Continue to Suffer Impacts of CommonSpirit IT Security Incident
- Hospital giant’s IT still poorly a week after suspected ransomware infection
- CommonSpirit confirms ransomware attack as U.S. hospitals deal with fallout
Updated on 2022-10-05
A cyberattack affecting CommonSpirit Health has led to IT outages at facilities across the US. CommonSpirit has 142 hospitals and more than 700 care sites in 21 states. CommonSpirit said it took down some IT systems as a precaution. Multiple facilities have said they are operating under electronic health record (EHR) downtime.
- EHR downtime means manual or fallback services are in use. If you have to fall back like this consider how you’re going to communicate with partners and suppliers. Can you fax them an order? Do you want to take the risk of using non-approved services or have vetted backup systems/procedures on standby? Maybe you want to mail that down.
Read more in
- Statement: IT Security Issue
- CommonSpirit Health Suffers IT Outages, EHR Downtime at Multiple Hospitals
- CommonSpirit cyberattack spurs IT outages at CHI Memorial, hospitals across US
- CommonSpirit Health reported an IT security incident affecting facilities in multiple regions
- CommonSpirit Health says it experienced ‘IT security incident’ in multiple regions
- CommonSpirit US nonprofit health system discloses security incident
An IT security incident at CommonSpirit Health impacted an undisclosed number of facilities that had to turn certain systems offline and reschedule patient procedures. Read more: CommonSpirit Health says it experienced ‘IT security incident’ in multiple regions