The Rebel Patient™

Share this post

The Rebel Patient™
The Rebel Patient™
Cyberattack at Ascension Health Disrupts Everyday Clinical Operations
Copy link
Facebook
Email
Notes
More
Medical Freedom

Cyberattack at Ascension Health Disrupts Everyday Clinical Operations

Affects Medical Records, Prescribing, Procedures, and Testing at Ascension Health facilities in Florida, Wisconsin, Texas, Oklahoma, Indiana and Michigan 140 Hospitals, 40 Nursing Homes in 19 States.

Dr Margaret Aranda
May 13, 2024
∙ Paid
13

Share this post

The Rebel Patient™
The Rebel Patient™
Cyberattack at Ascension Health Disrupts Everyday Clinical Operations
Copy link
Facebook
Email
Notes
More
4
5
Share

Last Wednesday, Naomi Diaz reported on a cybersecurity attack affecting Ascension Health’s entire electronic medical record system.

Her article (emphases are mine):

A cyberattack is disrupting clinical operations at St. Louis-based Ascension.

On May 8, Ascension detected unusual activity on its network and said in a news release that it believes this is due to a cybersecurity incident. 

"At this time we continue to investigate the situation. We responded immediately, initiated our investigation and activated our remediation efforts," the release reads. "Access to some systems have been interrupted as this process continues." 

Ascension said the incident has affected clinical operations and that it is recommending its business partners "temporarily suspend" their connection to the health system environment. 

Cybersecurity firm Mandiant is aiding Ascension's investigation. Ascension said if sensitive information was compromised, it will immediately notify affected individuals.

News outlets are reporting that the incident is affecting Ascension facilities in Florida, Wisconsin, Texas, Oklahoma, Indiana and Michigan. 

Ascension includes 140 hospitals and 40 older adult living facilities in 19 states.

If you are near or dependent upon any of these 140 host, stay safe and free from injury.

Thank you for reading The Rebel Patient™. Please feel free to share.

Share

The Rebel Patient™ is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber.

“An Ascension Spokesperson” Statement

We continue to diligently investigate and address the recent ransomware incident, working closely with industry leading cybersecurity experts to assist in our investigation and restoration and recovery efforts. Additionally, we have notified law enforcement, as well as government partners including the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Health and Human Services (HHS), and the American Hospital Association (AHA). We remain in close contact with the FBI and CISA, and we are sharing relevant threat intelligence with the Health Information Sharing and Analysis Center (H-ISAC) so that our industry partners and peers can take steps to protect themselves from similar incidents.

While our restoration work continues in earnest, our focus is on restoring systems as safely as possible. While we expect this process will take time to complete, we are making progress and systems are being restored in a coordinated manner at each of our care sites. We will continue to share updates on our recovery process.

What Happened?

On May 8, Ascension detected unusual activity in our network systems, which we have determined is due to a ransomware attack. We continue to diligently investigate and address this ransomware incident, and are working closely with external experts and federal law enforcement. While our restoration work continues in earnest, our primary focus is on restoring systems as safely as possible and, as such, we expect this process will take time to complete.

  • What services are impacted?

    Systems that are currently unavailable include our electronic health records systems and various systems utilized to order certain tests, procedures and medications.

    Our hospitals and facilities remain open and are providing care. However, due to downtime procedures, several hospitals are currently on diversion for emergency medical services in order to ensure emergency cases are triaged immediately.

  • What are downtime procedures?

    Downtime procedures are safe clinical practices born out of necessity. They are predefined steps that all healthcare organizations follow during a system or network failure developed in case of a potential threat. We are taking all necessary precautions at this time and our downtime procedures require our highly qualified, dedicated medical, nursing and clinical teams to utilize manual processes to ensure patients are properly cared for.

    Manual processes including moving to paper records and processing everything by hand are being utilized for varying clinical processes including dispensing medication, inputting health medical records, ordering and completion of diagnostic tests and procedures, contacting patients and sharing information securelY.

  • When will the restoration be complete?

    We do not have a timeline for completion. While our restoration work continues in earnest and we are making progress, we expect this process will take time to complete. We will continue to share updates on our recovery process. These updates can be found on our website at https://about.ascension.org/cybersecurity-event.

  • When will the investigation be complete?

    Investigations of this nature take time to complete. While we are not able to provide an exact timetable, we will continue to provide updates as appropriate. These updates can be found on our website at https://about.ascension.org/cybersecurity-event.

  • Is my personal health information impacted?

    The investigation into the scope of the incident is ongoing, and we continue to work with internal and external experts as well as law enforcement. Should we determine that any sensitive information was affected, we will notify and support those individuals in accordance with all relevant regulatory and legal guidelines.

  • What do patients need to know and do?

    Patients scheduled to see their doctors should bring to their appointment notes on their symptoms and a list of current medications and prescription numbers or the prescription bottles so their care team can call in medication needs to pharmacies.

This means your doctor will have no idea what your medical problems are, what medications you are on, and you'll need to bring in some notes to save time. I wouldn't be surprised if they took the notes to scan them into the records at a future date.

Just terrible. They have no paper backup, ability to electronically write orders, or send prescriptions, referrals, or schedule for surgery. Clinics will be backlogged and everything will be slow.

  • I have an onsite appointment, should I still go?

    Yes. Our hospitals and facilities remain open and are providing care. Out of an abundance of caution, however, some non-emergent elective procedures, tests and appointments have been temporarily paused while we work to bring systems back online. Our teams are working directly with any patient whose appointment or procedure will need to be rescheduled. We understand the frustration this may cause and sincerely regret any inconvenience to our patients.

    However, unless instructed otherwise by your care team you should continue to attend appointments as scheduled.

Of course they have to say that. But I bet that most will be glad they stayed at home.

  • Are Ascension locations still accepting patients?

    Our hospitals and facilities remain open and are providing care. However, due to downtime procedures, several hospitals are currently on diversion for emergency medical services in order to ensure emergency cases are triaged immediately. Safely caring for our patients remains our highest priority as we navigate this cybersecurity incident.

  • What if I have an emergency or need an ambulance?

    Due to downtime procedures, several hospitals are currently on diversion for emergency medical services in order to ensure emergency cases are triaged immediately. If you are experiencing a medical emergency, please contact 911 and your local emergency services will bring you to the nearest hospital emergency room.

More than usual, avoid accident or injury.

  • I am currently hospitalized – should I be concerned?

    Safely caring for our patients remains our highest priority as we navigate this cybersecurity incident. We understand you may be concerned, but our workforce is well trained in providing patient care with established downtime protocols and procedures.

Of course I think you should be concerned that no one has been using any downtime protocols. I believe they're making it up as they go.

May 9, 2024 - 5:30pm CT

Cybersecurity Event Update

Much was similar, except this section:

Systems that are currently unavailable include our electronic health records system, MyChart (which enables patients to view their medical records and communicate with their providers), some phone systems, and various systems utilized to order certain tests, procedures and medications. We have implemented established protocols and procedures to address these particular system disruptions in order to continue to provide safe care to patients. Out of an abundance of caution, however, some non-emergent elective procedures, tests and appointments have been temporarily paused while we work to bring systems back online. Our teams are working directly with any patient whose appointment or procedure will need to be rescheduled. We understand the frustration this may cause and sincerely regret any inconvenience to our patients.

So patients are unable to access their charts or talk to their doctors’ offices. Also down: some phones, testing, medications, and procedures.

WHAT I REALLY THINK

This has affected an unknown number of

Keep reading with a 7-day free trial

Subscribe to The Rebel Patient™ to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
© 2025 Dr. Margaret Aranda Ferrante
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great culture

Share

Copy link
Facebook
Email
Notes
More