Increased Hospital Cyberattacks Affect Other Healthcare Organizations

July 5, 2023
A recent study of a serious ransomware attack at one San Diego hospital found a link with later significant increases during the cyberattack in the daily census in a neighboring hospital's ED

A recent study by UC San Diego (UCSD) analyzed a ransomware event that occurred at a nearby Scripps Health facility ER, as well as one also located close by at a UC San Diego hospital. The study compared the four-week time periods before, during, and after the attack. As reported by NPR, the study found the Scripps event grave enough to consider hospital ransomware attacks a "regional disaster," with the number of attacks expected to increase.

While analyzing the month-long event at Scripps, researchers discovered that the UC San Diego ED had “significant increases during the cyberattack in daily census, emergency medical services arrivals, patients leaving without being seen or against medical advice, median wait times, ER lengths of stay, stroke code activations, and confirmed strokes.” Results from the study were published in JAMA Network Open. 

According to NPR findings, in the weeks following the Scripps breach, the number of patients waiting in the UC San Diego ED increased by 600, and the number of patients leaving without being seen increased by more than twice the normal amount. Additionally, there were more than twice as many confirmed strokes and almost twice as many emergency stroke code activations, according to the team of researchers at UCSD. 

Jeff Tully, M.D., co-author of the study and assistant clinical professor at UC San Diego, said “there needs to be more data made available, so health systems within a region can begin conversations surrounding coordinated emergency response protocols to hospital cyberattacks, in the same way they exist for natural disasters or other major emergencies.” MITRE, a nonprofit that conducts various research for the U.S. government, told NPR they are engaged in research to understand the interconnectedness of infrastructure systems to avoid another regional disaster like in San Diego. 

In addition to the Scripps ransomware event, other areas of the country are also experiencing similar cybersecurity attacks in healthcare facilities. Separate health data breaches have been reported by Oregon-based digital health firm Kannact, Massachusetts-based mental health and addiction treatment center New Horizons Medical, and Philadelphia-based orthopedic clinic Vincera Institute. In each case, thousands of patients had their personal information (SSN, date of birth, driver’s license number, etc.) as well as healthcare information (medical record numbers, and prescription, insurance, and treatment details) compromised. 

NPR also reported that patient advocacy groups are now making sure that patients are part of the cybersecurity conversation. Andrea Downing, who runs a patient information security advocacy group, said physicians “should be informing patients of cybersecurity risks before treatment, not after a security incident.”        

Sponsored Recommendations

AI-Driven Healthcare: Empowering Nurses, Clinicians, and Care Teams for Smarter, More Efficient Care

Explore how AI-first ThinkAndor® is transforming nursing workflows and patient care at Sentara, improving outcomes, reducing readmissions, and enhancing care transitions in this...

The Future of Storage: The Complexities and Implications in Healthcare

Join us on January 23rd to explore the future of data storage in healthcare and learn how strategic IT decisions today can shape agility and competitiveness for tomorrow.

IT Healthcare Report: Technology Insights for a Transformative Future

Explore the latest healthcare IT trends, challenges, and opportunities in AI, patient care, and security. Gain actionable insights to navigate the industry's transformation.

How to Build Trust in AI: The Data Leaders’ Playbook

This eBook strives to provide data leaders like you with a comprehensive understanding of the urgent need to deliver high-quality data to your business. It also reviews key strategies...