BREAKING NEWS: MedStar Health Hacked, EHR Down, FBI Investigating

March 28, 2016
News reports on Monday, confirmed by organizational statements, described a cyber-attack on the 10-hospital, Columbia, Md.-based MedStar Health system that had disabled the organization’s EHR, forcing a temporary return to paper-based health records

Late Monday afternoon, March 28, The Washington Post broke the story that a virus had infected the clinical information system of the 10-hospital, Columbia, Md.-based MedStar Health integrated health system early Monday morning, forcing the system’s leaders to shut down their electronic health record (EHR) and e-mail system, and marking a new watershed moment in the recent history of hacking-based EHR and clinical information system shutdowns in U.S. hospitals.

According to the Post report, “The FBI is investigating the breach, which comes just weeks after similar cyber-attacks on two other medical institutions in California and Kentucky. Still, MedStar officials said they had found ‘no evidence that information has been stolen,” the Post report said.

The Post news story, by reporters John Woodrow Cox, Karen Turner, and Matt Zapotosky, quoted Ann Nickels, identified as a MedStar spokeswoman as issuing a statement that included the following: “MedStar acted quickly with a decision to take down all system interfaces to prevent the virus from spreading throughout the organization. We are working with our IT and cyber-security partners to fully assess and address the situation. Currently, all of our clinical facilities remain open and functioning.”

At around 4 PM eastern time on Monday, MedStar Health officials released the following statement on the organization’s website: “Early this morning, MedStar Health's IT system was affected by a virus that prevents certain users from logging-in to our system. MedStar acted quickly with a decision to take down all system interfaces to prevent the virus from spreading throughout the organization. We are working with our IT and Cyber-security partners to fully assess and address the situation.”

Meanwhile, also late in the afternoon on Monday, a report in the Baltimore Post-Examiner online noted that “Sources tell the Baltimore Post-Examiner that all Baltimore and Washington D.C. locations of MedStar Health have been affected by a virus attack.  This includes MedStar Washington Hospital Center where, we are told, they cannot access any records for patient appointments.” The report, by Anthony C. Hayes, quoted the following statement that the Post-Examiner had obtained: “Early this morning, MedStar Health’s IT system was affected by a virus that prevents certain users from logging-in to our system. MedStar acted quickly with a decision to take down all system interfaces to prevent the virus from spreading throughout the organization. We are working with our IT and Cyber-security partners to fully assess and address the situation.”

“But,” the Post’s story stated, “the infection could have a considerable impact on the $5 billion health care provider, which operates 10 hospitals and more than 250 outpatient facilities in the Washington region,” the Post story noted. “It serves hundreds of thousands of patients and employs more than 30,000 people.” And, it added, “Without access to sophisticated online systems, hospital staff have had to revert back to seldom-used paper charts and records.” And the Post’s reporters quoted Stephen Frum, a labor representative for National Nurses United who has worked closely with MedStar for 15 years, as saying, “Everything will be slowed down tremendously. It’s huge.”

Healthcare Informatics will update its readers on additional developments in this story as they occur.

Sponsored Recommendations

How Digital Co-Pilots for patients help navigate care journeys to lower costs, increase profits, and improve patient outcomes

Discover how digital care journey platforms act as 'co-pilots' for patients, improving outcomes and reducing costs, while boosting profitability and patient satisfaction in this...

5 Strategies to Enhance Population Health with the ACG System

Explore five key ACG System features designed to amplify your population health program. Learn how to apply insights for targeted, effective care, improve overall health outcomes...

A 4-step plan for denial prevention

Denial prevention is a top priority in today’s revenue cycle. It’s also one area where most organizations fall behind. The good news? The technology and tactics to prevent denials...

Healthcare Industry Predictions 2024 and Beyond

The next five years are all about mastering generative AI — is the healthcare industry ready?