Getty Images
Ascension faces cybersecurity event, disrupting clinical ops
A cybersecurity event disrupted clinical operations at Ascension after the nonprofit health system discovered unusual activity on some tech network systems.
The leading non-profit health system Ascension recently announced a cybersecurity event impacting some of its technology network systems on May 8. The event has disrupted clinical operations.
Ascension has initiated procedures to ensure safe and minimally disrupted patient care delivery. However, access to some systems has been interrupted as the health system continues to investigate the cybersecurity event. Ascension says it continues “to assess the impact and duration of the disruption.”
The cybersecurity firm Mandiant will help Ascension investigate the cybersecurity event and remediate any disruptions to network systems. The health system has also reached out to the appropriate authorities, as well as its business partners, regarding the incident. It has recommended business partners safeguard their systems.
“Together, we are working to fully investigate what information, if any, may have been affected by the situation,” the announcement states. “Should we determine that any sensitive information was affected, we will notify and support those individuals in accordance with all relevant regulatory and legal guidelines.”
Ascension is based in St. Louis and operates 140 hospitals across 19 states and Washington. The health system had about 716,000 discharges last year, as well as 16.4 million physician office and clinic visits.
The cybersecurity event at Ascension comes on the heels of a major disruptive event in February impacting UnitedHealth Group’s Change Healthcare system. The February ransomware attack halted billing at pharmacies across the U.S., also impacting physicians submitting claims to one of the largest clearinghouses in the country.
The healthcare industry is the most at risk of an attack, according to a new study emailed to HealthITSecurity. The survey was conducted by Soax using data from the Identity Theft Resource Center on the number of data violation cases from 2020-2023. The data revealed over 800 data violations within the healthcare industry in 2023, the most of any industry studied, including financial services.