Getty Images

Most EHRs Back Online at CommonSpirit Health Following Ransomware Attack

In its most recent update about the October ransomware attack, CommonSpirit Health assured patients that the majority of impacted providers have regained access to EHR systems.

CommonSpirit Health informed patients that the majority of impacted hospitals and clinics across the health system once again have access to their EHR systems following an October ransomware attack that had varying impacts across a variety of facilities.

“In addition, most patients can again review their medical histories through the patient portal and we are working to restore appointment scheduling capabilities to the portal in cases where that feature exists,” CommonSpirit Health stated.

“In the meantime, patients should contact their provider’s office directly to schedule an appointment.”

As previously reported, CommonSpirit began suffering IT outages as a result of a security incident that began around October 3. The nonprofit health system later confirmed that the incident was a ransomware attack.

The attack left many of CommonSpirit’s 1,000 care sites and 140 hospitals untouched, but others experienced appointment cancellations and delays along with impacts to patient portal functionality. Many impacted facilities also took their EHR systems offline as a precaution.

“We care deeply about our patients and regret any challenges or frustration they may have experienced as a result of this incident,” the notice continued.

“Thank you to our patients, providers, staff and partners as we continue navigating the response and restoration process.”

As is the case with all healthcare ransomware attacks, patient safety is a top concern. CommonSpirit Health said that it is taking steps to “facilitate clinician and patient communication, document patient care, and support our caregivers in following safety processes and standards.”

In addition, the health system is still working to determine if and how patient data was impacted by the ransomware attack.

Next Steps

Dig Deeper on Healthcare data breaches