United States’ second largest non-profit hospital chain CommonSpirit Health is facing an ongoing IT security issue that has impacted its medical facilities. After detecting a cyberattack on October 3, the hospital published a statement that specific systems were offline as the matter was under investigation.
While the nature and impact of the incident are yet to be disclosed by CommonSpirit Health, some patient appointments were rescheduled. Moreover, other patients were assured that they would be alerted individually if their appointment was impacted.
Interlinked hospitals interrupted
Since CommonSpirit Health operates 1000 care sites with over 140 hospitals spread across 21 states, shutting down some of its services impacted several patients. “As a precautionary step, we have taken certain IT systems offline, which may include electronic health records (EHR) and other systems,” the statement read.
Status of a possible data breach
CommonSpirit Health has not confirmed if the information of its patients or their health data has been exposed. Addressing it as a system outage, the Chicago-based healthcare giant assured its patients that it was following the existing protocols for system outages to minimize disruption.
Services impacted by the cyber-attack
As per sources, it was confirmed that several subsidiaries of CommonSpirit Health had their electronic health records shut down. CHI Health in Nebraska, a subsidiary, confirmed outages across its Omaha hospitals. The incident impacted almost all Omaha facilities including Lakeside Hospital, Immanuel Medical Center, Creighton University Medical Center, and Bergen Mercy.
The status of other facilities at other locations across the country is still emerging. MercyOne Des Moines Medical Center also shut down some of its IT systems. Access to the latter’s electronic health records was also shut.
Formed in 1996, the national Catholic healthcare system, CommonSpirit Health, has over 21 million patients. It is the United States’ largest Catholic health system and the second-largest non-profit hospital chain. There has been a steady rise in cyber-attacks on healthcare facilities in the United States. In the past year, 618 breaches were reported, impacting at least 500 people. Such attacks on healthcare disrupt not only emergency services but also people’s lives.