EHR system restored at Ascension following cyber attack

Cyber Security, News

  • 19 June 2024
EHR system restored at Ascension following cyber attack
The stars and stripes: the US Department of Defense has picked Cerner to provide a new EHR.
Tammy Lovell
May 8, 2024

US non-profit health system Ascension has confirmed that its electronic health record (EHR) system has been restored across all of its sites following a ransomware incident last month. 

The Catholic health system’s EHR and various systems used to order tests, procedures, and medications were left out of operation by the cyber attack on 8 May 2024.

In a cybersecurity update, published on 14 June 2024, a spokesperson for Ascension said that clinical workflow in its hospitals and clinics would now “function similarly to the way it did prior to the ransomware attack”.

“This also means patients should see improved efficiencies in appointment scheduling, wait times for appointments and prescription fulfilment,” they continued.

The spokesperson added that investigation into the incident is ongoing, along with the remediation of additional systems.

“The developments shared today represent a highly encouraging milestone in our organisation’s journey toward full recovery,” they said.

In a cyber security update on 12 June, Ascension said that it believes cyber criminals gained access to the system when an individual working in one of its facilities accidentally downloaded a malicious file that they thought was legitimate.

Although Ascension has no evidence that any information has been taken from its EHR and clinical systems, a spokesperson said that the attackers took files “from a small number of file servers used by our associates primarily for daily and routine tasks”.

They added that these files may contain protected health information and personally identifiable information for some patients.

The ransomware attack on Ascension is one of several cyber attacks which have caused major disruption to services at large healthcare organisations this year.

More than 800 planned operations and 700 outpatient appointments were rearranged in the week following a cyber attack on pathology service provider Synnovis, which took place on 3 June 2024.

Meanwhile, NHS Dumfries and Galloway has warned almost 150,000 patients to assume that their personal data is likely to have been stolen and published online following a major cyber attack in March.

Subscribe to our newsletter

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Sign up

Prev News

The benefits of working in a professional, diverse, digital team

Next News

Wes Streeting slams ‘glacial’ pace of FDP adoption

Related News

Medway IT systems yet to be restored after cyber scare
News December 18, 2024

Medway IT systems yet to be restored after cyber scare

The IT systems at Medway Community Healthcare have not yet been restored following a suspected cyber attack, Digital Health News has learned.
Digital Health Unplugged: 2024 Year in Review
Podcast December 12, 2024

Digital Health Unplugged: 2024 Year in Review

In the final Unplugged of the year, the Digital Health news team reflect on the biggest stories covered in 2024 and look ahead to 2025.
IT systems in Medway disconnected due to ‘suspicious activity’
News December 10, 2024

IT systems in Medway disconnected due to ‘suspicious activity’

Medway Community Healthcare has disconnected its IT systems to “protect patient and staff data” after detecting some “suspicious activity”.