- The first legal matter known to involve a death attributed to ransomware was recently announced
- Death of infant in Alabama reported to be related to fetal monitoring systems impacted by ransomware attack
- A lawsuit says outages stemming from the attack contributed to a series of steps that resulted in missed signals, alarms and alerts – a charge the hospital disputes
A recent headline in the Wall Street Journal caught my eye for two reasons. As a longtime worker in the healthcare sector, and as a parent, it hit a little too close to home:
“When Teiranni Kidd walked into Springhill Medical Center on July 16, 2019, to have her baby, she had no idea the Alabama hospital was deep in the midst of a ransomware attack.
For nearly eight days, computers had been disabled on every floor. A real-time wireless tracker that could locate medical staff around the hospital was down. Years of patient health records were inaccessible. And at the nurses’ desk in the labor and delivery unit, medical staff were cut off from the equipment that monitors fetal heartbeats in the 12 delivery rooms.”
It’s a nightmare scenario for all involved, and one which is becoming too common.
First, let’s dive into the security matter. Ransomware attacks are on the rise, especially in healthcare. It’s the trifecta of opportunity – money, a critical-use case, and an access point, said Steve Smerz, CISO, Halo Health, to Healthcare IT News.
Why are Healthcare Organizations and Health Systems Targeted by Ransomware Attacks?
- Money. Ransomware attacks typically pursue an entity that has the resources to buy itself out of an attack.
- Critical use-case. Attackers look for an urgent or emergent use case that would create pressure to respond.
- Access point. Health systems include interconnected technology and busy people in tough situations, working quickly.
Smerz continued, saying:
“That adds up to a chance for a staff member to click on an email that looks real or to fall for sophisticated phishing efforts. The result is that every hospital or health system is potentially at risk for a ransomware attack. No one should assume “it won’t happen to us.”
All of this taken together – from the Springhill Medical Center case to our awareness of how differentiated technology in clinical communication can make a difference – led to a healthy discussion internally.
You see, Halo Health is a provider of clinical communications and collaboration SaaS solutions. Our technology is connected to EHR – allowing access to information and communication exchanges such as ADT feeds – but not reliant on the EHR exclusively for clinical communication.
Whether a hurricane or any other disaster, a differentiated communications infrastructure allows for ongoing communications when an EHR is unavailable.
It’s not possible for me to know what could have changed the outcome for mother Teiranni Kidd. Two years later, she might be playing with a toddler. But I recognized the situation.
Clinicians and many parents know that when an umbilical cord is wrapped around the baby’s neck, fetal monitoring can allow a Mother-Baby obstetrics team to act quickly, move to a cesarean section, and lead to a better outcome.
How can Halo Health’s modern approach to digital communication facilitate the rapid exchange of information, streamline workflows, and improve patient safety?