Australian hospitals fighting system failure after botched WannaCry patch
Queensland Health, in its attempt to protect its computer systems from the major WannaCry ransomware campaign, inadvertently shut down the electronic health records systems at five of its key hospitals on Tuesday.
Brisbane’s Princess Alexandra and Lady Cilento Children’s hospitals, as well as Cairns, Mackay and Townsville hospitals are experiencing system slowness, after the attempt to patch system security backfired, Australia’s Courier-Mail reported.
“Over the course of that weekend as part of protecting our systems from cyberattack, a series of security patches provided by software owners such as Microsoft, Cerner and Citrix were loaded to further protect Queensland Health systems from attack,” said Health Minister Cameron Dick.
“While those patches have protected the integrity of our systems and data, it appears these protections may be making logging on and off the integrated electronic medical record system difficult for some users,” he said.
The failure, declared ‘Code Yellow’ for an internal emergency, was described in an internal email. While no surgeries were impacted, 22 outpatient appointments were delayed, explained Dick. The estimated time for full service to be regained was “not known at this time.”
Problems within the EHR system “could remain current for at least seven days,” as eHealth Queensland worked with its vendor Cerner to fix the issue, Dick told Parliament. But “for all intents and purposes Queensland hospitals are operating like it is business as usual.”
However, ward patients at the affected hospitals were driven back to pencil and paper, and about 500 clinicians were unable to log in at Princess Alexandra Hospital, said eHealth Queensland Chief Executive Officer Richard Ashby, MD.