Update: Ransomware attack on Cass Regional shuts down EHR
Missouri-based Cass Regional Medical Center is currently recovering from a ransomware attack that struck its communication system and shut its staff out of its Meditech electronic health record system on Monday.
Hackers hit the health system around 11 a.m. Monday, and officials opted to turn off the EHR to prevent unauthorized access. Officials said there appears to be no evidence that patient data was breached.
Currently, recovery efforts are about 85 percent complete, officials told Healthcare IT News. Trauma and stroke diversion are ongoing, but all other care continues without interruption.
The health system is working with an outside forensics firm to decrypt affected systems and files. The EHR remains offline as they continue to investigate whether patient data was compromised. Officials expect the EHR to be brought back online within 72 hours.
Care managers met to develop plans to continue care during the attack, but trauma and stroke patients were diverted to ensure the best care for those patients. Care diversion is still continuing for these patients as a precautionary measure. But despite the attack, inpatient, outpatient, emergency and primary care services continue.
“I am extremely proud of our staff for the manner in which they have rallied to make sure we can still take the very best care of our patients,” Chris Lang, Cass Regional CEO, said in a statement. “It has not been easy, but their dedication and can-do attitude is inspiring.”
“We deeply appreciate the patience and support that our community has shown during this challenging time,” Lang said. “We look forward to resuming normal operations and continuing our mission to meet the healthcare needs of area residents.”
This story was updated to reflect the official statement on the current recovery status.