NewsLocal News

Actions

Hillcrest patients get access to online records 1 month after ransomware attack

Hillcrest Medical Center
Posted
and last updated

TULSA, Okla. — On Dec. 21, Hillcrest Healthcare System said patients will have access to their online data on MyChart again nearly a month after a ransomware attack affected the hospitals online systems.

"Hillcrest HealthCare System has restored access to its patient portal, MyChart. Beginning today, patients can use MyChart to schedule or reschedule appointments, message providers, view medications and request prescription refills, access e-check in, view test results and visit summaries, and pay bills," a spokesperson for Hillcrest said.

Users will have to reset their passwords when logging in for the first time since the attack.

"Additionally, a small subset of MyChart features remain temporarily unavailable as a result of the recent downtime, including video visits and access to financial statements via MyChart," the spokesperson said. "We are working diligently to restore these features and other systems as quickly as possible following the cybersecurity incident."

Hillcrest HealthCare System also lifted its protocol to divert emergency patients to other ERs while investigating a ransomware attack in November.

The attack caused some Hillcrest emergency rooms to divert patients, according to a Hillcrest HealthCare System spokesperson.

“Over the past 36 hours, hospitals within Hillcrest HealthCare System moved off emergency divert, allowing ambulance services to transport patients to Hillcrest Medical Center and five other regional hospitals throughout northeast Oklahoma. This continues to be a rapidly changing situation, and we are grateful to once again accept emergency room patients by ambulance while continuing to provide the emergency care that we are known for throughout the community. We also thank our community partners for supporting Hillcrest and our patients during this time," said Kevin Gross, CEO of Hillcrest HealthCare System.

Divert status means hospitals have asked local ambulances to send patients in need of emergency care to other ERs.

Hillcrest's parent company, Ardent Health Services, said it learned of the attack on Nov. 23.

"The Ardent technology team immediately began working to understand the event, safeguard data, and regain functionality," reads a statement on the Ardant Health Services website. "As a result, Ardent proactively took its network offline, suspending all user access to its information technology applications, including corporate servers, Epic software, internet and clinical programs."

Hillcrest said the attack impacted access to records software but did not impact patient care. Although, some patients reported having appointments rescheduled and not being able to access their own records.

"We became aware of a network outage due to a potential security incident that is affecting Hillcrest HealthCare System. Our team is working to assess the impact of this outage and restore access, and we will follow established downtime protocols as needed. Patient care has not been adversely impacted. As a precaution, some emergency rooms are currently on divert status," according to a Hillcrest HealthCare System spokesperson.

Dr. Stephen Flowerday, professor of cyber studies at the University of Tulsa, said these sort of attacks are becoming increasingly more common for hospitals.

"Hospitals, as you know, are focusing on patients and delivering their service which is better health care," said Flowerday. "Maybe they're not securing their personal data of their patient data as well as they should."

Flowerday, who has studied attacks like this one for about 30 years, said hackers look for targets with money and information. Banks tend to be attractive, however those establishments are very secure which can fend off cyberattacks.

"In the case of hospitals, they've got good medical records, a lot of data, a lot of rich data, personal data, but they haven't secured to the same level of a bank," Flowerday said. "The hacker's aware of that, so they are a softer target at the moment."

While Ardent has yet to confirm the extent of data that was compromised, Flowerday said the best course of action for any patients that were possibly included in the breach is to lock their credit.

"If there were any credit inquiries, no one would be able to open an account in their name. So that is the only thing at the moment they can do," said Flowerday.


Stay in touch with us anytime, anywhere --