Sonoma Valley Hospital in Sonoma, Calif. reported last week that a security incident shut down its computers.
In its October 22 notice to patients, the hospital said the October 11 incident “triggered a significant downtime event”:
Currently, the Hospital is maintaining operations while computer systems are being fully restored. We have maintained the ability to care for patients using our business continuity plan.
- Emergency Care remains available 24/7. Necessary surgeries and elective procedures have not been disrupted by the incident.
- The majority of diagnostics are being continued without interruption.
- The patient portal remains available but new results have not been posted to the portal since October 11.
The Hospital immediately initiated an investigation. We have partnered with outside experts to help us investigate and remedy this incident. We will provide updates as the investigation progresses.
Some patients who were waiting for their test results were repeatedly told to check back with the hospital, reports the Sonoma Index-Tribune. One woman attempting to schedule a mammogram told the newspaper she was delayed in making her appointment for at least a week due to Sonoma Valley’s computer problems.
It is unclear what caused the security incident and if it was ransomware.
Sonoma Valley Hospital is just the latest medical facility to experience IT disruptions. In September, all 250 of Universal Health Services facilities’ computer networks were affected by a malware attack.
The cost of such breaches is expensive. In mid-October, 28 states won a nearly $5 million judgement against Tennessee-based CHS/Community Health Systems Inc. and its subsidiary, CHSPSC LLC, over a 2014 data breach that affected approximately 6.1 million patients. The settlement followed a $2.3 million settlement by the Department of Health and Human Services for Civil Rights over the same security incident.
This news comes as cybersecurity experts and U.S. federal agencies are warning of an increase in ransomware attacks on healthcare organizations using the Trickbot malware.