Following cyberattack, Ardent Health Services works toward recovery

Ardent Health Services says it continues its recovery efforts following a ransomware attack.

The for-profit system discovered the attack on Thanksgiving, and the incident disrupted hospitals in several states. Ardent hospitals temporarily diverted ambulances to other facilities for a few days after the attack was discovered.

This week, Ardent says it has succeeded in restoring its access to Epic electronic health records, along with some clinical and business systems. The for-profit system says it is making progress in its recovery efforts and is continuing to provide care for patients.

“We continue to care for patients in our hospitals, emergency rooms and clinics,” Ardent said in a statement Wednesday. “At this time, our emergency rooms are accepting patients by ambulance and our clinics have resumed operations.”

• Read more: Emerging cybersecurity threats in healthcare

Some non-emergency surgeries continue to be postponed due to the disruptions, Ardent says. The system has delayed some elective procedures since announcing the incident.

Ardent operates 30 hospitals and more than 200 sites of care in six states. The system says it has notified law enforcement officials about the incident and has also retained threat intelligence advisors.

“We are working around the clock to bring the remaining systems back online as quickly and safely as possible, and will continue to provide updates on our progress,” Ardent said Wednesday.

Ardent has said it’s unclear if patient records may have been exposed in the attack, but the system says it will notify individuals who have been affected.

The system is encouraging patients who have questions about upcoming procedures or appointments to contact their providers by phone.

“Our teams continue to work directly with patients to ensure they receive the care they need,” Ardent said in a statement.

For UT Health East Texas, part of the Ardent system, the restoration of electronic medical records for providers is “an important milestone in our restoration efforts,” Allison Pollan, a spokesperson said via email. UT Health East Texas regrets the inconvenience for patients, she said.

“Our teams continue working around the clock to bring the remaining systems back online as quickly and safely as possible,” Pollan said.

More than 220 cyberattacks targeting hospitals and health systems occurred in the first half of the year alone, according to the American Hospital Association. The Westchester Medical Center Health Network in New York said ambulances had to be temporarily diverted following a cyberattack in October.

More than 88 million individuals have been affected by breaches of private health data this year, a 60% increase over the previous year, the U.S. Department of Health & Human Services said in November.

The Joint Commission published some guidelines in August for hospitals to respond to cyberattacks and continue caring for patients. The commission urges hospitals to develop plans to care for patients even if electronic health records can’t be accessed for an extended period.

“Organizations should be prepared to have life- and safety-critical technology offline for four weeks or longer,” the commission suggests.

Podcast: In our latest installment of the Data Book podcast, Michael Hamilton of Critical Insight talks about cyberattacks on hospitals, emerging threats, and what health systems should be doing to protect themselves.