The Westchester Medical Center Health Network temporarily diverted ambulances over the weekend. Some stroke patients are still being sent to other facilities.
Two New York hospitals have remained open even as the system works to recover from a cyberattack.
The Westchester Medical Center Health Network said Friday that the attack has affected the HealthAlliance of the Hudson Valley, including HealthAlliance Hospital, Margaretville Hospital and Mountainside Residential Care Center.
The system temporarily diverted ambulances from both hospitals beginning Friday night, but the diversion ended by Saturday night, Westchester said. Both hospitals continued to treat walk-in patients during the diversion, the system said.
While the hospitals continue to see most patients, emergency stroke patients will continue to be transferred to other facilities temporarily, the system said.
The hospitals temporarily diverted patients as staff shut down all IT systems at the two hospitals and nursing home as part of the process of restoring the network. Westchester said the process of bringing back the IT systems is “ongoing.”
However, the system said, “we have regained all necessary capabilities to resume full operations.”
Josh Ratner, CEO of HealthAlliance of the Hudson Valley and executive vice president and chief strategy officer of Westchester, issued a statement praising the staff for working to reduce the disruption to services and care.
“I want to applaud everyone at HealthAlliance Hospital, Margaretville Hospital and Mountainside Residential Care Center for all of their hard work and dedication while facing an incredibly difficult situation, helping us return to full operations sooner than expected while continuing to provide the best possible care for patients in our community,” Ratner said in a statement.
Westchester said the system has notified the FBI and other law enforcement agencies, and the organization is working with a cybersecurity company to determine the scope of the attack.
More than 220 cyberattacks targeted hospitals and health systems in the first half of 2023, according to the American Hospital Association.
Nearly 500 data breaches involving private health information have taken place this year, according to the U.S. Department of Health and Human Services. Organizations with breaches affecting at least 500 people are required to notify the health department.
Some of the largest breaches have affected millions of people by exposing their private health data.
Several cybersecurity experts talked with Chief Healthcare Executive® about the difficult choices hospitals encounter in ransomware attacks.