When the lights go down in the delivery room: lessons from a ransomware attack

ABSTRACT

Objective: To describe the challenges facing an obstetric division following a cyberattack that paralyzed all information technology systems including ADT (admission, discharge & transfer), EMR (electronic medical records), community patient health record (PHR) interface, radiology module, laboratories system, and employee communications network. Study Design: A retrospective descriptive study. Division activities, including the overall number of deliveries and cesarean sections (CS), emergency room visits, admissions, maternal-fetal medicine department occupancy, and ambulatory encounters, from two weeks prior to the attack to 8 weeks following it (a total of 11 weeks), were compared to the retrospective period in 2019 (before Covid-19). Also, we describe the challenges and the adaptations made at the hospital and division level until resuming full division activity. Result(s) On the day of the cyberattack, critical decisions were made. The media announced the event, calling patients not to arrive at our hospital. A senior obstetrician was stationed in the ER to ensure triage. All elective activities other than deliveries were stopped. For elective CS, risk stratification was done, and all potentially complicated surgeries (>= 3 previous cesarean or high bleeding potential) were referred to other hospitals. For all medical encounters, formatted documents were created and kept for later archiving. Labs were done and delivered manually only when critical and blood product transfusions were decreased to a minimum. The number of deliveries, admissions, and both emergency room and ambulatory clinic visits decreased by 5-10% (overall for 11 weeks), reflecting the decrease in patient traffic. Nevertheless, in all stations, activities continued with ongoing adaptations to ensure patient safety, decision making, and workflow of patients. Conclusion(s) Despite the obvious concerns, it is reasonable and safe to allow hospital activity even during cyberattacks. Healthcare systems at all levels should recognize the threat and have protocols for implementation once it occurs. [Formula presented] [Formula presented] Copyright © 2022