Published online by Cambridge University Press: 13 July 2023
In October 2021, Hillel Yaffe, MC, suffered a ransomware attack which shutdown most hospital computer systems, including patient EMR, pharmacy, communications, administration and backup systems. Staff were left in a state of “cyber-shock” without access to essential information for maintaining safety, quality and continuity of care. The aim of this presentation is to share the hospitals' experience and insights of this cyber-attack, outlining preparedness and response strategies.
This attack required a multifaceted emergency response strategy, including:
Immediate response activated according to specific pre-prepared emergency scenario action lists
Leadership decision making in real time under conditions of uncertainty
Identifying the extent of systems affected
Establishing alternative communication across the organization
Distributing real-time status updates and proactive guidelines, based on pre-existing emergency preparedness protocols
Finding alternative access to patient health histories
Adaptation and distribution of alternative hardcopy versions of patient evaluation and documentation normally done by EMR
Distribution of instruction materials for staff via alternative communication, ensuring quick and correct adoption of alternative protocols
Special emphasis on patient safety, risk management, quality and continuity of care
Recognition, support and resilience-building for staff facing uncertainty and unprecedented conditions
Required preparations include pre-prepared standing orders and procedures, exercises and simulations. Advanced preparation of alternative documentation and care protocols will enable uninterrupted, safe, high-quality patient care. Familiarity with pen-and-paper documentation may minimize shock and disorientation from “digital withdrawal”, especially among younger workers lacking manual documentation experience. Staff members should also be instructed in maintaining “digital hygiene”, such as using strong passwords and awareness about cyber-security threats.
Hospitals must prepare for potential cyber-attacks and EMR/digital system shutdowns. Cyber-attack should be treated by organizations as an emergency event, and they should prepare incident response and contingency plans, to assure business continuity and quick disaster recovery.