King of Prussia, Pa.-based Universal Health Services confirmed that all 250-plus U.S. locations were affected by malware and expects systems to be recovered and applications reconnected soon, according to ABC News and a statement from the health system.
The attack occurred on Sept. 27 and the health system disconnected systems and shut down its network to prevent any further spread of the malware. Over the past week, clinicians have reverted to using paper records to continue treating patients, and in some cases canceled elective procedures or diverted ambulances to other locations during the downtime.
Clinicians also reported more confusion during patient hand-offs because they did not have access to the patients' electronic records. However, the health system has begun recovery efforts.
On Oct. 1, the health system issued the following statement: "The UHS IT Network is in the process of being restored and applications are being reconnected. We have a large number of corporate-level administrative systems, and the recovery process is either complete or well underway in a prioritized manner. We are making steady progress and are confident that we will be able to get hospital networks restored and reconnected soon."
UHS has reported that its EHR was not directly impacted by the attack and it is focusing efforts to restore system connections, but facilities are still using downtime procedures and offline documentation. The health system also reported no indication that patient or employee data was inappropriately accessed during the incident.
More articles on cybersecurity:
'It's not a good week for healthcare': Health system IT execs react to recent ransomware attacks
Google Maps starts showing COVID-19 outbreaks & 13 other key notes
Ascension move to outsource IT will eliminate 'a few hundred' jobs