After a ransomware attack affecting Chicago-based CommonSpirit Health's facilities across the U.S., employees at Mercy Medical Center in Roseburg, Ore., are questioning their paychecks, The News-Review reported Nov. 19.
CommonSpirit — the parent company of Mercy Medical Center and about 140 other hospitals — started taking systems offline in October after discovering ransomware attack, which shut down EHRs and resulted in canceled appointments and surgeries.
Weeks later, multiple employees at Mercy Medical have been receiving underpayment or overpayment based on their hours worked, a worker told The News-Review.
"There are a lot of people missing hours or being massively overpaid, massively underpaid," the employee told the publication, speaking anonymously for fear of possible retaliation. "Every floor is affected by this."
The worker also said employees at Mercy Medical Center who typically receive direct deposit have seen an unusual list of "deductions" on their latest paystub, without evidence of where money is going, according to The News Review.
CommonSpirit provided the following statement to Becker's on Nov. 21: "Our people are our top priority and we regret the stress and frustration that the payroll system disruption has caused. We are working with our employees to answer questions, address payment discrepancies and provide financial and other assistance to those who may need it. We are committed to ensuring our employees are paid accurately, and will continue to work with them directly to resolve any concerns. We are grateful for the commitment, grace and professionalism our staff have demonstrated during this challenging time."