The HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Enloe Medical Center Continues to Experience EMR Downtime Due to Ransomware Attack

Posted By on Jan 15, 2020

A California healthcare provider was attacked with ransomware and two weeks on and its medical record system is still out of action.

Enloe Medical Center in Chico, CA, discovered the attack on January 2, 2020. Its entire network was encrypted, including its electronic medical record (EMR) system, which prevented staff from accessing patient information. Emergency protocols were immediately implemented to ensure care could still be provided to patients and only a limited number of elective medical procedures had to be rescheduled.

The attack also affected the telephone system which was taken out of action on the day of the attack. The telephone system was restored the following day but its EMR system is still out of action and employees are continuing to rely on pen and paper for recording patient data.

While there were some cancelled appointments in the first week after the attack, Enloe Medical Center says care is being provided to patients without delay while work continues to restore its systems. No information has been released on the type of ransomware involved, but the initial findings of the investigation suggest patient data has not been compromised.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

“Upon learning of this incident, we immediately took steps to restore critical operating systems and ensure the security of our network. At this point in time, we have no indication or evidence that suggests patient medical data has been compromised,” said Kevin Woodward, Enloe’s chief financial officer. The ransomware attack has been reported to local and federal law enforcement agencies and the investigation is continuing.

Ransomware attacks have been increasing throughout 2019 and there are no signs of the attacks abating. In addition to file encryption, several ransomware gangs have adopted a new tactic to increase the probability of the ransom being paid. Prior to the deployment of ransomware, sensitive data is being stolen.

Recent attacks involving the MegaCortex, LockerGoGa, Maze, and Sodinokibi ransomware variants have seen data stolen prior to the deployment of ransomware. The threat actors using Maze and Sodinokibi ransomware have issued threats to expose the stolen data if the ransom is not paid. Both have followed through on those promises and have published sensitive data when the decision was taken not to pay the ransom.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist