Lake Region Healthcare Recovering from Ransomware Attack

Lake Region Healthcare in Fergus Falls, Minnesota is investigating a ransomware attack that was first detected on December 22, 2020. The attack impacted several of the healthcare provider’s systems and caused some disruption to normal operations at its locations in Fergus Falls, Battle Lake, Ashby, and Barnesville. Emergency procedures had been developed prior to the attack which were immediately implemented, and care continued to be provided to patients while the attack was investigated and remediated.

Third-party cybersecurity experts were engaged to assist with the investigation and determine the scope of the attack, and while the investigation is ongoing, most of the systems impacted by the attack have been restored and services are operating as usual, largely due to working off alternative systems.

While it is common for data to be stolen prior to the deployment of ransomware, no evidence has been found to indicate that was the case with this attack. Patient care continues to be provided, but patients have been advised to contact the hospital to confirm their appointments. Further announcements will be made as the investigation progresses and all systems are brought back online.

University of Vermont Health Network Ransomware Attack Delays EHR Rollout

The ransomware attack on the Burlington, VT-based University of Vermont Health Network on October 28, 2020 caused major disruption.

The recovery process has taken many weeks, and while most systems have now been brought back online, the attack is continuing to cause various impacts. Some applications have still not been brought back online and delays continue to be experienced in some departments such as radiology. Following the attack, the health systems said it was costing around $1.5 million per day in lost revenue.

The disruption caused by the attack has also resulted in a delay in the planned enterprise-wide rollout of the next phase of its new Epic EHR system. The new EHR system is due to replace a patchwork of applications within and between hospitals in the network that are currently not fully integrated.

“In 2020, our network, like those across the world, experienced tremendous challenges due to the COVID-19 pandemic, only to be further encumbered by a ransomware attack,” said UVM president and CEO, John Brumsted, M.D.  The health network has delayed the new EHR implementations at several of its inpatient and outpatient units by between 4 and 8 months.

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.