UVM Health Restores Electronic Health Record System One Month After Ransomware Attack

Share this article on:

University of Vermont Health Network has announced it has brought its electronic health record (EHR) system back online, a month after experiencing a ransomware attack. The ransomware attack occurred on October 25, 2020 and caused a massive outage across all six of its hospitals. For the past month, staff have been forced to record patient information, orders, and medications using pen and paper while its computer systems were out of action.

Care continued to be provided to patients during the attack and recovery process, but the recovery of its EHR will greatly improve efficiency. The attack caused major disruption, especially at University of Vermont Medical Center in Burlington, but the attack affected its entire network. Without access to essential patient data, many elective procedures had to be rescheduled and the radiology department on the main campus experienced major delays, and was only open on a limited basis.

In a November 24, 2020 update, UVM Health announced it had achieved a major milestone in the recovery process, having brought its Epic EHR system back online for its inpatient and outpatient sites, including UVM Medical Center and the ambulatory clinics at Central Vermont Medical Center, Champlain Valley Physicians Hospital, and Porter Medical Center.

While electronic patient data is now available and staff can record patient data electronically, the recovery process is far from over and a great deal of work still needs to be done. “Our teams continue to work around the clock towards full restoration as quickly and safely as possible,” explained UVM Health.

The phone system has been restored, but patients are still unable to use the MyChart patient portal so will not be able to access their health information online. There are hundreds of other applications used across the health network to deliver care to patients, and many of those systems remain offline. UVM Health is working hard at restoring those systems and they will be systematically restored over time, with the main focus being patient-facing systems.

Several other healthcare networks were attacked with ransomware around the same time as the attack on UVM Health. St Lawrence Health System in New York was able to restore its electronic health record systems within two weeks, but Sky Lakes Medical Center has been forced to replace the majority of its networks and workstations as a result of its ransomware attack.

Ashtabula County Medical Center (ACMC) in Ohio was particularly badly affected. ACMC was attacked with ransomware on September 24, 2020, with the attack affecting the medical center and 5 of its health centers. The EHR has still not been restored two months after the attack, and a full recovery is not expected until the end of the year.

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.

Share This Post On