Two weeks after being hit by an unspecified computer virus, 602-bed Erie County Medical Center in Buffalo, N.Y., is starting to return its information systems to operation.

On April 9, ECMC’s IT department detected a virus and immediately shut down its email, electronic health record system and website, among other systems, as a precautionary measure.

Erie County Medical Center
Erie County Medical Center

Also See: Virus takes down systems at Erie County Medical Center

Within days, the hospital’s website was back online. However, the facility is just now restoring its email system, while the EHR system from MEDITECH remains in view-only mode for staff in selected areas of the facility, such as the emergency department.

Peter Cutler, vice president of communications and external affairs at ECMC, says medical records were not compromised at any time during the cyber security incident.

“Based on continuing analyses and assessments by ECMC’s IT staff and other IT professionals, the initial indication is that there has been no compromise of patient health information,” reports a written statement from the hospital.

Erie County Medical CenterCiting anonymous sources, The Buffalo News reported that ECMC was the victim of ransomware. “I’m not going to respond to anonymous sources,” says Cutler. “We’ve been working with state and federal law enforcement agencies, and that investigation continues. When we deem it’s appropriate, we’ll share further information.”

As part of the ongoing investigation of the incident, the hospital has been working with cyber security consultant GreyCastle Security in addition to federal and state law enforcement agencies.

“Due to our client confidentiality policy, we cannot disclose any specifics of this situation,” said GreyCastle in a written response to a query.

However, GreyCastle CEO Reg Harnish praised ECMC for its quick response to the April 9 cyber security incident, which he called “undesirable” computer activity.

“Our relationship started when ECMC identified the issue,” says Harnish, who declined to either confirm or deny that the hospital was the victim of ransomware. “Let’s just say that ransomware in healthcare is an epidemic. It’s everywhere, and ECMC is as vulnerable to these types of attacks as any other hospital out there.”

In many cases, ransomware will cripple the network of a healthcare organization “before they even know that it’s happened,” says Harnish, who credits ECMC for “escalating their response to us really quickly—something we don’t often see.”

When it comes to system restoration, besides the hospital’s website being restored, a temporary ECMC email service has been established; other financial systems are starting to come online; and an electronic registration process has begun for emergency department patients, ambulatory surgery, transplantation, dentistry and direct admissions. Also, more than 6,000 hard drives have been cleaned and returned to workstations as part of the ongoing restoration work.

ECMC system restorations slated for this week include establishing a new hospital email system; continued phased restoration of inpatient EHR-related functionality; ensuring the ability to view outpatient EHRs; achieving electronic communication of ECMC‘s lab system as well as its bed coordination system; and starting the rollout of restored desktop computers.

Next week, ECMC’s planned system restoration activities include continued rollout of restored desktop computers and inpatient EHR functions; electronic transmission of radiological images; and physician documentation, starting with the emergency department and psychiatric ER.

“Thanks to the hard work, dedication and tireless effort of the ECMC family, patient care continues to be delivered, and Western New Yorkers continue to receive the quality healthcare services they deserve and have come to expect,” said Thomas Quatroche Jr., ECMC’s president and CEO, in a written statement. “Under the circumstances, that’s a strong testament to our caregivers’ commitment and the community’s trust in them. We continue to make progress on restoring our computer system.”

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access