Several physicians conducted a study that was recently published in JAMA Open Network: Ransomware Attack Associated with Disruptions at Adjacent Emergency Departments in the US.
The study evaluated a month-long ransomware attack at an urban hospital, and its impact on four adjacent hospitals. During the ransomware attack, the adjacent hospitals experienced:
- an increase in daily mean census, emergency arrivals, admissions, and patients who left without being seen or leaving against medical advice.
- longer wait times and longer emergency department lengths of stay
- incidents of strokes.
This study found that "health care cyberattacks such as ransomware are associated with greater disruptions to regional hospitals and should be treated as disasters, necessitating coordinated planning and response efforts."
This study suggests that ransomware attacks on urban healthcare providers should be considered regional disasters. MPA encourages providers in urban areas with emergency departments to include ransomware incidents at adjacent hospitals in their emergency response plans. Involve regional providers to coordinate plans to share information and adjust capacity as needed. Non-urban providers with emergency departments should also review regional impact of ransomware attacks. It should be no surprise that all providers, urban and non-urban, will feel the ripple effect from a ransomware attack on an area hospital.