In a study published in the JAMA Network, evidence indicates that ransomware attacks on healthcare delivery organizations (HDOs) lead to substantial disruptions in patient care and emergency department workflows. The study focused on an attack that occurred on May 1, 2021, on an HDO consisting of four acute care hospitals and 19 outpatient facilities. The breach compromised the records of nearly 150,000 patients, and the operational disruption persisted for four weeks.

The study reveals that during the cyberattack period, there were significant increases in daily emergency department volume, ambulance arrivals, admissions, and patients who left without being seen or left against medical advice at neighboring healthcare facilities not directly affected by the attack.

Stroke Care Compromised: Stroke care, a time-critical service, was particularly impacted, with a significant increase in emergency department stroke code activations and confirmed strokes during the cyberattack period. However, the times for acute stroke treatment and CT scans remained constant, indicating that healthcare providers were able to maintain care standards under pressure.

The Urgency for Cybersecurity: The report underscores the increasing need for improved cybersecurity measures in healthcare systems, as ransomware attacks continue to surge, causing extensive operational, financial, and patient care implications. The cost of such attacks extends beyond the initial ransom and includes potentially millions of dollars in damages due to prolonged disruption of critical hospital infrastructure.

Mitigating Cyberattacks: Despite improved awareness and focus on cybersecurity, the study emphasizes the need for continued work, suggesting that hospital systems can reduce the regional effects of cyberattacks by developing emergency operation plans specific to cyberattacks, coordinating regional surge planning, and increasing real-time information sharing on cyber threats.