Portneuf Medical Center experienced a ransomware attack. The hospital is adapting with pencils and paper
Published at | Updated at
POCATELLO — The systems of a southeast Idaho hospital are offline after it’s parent company experienced a cyberattack.
Ardent Health Services announced in a Nov. 27 press release that the incident is a ransomware attack. This cyberattack has affected all of Ardent’s 30 hospitals around the country, with Portneuf Medical Center being among them.
“We have an amazing team at Portneuf that continues to rise to meet the challenge,” PMC spokeswoman Mary Keating said.
Ransomware attacks install malware on computer systems, which essentially lock the machines so that hackers can demand a fee to unlock them. Portneuf’s situation is a latest in a string of cyberattacks that have occurred across eastern Idaho, most against other healthcare providers.
Ardent took action after discovering the attack on Nov. 23 by taking its network offline in an effort to save patient and hospital information.
RELATED | Portneuf Medical Center latest in a string of cyberattacks
“The Ardent technology team immediately began working to understand the event, safeguard data, and regain functionality,” said Will Roberts, Ardent spokesman, in a news release.
In order to adapt to this, Portneuf Medical Center has had to run hospital operations by paper and pencil.
Keating said the team at Portneuf has gone into their downtime procedures, which they do in other situations where its systems are offline. Because of this, she said it hasn’t been a hard transition for the staff to undertake.
“Our team has always effectively managed (downtime procedures) via paper,” Keating said.
She said being in downtime procedures hasn’t reduced the quality of healthcare Portneuf provides.
“While we have had to transition to a little more handwriting rather than using the computer, we are delivering the same care,” Keating said.
The cyberattack has also forced Portneuf to divert some emergency services to other area hospitals, but they are still receiving time sensitive emergencies like heart attack or stroke. As a level-two trauma center, emergencies like that have to come to Portneuf to be treated.
“We are in constant contact with our EMS team,” Keating said. “For all time sensitive emergencies, we are really making sure that we’re not sending those patients elsewhere when time is of the essence.”
Roberts said Ardent Health Services reported the attack to law enforcement. They have also implemented additional information technology security protocols and are working to restore its systems as soon as possible.
Roberts said they, “cannot confirm the extent of any patient health or financial data that has been compromised.”
In the last seven months, there have been two other major cyber attacks against local hospitals and one against the Idaho National Laboratory.
On May 30, Mountain View Hospital in Idaho Falls experienced a cyberattack that forced them to temporarily move to paper and pencil operations, divert emergency services and close some affiliated clinics until it was resolved.
RELATED | Mountain View Hospital sends out notices to patients of possible stolen information
More recently on Nov. 6, MadisonHealth in Rexburg had to shut down its entire computer system. Officials believe this action halted the attack before hackers could access patient information.
RELATED | Rexburg hospital forced to shutdown online systems following cyberattack
On Nov. 19, a hacking group launched a cyberattack on INL that leaked the personal information of employees online. The attack, which impacts thousands of employees, is being investigated by federal law enforcement.
Currently, there is not an estimate for when the most recent cyberattack on Ardent will be resolved.
“Ardent is still determining the full impact of this event and it is too soon to know how long this will take or what data may be involved in this incident,” Roberts said.
Keating said despite this cyberattack, Portneuf is still delivering the same quality of care its patients expect.
“Whether we’re documenting it on a piece of paper or documenting on a computer, that care that happens practitioner to patient is the exact same,” Keating said.