Skip to main content

Browse by Speciality Area

Browse by Product Type

All Products

All Access Subscription

Get unlimited access to our full publication and article library.

Get Access Now

Interested in Group Sales? Learn more

It’s happened again. Medical records are being held ransom at yet another hospital.

Another Cyberattack Leaves Records at a Hospital Held Ransom

March 22, 2016

Reprints

Related Articles

It’s happened again. Medical records are being held ransom at yet another hospital. The Methodist Hospital in Henderson, KY, has not yet decided whether to pay the ransom.

The amount of the ransom has not been disclosed. However, in February, Hollywood Presbyterian Medical Center in Los Angeles paid $17,000 in bitcoin after clinicians were unable to access medical records for 10 days.(For more information, see the story in our ED Legal Letter publication: “Hackers Target Hospitals with ‘Ransomware’ – Is your ED prepared?”) The FBI is investigating both incidents.

David Park, Methodist Hospital COO, was quoted by 14 News as saying whether the hospital pays the ransom depends upon the number of records that were locked. The hospital posted a statement online saying it has declared an “internal state of emergency.” The hospital also said it is using a back-up system that has allowed the hospital to remain open without interruption, the TV station reports. (For more information on this attack, see our upcoming May issue of Healthcare Risk Management. For information on how to prepare for a cyberattack or another event that causes medical records to be inaccessible, see these stories from our Hospital Access Management publication: “Cyberattack would be a disaster of ‘epic proportions’ for access — Most downtime protocols don’t address long-term events,” and “Lessons learned from unscheduled downtime — Data inaccessible for up to 10 days.”)