Patients still need to provide their own paper copies of appointment schedules, doctor orders for imaging studies and treatments, and current blood test results before they can visit a doctor at McLaren Health Care, despite an almost month-long IT outage.
Grand Blanc, Michigan-based McLaren Health Care is advising patients to print the information from its patient portals and bring their empty prescription bottles, along with lists of their current medications and allergies, to appointments since access to electronic medical records is still unavailable due to a ransomware attack.
The majority of McLaren’s facilities are open and running, but there are still issues with the IT systems in each of the company’s 13 hospitals, Karmanos cancer centers, surgery centers, and clinics. The company formally acknowledged on Friday in a statement that the security event that was found on August 6 was, in fact, a ransomware attack.
Ransomware organization INC Ransom has claimed responsibility for the attack since the beginning of the outbreak.
“While cyber forensic investigations are underway, it is anticipated that the disruption will last until the end of August. Although the issue has been resolved, there is still restricted access to some McLaren systems, according to McLaren. “Our team members continue to have limited access to information technology systems so patients may experience longer than usual wait times.”
According to Dina Carlisle, a critical care registered nurse at one of McLaren’s hospitals, staff members still do not have access to electronic medical records and other clinical IT systems, which results in significantly longer wait times for patient care and more laborious manual charting of patient information.
“We are double- and triple-checking our work,” the nurse stated, referring to the fact that hospital EMRs and drug administration record systems are not accessible to nurses.
The Office and Professional Employees International Union Local 40 in Macomb Township, Michigan, represents nurses, radiological technicians, and other medical professionals. Carlisle is the president of the RN Staff Council of this union. According to her, the organization has just issued a petition to McLaren requesting additional workers and daily updates on the situation. “We’ve had one meeting in the last three weeks.”
When Ascension, a chain of hospitals in Missouri, was coping with a highly disruptive ransomware assault, the union filed a similar petition to the hospital chain in June.
In their most recent statement, McLaren admits that both patients and professionals are facing difficulties as a result of the IT outage.
“It is crucial to inform patients and healthcare professionals about the results of laboratory and diagnostic testing. As new information becomes available, we continue to evaluate lab tests, review imaging studies, and get in touch with your doctor,” McLaren stated in an update.
Meanwhile, the IT failure has also disrupted the scheduling of specific kinds of appointments.
The statement directed patients to a list of approximately 66 McLaren imaging facilities that they may call. “Patients in need of an outpatient imaging study can temporarily schedule their appointments through their local McLaren imaging departments,” the statement added.
According to local media outlet WJRT in Michigan, patients who typically receive specific care at various McLaren facilities—including some of its Karmanos Cancer Institute centers—are also facing delays or are being forced to transfer more urgent treatments to non-McLaren healthcare systems.
“We remain truly grateful for the tireless effort and dedication displayed by our team members under these demanding circumstances, and we sincerely regret any impact this cyberattack may have had on our patients,” the statement from McLaren read.
According to McLaren, the health institution is still collaborating with cybersecurity specialists to evaluate the incident’s full impact and ascertain whether any patient or employee data was exposed.
“If the health system identifies that any protected health information or personal information was compromised, it will contact the affected individuals directly pursuant to state and federal reporting guidelines,” the press release said.
The statement from Phil Incarnati, CEO and president of McLaren Health, recognized the stressful environment that the IT disruption is putting the organization’s clinical and other staff members in.
“Under extremely trying circumstances, McLaren teams on the front lines and those in support roles across the state have answered the call,” stated the governor.
“From doctors and nurses to dietary professionals, administrative assistants, patient advocates and all team members in between, our patients, their families and our communities will be forever grateful for your resilience and kindness.”
IT outages lasting weeks or even months are frequently the consequence of ransomware attacks on healthcare businesses.
For several weeks in 2022, a cyberattack on Chicago-based CommonSpirit prevented access to its IT systems, including electronic health data, at many of its more than 100 hospitals. The incident caused at least $160 million in financial losses.
Prior Attack
This is not McLaren Health’s first ransomware attack. That was an earlier cyber incident.
The ransomware group BlackCat/Alphv, which speaks Russian, stated to have taken 6 terabytes of data from McLaren Health last fall, exposing private information belonging to over 2 million patients. Whether McLaren Health paid BlackCat a ransom has not been made public.
State representatives from Michigan have openly commented on the most recent McLaren attack.
In the wake of the second significant assault on McLaren Health in the last year, Michigan Attorney General Dana Nessel asked customers to be diligent in monitoring their credit and other accounts in an alert published on August 9.
Additionally, state Representative Donni Steele, a Republican from Orion Township in Michigan, called on the state legislature to “enhance the penalties for waging ransomware attacks and improve partnerships with local law enforcement to better respond to ransomware” in response to the most recent attack on McLaren Health.
Regarding that prior hack, McLaren Health is facing multiple proposed federal class action lawsuits.
Information Security Media Group requested more information regarding McLaren Health’s most recent issue, but the company did not immediately reply.
