Sign up for our free weekday bulletin.

Hospital asks for patience as staff, physicians grapple with cyberattack impacts

Published on

Tara Jeffrey

Patients are being reminded to bring their health cards, all pertinent health information and up-to-date medications list to Bluewater Health as staff continue to grapple with the impact of a ransomware attack.

The latest update from the hospital advises that physicians may not have access to important information, including past patient records or medical history; current mediation lists; reports from other clinicians involved in care; and pre-admission workups.

“To ensure safe care, some physicians will have to cancel procedures if, in the absence of important information, they feel it is unsafe to proceed,” the hospital noted. “If this is required, physicians will do their very best to reschedule as quickly as possible.”

Bluewater Health added that while “some of our systems are functional, they are slower than usual and require extra time. This affects access to labs and diagnostic imaging.”

Bluewater Health appears to be the hardest hit of a group of southwestern Ontario hospitals targeted in a crippling cyberattack as officials announced Monday that data on some 5.6 million patient visits had been stolen.

“The attackers targeted a Bluewater Health patient database report,” the group of hospitals said in a joint statement Monday, confirming the theft of the report. “The stolen data includes information about approximately 5.6 million patient visits made by approximately 267,000 unique patients.”

Determining the specific individuals whose data may have been taken is expected to take months, officials added.

On Wednesday, the hospitals provided an update on the ‘recovery process,’ which includes a five-phase plan: containment; identification; remediation; restoration; and monitoring.

“Through our investigation we know that all our clinical and non-clinical systems were impacted as they are reliant on a safe secure network. Our experts have advised us that the safest route is to rebuild the network,” the statement read. “We can confirm that the restoration process (Phase 4) is on track.”

The hospital group says officials began the process to restore digital patient charting, immediately after discovering the cyber-attack.

“This restoration is expected to be complete by mid December,” officials said. “Delays will be reduced for patients once digital charting is restored. Please note that some patients and families may still experience diagnostic and/or treatment delays while we work to restore all systems.

Clinical applications will be coming back online one-by-one, or in clusters, approaching mid-December 2023.

“We want to emphasize to our patients that our physicians and frontline staff are under greater than normal stress due to these unusual circumstances, and they are responding with incredible resolve,” the hospital group stated. “We ask the public for their understanding during this time.”

A patient cybersecurity hotline has been established. For inquiries please call: 519-437-6212 (8 am to 11 pm Monday through Friday). Staff questions can be directed to respective HR teams.  

More like this