Issue link: https://beckershealthcare.uberflip.com/i/1393415
71 CIO / HEALTH IT Fighting hospital ransomware hackers takes a public-private village, Scripps CEO says By Jackie Drees A er a ransomware attack hit Scripps Health and disrupted its IT systems for weeks, CEO Chris Van Gorder penned an op-ed published June 10 in e San Diego Union-Tribune to detail the events and call on greater collaboration between the government and hospitals to thwart attacks. e San Diego-based health system discov- ered unusual network activity affecting some of its IT systems on May 1, prompting Scripps to take its information systems, including its Epic EHR, offline. During nearly one month of EHR downtime, the health system operated using established backup processes, including offline documentation methods and continued care at its outpatient urgent care centers, Scripps HealthExpress locations and all its emergency departments. While Scripps' EHR was not compromised, and there is no evidence that the health system's patient information was used for fraudulent purposes, Mr. Van Gorder wrote "we deeply regret the concern this incident has caused for our patients, employees and physicians." "ere are important lessons to be learned. Scripps, like other healthcare systems, is tak- ing further steps to enhance the security of our information security, systems and moni- toring capabilities and adapt to this evolving cyber-threat landscape," he wrote. Mr. Van Gorder pointed to the "unfortunate reality" that Scripps is "yet just another ex- ample of the ongoing trend of 'threat actors' extorting the nation's healthcare systems." He cited an analysis from Comparitech, which found that 92 individual ransomware attacks affected more than 600 separate clinics, hos- pitals and organizations in 2020. Scripps quickly implemented incident re- sponse protocols and downtime procedures upon discovering the cyberattacks, but "de- spite the best possible efforts, our nation's healthcare providers — and all organiza- tions— remain vulnerable to threat actors," Mr. Van Gorder wrote. "e American Hospital Association re- iterated in a recent article that relying on victimized organizations to individually de- fend themselves against these attacks is not the solution to this national strategic threat, when the vast majority of these attacks orig- inate from outside the United States where ransomware gangs are allowed to operate with impunity," he wrote. As the number of cyberattacks on critical U.S. institutions continues to escalate, there has become a critical need for public-private partnerships to manage and combat the issue, according to Mr. Van Gorder, who applauded the U.S. Justice Department's initiative to ele- vate investigations of ransomware attacks to terrorism priority. "Just as protecting the public's health during a once-in-a-century pandemic takes a village, so will protecting our hospital systems, critical infrastructure, schools, businesses and government entities from criminals who exist in the shadows," Mr. Van Gorder wrote. n Baptist Health Care CIO joins health IT cloud platform By Jackie Drees T im Quigley, CIO of Pensacola, Fla.- based Baptist Health Care, will take on the role of chief client officer at health IT company CloudWave. Mr. Quigley brings more than 25 years of health IT experience to the newly cre- ated role at CloudWave, which provides cloud platform storage and services to more than 100 hospitals and healthcare software companies, according to a June 14 news release. Prior to joining Baptist Health Care, Mr. Quigley served as senior vice president in Allscripts' client delivery organization and worked in various leadership roles focused on delivering managed and profession- al services to healthcare organizations at Perot Systems and Dell. n Walmart Health files plans to expand virtual care into 16 more states By Alia Paavola W almart Health's primary care medical group filed paperwork to expand virtual care in 16 more states, Insider reported June 7. Walmart told Insider the filings are related to its telehealth push, not for its physical primary care clinics. Walmart Health's deal to buy virtual care provider MeMD, announced in May, was still pending as of July 5. "We've expressed our interest in offering telehealth via an acquisi- tion that is pending regulatory clearance, and these filings are related to that effort, not physical Walmart Health locations," the spokesperson told Insider. In April, Walmart's primary care group MC Medical registered to oper- ate in fourteen states: Alaska, Delaware, Hawaii, Kentucky, Louisiana, Mis- sissippi, Missouri, Montana, New Hampshire, Ohio, Pennsylvania, South Carolina, Tennessee and Vermont. In May, MC Medical added Texas and Washington to the list, according to Insider. In contrast, Walmart's physical clinic locations are located in Arkansas, Georgia and Illinois. Walmart also plans to expand its physical clinics into Florida this year, according to the report. n