Issue link: https://beckershealthcare.uberflip.com/i/1525993
32 CIO / HEALTH IT The questions health system CIOs have after the global IT outage By Giles Bruce J effrey Ferranti, MD, chief digital officer of Duke University Health System, was awakened in the early morning hours of July 19 with a text that the computers at his hospitals were down. His first thought: ransomware attack. He wasn't the only health system IT executive to get a similar call or text around that time. Or have the same initial thought. Tens of thousands of workstations at the Durham, N.C.-based health system had blank blue screens. Not knowing the cause, Duke activated its hospital incident command system (the first time it had done so for a cyber incident). By later that day, over 100 IT staffers had been trained to fix the computers. "Health systems tend to perform well in crisis situations," Dr. Ferranti told Becker's. "And it brought out the best in our people, and I was pretty impressed by how many of them responded to the event." Duke was fortunate. Its patient care wasn't affected. Some other health systems had to reschedule appointments and surgeries, divert ambulances and close outpatient clinics. Some healthcare providers were unable to access Epic or other EHRs. e IT outage hit not only healthcare but industries across the globe, canceling flights and leaving customers unable to access their bank accounts online. e incident was caused by a faulty update from CrowdStrike, one of the biggest cybersecurity vendors in healthcare, sent to computers running on Microso Windows. "It was an all-hands-on-deck effort between information services and our operational partners to remediate the disruption," Michael Restuccia, CIO of Philadelphia-based Penn Medicine, said July 22. "Quite the last 72 hours." CrowdStrike sent out a fix the morning of July 19, and most hospitals and health systems were able to restore patient care by July 22. But the outage illustrates how healthcare must continually improve its cybersecurity posture at a time when the industry is increasingly interconnected with outside technology companies, health system leaders told Becker's. e event comes just five months aer a ransomware attack on UnitedHealth Group subsidiary Change Healthcare massively disrupted claims and payment processing for providers. "e incident underscored the significant reliance on third-party vendors for critical infrastructure," said Zafar Chaudry, MD, chief digital and information officer of Seattle Children's. "A single point of failure can have catastrophic consequences." Dr. Chaudry said future interruptions can be prevented by reducing reliance on a single vendor, better evaluating third-party companies' security practices, regularly testing comprehensive incident response plans, and implementing redundant systems and data backups. Aer discovering the outage the night of July 18, Seattle Children's activated its incident response protocol. e health system was able to access its Epic EHR, which is hosted by cloud provider Rackspace, via Image Credit: Adobe Stock