Core systems coming back online at Bluewater Health

SARNIA, Ont. – Three months after being put out of commission by a deadly cyberattack, Bluewater Health staff are now inputting patient information electronically for things such as diagnostic imaging tests, medications and patient registrations. Prior to that, staff and clinicians were forced to use pen and paper.

“Exactly three months to the date that we actually recognized the attack,” Bluewater Health president and CEO Paula Reaume-Zimmer (pictured) said.

The ransomware attack discovered Oct. 23 targeted five hospitals, including Bluewater Health, in southwestern Ontario through a shared supply and technology systems provider TransForm Shared Service Organization. It led to the widespread outage of hospital systems including patient records, medication lists, as well as payroll and other systems, officials said.

“Radiology, it’s now connected and they’re also testing the process,” she told hospital corporation board members.

As the electronic systems started to come back online, “There was a different pulse around the hospital when we rounded,” she said. “There was a sense of relief to staff.”

Hopes are to continue restoring systems in the coming weeks, she said.

What exactly has been restored and what of Meditech remains down after the attack is unclear, Post Media noted. Communications chief Keith Marnoch said answering that question requires navigating legal implications.

Bluewater Health, alone among the five hospitals affected to have a decades-old hospital information system at the time of the cyberattack, was also hardest hit.

Bluewater Health officials have said 5.6 million of its records dating back to 1992 were stolen, affecting about 267,000 people, and that information has been posted to the dark web.

Stolen data includes social insurance numbers for about 20,000 patients, officials have said.

A $480-million class-action lawsuit has been filed, naming all hospitals involved in the attack and Transform.

With the exception of the three-month gap between the attack, for which hacker group Daixin Team has claimed responsibility, and now, patient records are back, chief of staff Michel Haddad told Bluewater Health board members.

Without the hospital information system, hospital personnel haven’t had access to things like patient health card numbers, medical histories or medication lists.

Payroll was restored in December, Reaume-Zimmer said – praising staff for those efforts – after Bluewater Health had been using cash advances as a substitute while the Meditech financial module was being restored.

Plans are to continue with Meditech restoration efforts before implementing an up-to-date and secure hospital information information system (HIS) from Oracle Cerner, Reaume-Zimmer said.

“Expect probably by the end of February where the team will very quickly shift from recovery to looking at onboarding an entirely new HIS,” she said, noting November is the target date for the switch.

Upgrading the hospital information system will bring Bluewater Health in line with the systems of other hospitals affected by the attack, but that were largely immune from patient record theft, officials have said.

Bluewater Health board members also voted to make updates on the hospital information system one of the board’s key priorities, along with developing a board-level equity, diversity and inclusion strategy, and planning for future Ontario Health Team governance.

The effects of the cyberattack were apparent at the board meeting, where the most recent data was from September for several indicators, like how long patients wait for beds, and the percentage of beds being taken up by patients who don’t need hospital care but have nowhere else to go.

“This a challenge clearly to get information available,” board chair Margaret Dragan said, adding “we will continue to monitor these things and, as the information is available, we’ll get on it.”