Windsor still restoring systems after fall cyberattack

WINDSOR, Ont. – It will take most of this year for Windsor Regional Hospital to fully recover from a cyberattack that rocked five southwestern Ontario hospitals last fall. That’s according to hospital CEO David Musyj (pictured), who last week said “a lot” of systems are not yet up and running.

But most major clinical systems have been restored, and two more will come online in the next few days, he said. If all goes as planned, the hospital this week lift its Code Grey status, which has meant zero access to electronic health records or email for months.

“The patient’s experience when they enter the hospital should not be impacted at all by the cyberattack now,” Musyj told reporters following the hospital’s monthly board meeting.

“All of the major systems are up and running. Could there be peripheral systems that could impact? Yes, but not to the point of (impacting) them getting the care they need at the time they need.”

In an attempt to blackmail the institutions, hackers in October stole millions of records from Bluewater Health in Sarnia, Chatham-Kent Health Alliance, Erie Shores HealthCare, Hôtel-Dieu Grace Healthcare, and Windsor Regional Hospital. The attack also locked the hospitals out of their technology-based systems.

As of Jan. 3, Windsor Regional’s PACS network for diagnostic imaging was up and running.

The hospital is still experiencing some backlog with imaging for its semi-urgent and non-urgent patients, said Karen Riddell, chief operating officer and chief nursing executive.

“It’s going to take about 10 weeks to clear our P3s (semi-urgent patients), and we’re working currently with our regional partners and Ontario Health West to come up with a recovery plan,” Riddell said.

“We’ll all be working together to make sure that we’re able to get those wait lists down.”

Riddell said the hospital has kept physician offices informed of wait times. Patients are directed to other hospitals for imaging, if necessary, unless it’s appropriate for them to wait for diagnostic imaging in Windsor.

This month, the hospital’s nutrition software was brought back online, allowing individualized meal ordering options. Also revived was the hospital’s hematology lab module.

In the coming days, two more systems are expected to be back in play: Pyxis, an automated medication dispensing cabinet, and CVIS, a cardiovascular information system used for connecting the hospital’s cardiac imaging, echocardiogram reporting, electrocardiogram test reporting, and cath lab and health records to allow for remote viewing by physicians.

“We’ll have reached a major milestone with the restoration of those two items,” Riddell said.

“Teams have been working really hard the last few months to get everything back up and running and we’ll continue on with the work to get things back online over the next few months.”

Work to notify the more than 270,000 patients and staff whose sensitive information was stolen during the breach is ongoing. Musyj said the hospital is currently working through the issue with Ontario’s privacy commissioner.

An investigation into the cybersecurity attack by the Ontario Provincial Police involving Interpol and the FBI is ongoing, Musyj said.

Source: Windsor Star