Jones Memorial Hospital brings systems back online after cyberattack

Register now

Jones Memorial Hospital, a 70-bed acute care facility in Wellsville, NY, says its computer systems are back online—including email—following a recent cyberattack, the cause of which remains undisclosed.

“On the advice of law enforcement and the NYS Department of Health, we can’t share specific details on the nature of the attack or the steps being taken to address it,” said Judith Burt, the hospital’s community relations director, in a written statement.

Also See: Cyberattack takes down systems at Jones Memorial Hospital

Nonetheless, the rural hospital—located in southwestern New York State—continues to believe no financial or medical information was compromised and that the cybersecurity incident has only served to make it stronger.

“We are protecting against future attacks with multiple safeguards that employ the latest information security technologies and protocols,” according to the hospital’s written statement. “Based on these improvements, information at Jones will be as secure as at virtually any other health system. Because cybercriminals continually look for new ways to target organizations, including hospitals, we will continue to evaluate and update our security measures while focusing on patient safety and quality care as our top priorities.”

Jones has been working with IT professionals from the University of Rochester, Noyes, and St. James hospitals, as well as its electronic health record vendor Meditech, to help get its systems back online.

“Our doctors, nurses and staff members are working with records electronically, and patients coming to our hospital or clinics for services no longer need to bring their medication lists or medical history,” said the hospital in a written statement.

However, the medical facility added that “for a few days, staff members will continue to do some record-keeping manually” and that it expects to “resume full operational status of all digital systems” this week.

The hospital implemented standard computer downtime procedures, including the practice of “manually entering information into patient medical charts,” while some of its systems were offline.

For reprint and licensing requests for this article, click here.