We regret to inform you that we will no longer be publishing Health Data Management. It has been an honor to provide you with the insights and connections to move your career forward. We wish you continued success on your professional journey and welcome you to explore our other titles at www.arizent.com/brands.

Virus takes down systems at Erie County Medical Center

The Erie County Medical Center, a 550-bed hospital in Buffalo, N.Y., has been hit by a computer virus and in response has shut down the facility’s email, electronic health record system and website as a precautionary measure. ECMC’s Terrace View long-term care facility has also been affected.

A virus was detected early Sunday morning at ECMC, which is the primary teaching hospital for the University at Buffalo, according to Peter Cutler, vice president of communications and external affairs.

In accordance with organizational protocols, Cutler says that the hospital’s IT team “shut our system down” and that as of Tuesday afternoon, he said it remained out of commission.

“The electronic health record system is not running but it has not been affected as far as we can tell,” he adds. Based on an assessment of its EHR, Cutler contends that “at this stage we’ve not detected that there’s been any compromise of patient health information.” At the same time, he noted that all medical records are backed up and as a result are protected from being lost. For the time being, Cutler says ECMC staff is using paper records.

Also See: Health center finds virus on computer with patient info

“We’re absolutely operational. It creates some challenges, of course. People are working longer shifts,” he observes. “It has not had an impact on our ability to function.”

Cutler says the hospital is hoping to restore systems as soon as possible, although he could not estimate how long it would take to restore all functionality. “We’re in response and recovery mode. It’s an around-the-clock operation right now.”

According to Cutler, the FBI and New York State Police have been called in to investigate the incident. When asked if ECMC had been hit with ransomware, he would not comment other than to say “what we know is that there was something that came into the system.”

As part of the ongoing investigation, the hospital is working with consultant GreyCastle Security in addition to federal and state law enforcement agencies to “determine the origin of this thing,” Cutler concludes.

For reprint and licensing requests for this article, click here.