You are using an older browser version. Please use a supported version for the best MSN experience.

MercyOne says it has begun restoring systems following ransomware attack

Des Moines Register 10/21/2022 Michaela Ramm, Des Moines Register
Mercy Medical Center in Des Moines © Tony Leys/Register file photo Mercy Medical Center in Des Moines

More than two weeks after a ransomware attack crippled its parent company, MercyOne health system is beginning to restore certain systems that were taken offline.

MercyOne Central Iowa region officials said they are in the process of restoring access to key systems, including its electronic health record system and the payroll system, that were taken offline following the cyberattack earlier this month at CommonSpirit Health.

"As systems come back online, our providers will be able to access their patients’ electronic health records, electronic prescription tools and our colleagues can access their pay information," officials said in a statement Thursday. "It will take some time before we can restore full functionality, and we continue work to bring our systems up as quickly and safely as we can."

In the lead-up to the 2020 election, all eyes are on Iowa. Get updates of all things Iowa politics delivered to your inbox.

Patients still can't schedule appointments online, officials said. Instead, they should call their provider's office to schedule appointments.

If a patient has trouble scheduling appointments, call MercyOne Central Iowa Medical Group Administrative Office at 515-358-6970.

More:3-year-old given too much pain medication after cyberattack shut down MercyOne computers, parents say

"Throughout this process, we have taken steps to protect our systems and maintain continuity of care," according to the statement. "We are only taking steps to restore systems when it is safe and secure to do so. We thank our patients, clinicians, team members and the community for their patience."

CommonSpirit Health, which is one of the country's largest health care systems, earlier confirmed it had been hit by a ransomware attack that caused hospital-wide outages across multiple systems nationwide, including facilities in Iowa. The Chicago-based hospital chain operates about 140 hospitals in 21 states.

Ransomware is used by hackers to steal data and encrypt an organization's computer systems, blocking access until hackers' demands for a ransom fee are met.

Officials have not disclosed whether patient data was compromised in this attack, though they did confirm they notified law enforcement and that "leading cybersecurity specialists" were engaged in the response.

"We continue to conduct a thorough forensics investigation and review of our systems and will also seek to determine if there are any data impacts as part of that process," according to a statement from CommonSpirit Health last week.

Previously:MercyOne sites open but online scheduling canceled after national cyberattack

Federal law requires health care providers to notify the federal Department of Health and Human Services if a breach has compromised patients' private information.

It's unclear whether ransomware successfully invaded MercyOne Des Moines Medical Center's computer systems and other affiliated care sites, which were taken offline Oct. 3.

However, it is clear that the offline systems have caused a disruption at the local hospital. An Urbandale family told the Des Moines Register their 3-year-old son was given too much pain medication when he was admitted MercyOne hospital earlier this month.

The child's mother, Kelley Parsi, said the only explanation she was given by providers was that the mistake was caused by the downed computer systems.

It appears patients have been affected nationwide by this outage, though the complete scope has not been disclosed by CommonHealth officials. Still, reports from states such as Washington and Tennessee show patients have faced delayed surgical procedures, canceled appointments and diverted ambulances.

Ransomware attacks pose a serious threat to patient health and safety. A Ponemon Institute report published last year found about one in four health care organizations reported an increase in mortality rates following a ransomware attack.

So far this year, 18 health systems nationwide have been hit by ransomware attacks, with data stolen in at least 13 of those cases, Brett Callow, a threat analyst with cybersecurity provider Emsisoft, told the Des Moines Register last week.

Michaela Ramm covers health care for the Des Moines Register. She can be reached at, at (319) 339-7354 or on Twitter at @Michaela_Ramm.

This article originally appeared on Des Moines Register: MercyOne says it has begun restoring systems following ransomware attack

image beaconimage beaconimage beacon