By Jeff Wardon, Jr., Assistant Editor

The recent ransomware incident at Ascension appears to have been caused by an employee downloading a malicious file accidentally, according to a press release. This employee thought the file was legitimate, and Ascension officials say they have no reason to suspect anything but an honest mistake. In the same release, Ascension confirmed there is no evidence that any data was taken from their electronic health records (EHR) or other clinical systems.  

On June 14, Ascension confirmed they restored the EHR across their network, allowing for the clinical workflow in their facilities to return to its status before the attack.  

Ransomware attacks are serious threats to the operations of healthcare facilities, as they can cause long periods of downtime and render important data inaccessible. Taking the right steps to safeguard data and respond effectively to the incident is critical. 

Related: Healthcare Ranks Highest for Ransomware Complaints: Report

Data can be kept safe by doing regular backups. That way, if a ransomware attack occurs, the data held hostage can still be accessed via the backups. This is a part of a disaster recovery process and can lead to data resiliency, Ben DeBow, founder and chief executive officer at Fortified, told Healthcare Facilities Today. 

But ransomware attacks still can occur, requiring a prompt and effective response. These are the initial actions healthcare facility managers can take to respond to a ransomware attack, according to IBM: 

• Isolate the affected systems. 
• Keep a record of the ransom note. 
• Notify the security team of the attack. 
• Do not restart the affected devices. 

Jeff Wardon, Jr. is the assistant editor of the facilities market.