A Dutch-led international study has found that ransomware attacks have a significant effect on emergency radiology workflow, as well as on acute care delivery and the personal well-being of healthcare staff and providers.
Researchers led by Dr. Liselotte van Boven from VieCuri Medical Center in Venlo, the Netherlands, found several common themes among interviewed personnel, including limited preparedness by emergency departments for such attacks. They also found that many attacks occur during the acute care and recovery phases.
"[The] interviews underscore the importance of preparation in reducing the marked clinical effect of cybercrime," van Boven and colleagues wrote in an article published on 15 June by the Annals of Emergency Medicine.
Many ransomware attacks occur at hospitals, disrupting medical care. Previous reports suggest that healthcare workers, including radiologists, experience longer emergency department shifts, delayed testing and treatment, higher complication rates, and increased need for patient transfers.
The researchers noted a lack of data on specific recommendations for emergency physicians and radiologists when it comes to addressing cybercrime and continuing patient care.
The van Boven team sought to characterize the acute care effect of several large ransomware attacks against U.S. and European hospitals between 2017 and 2022. It interviewed nine participants, which included emergency healthcare providers and IT-focused staff members, finding that most were able to continue to provide acute care during cyberattacks.
From there, the researchers built five themes from data gathered in the interviews. These included effects and challenges on patient care continuity, challenges during the recovery process, personal effect on healthcare staff, preparedness and lessons learned, and future recommendations.
The researchers also found difficulties in ordering and obtaining diagnostic imaging, with digital radiology systems being inaccessible. This included carrying forms back and forth and reviewing images in person at the radiology department. Additionally, interviewees reported that nonclinical personnel worked as "runners" to deliver imaging results.
One interviewee said diagnostic orders were limited to urgent situations, adding that its emergency department modified its ordering patterns, limiting them to "emergent things to offload [pressure on the] lab and radiology."
The study authors suggested that improved preparedness could lead to fewer delays in care and better downtime workflow due to a cyberattack. They also suggested the following:
- Teaching staff paper-based charting skills and keeping paper copies of charts and diagnostic order forms on hand
- Establishing patient care protocols for when the hospital system is down
- Temporarily diverting emergency department personnel during the first hours of a cyberattack to reduce pressure on acute care services
- Implementing reverse triage, where patients already present at the emergency department are transferred to hospitals unaffected by cyberattacks
- Being transparent to hospital staff, patients, and external partners to mitigate cyberattack concerns
"Although there was profound hesitancy among hospitals to participate in this study, the limited number of participants provided valuable information that can be used to develop response strategies for hospital ransomware attacks," the authors reported.
The study can be found in its entirety here.
