A ransomware attack against Ascension, one of the largest healthcare systems in the U.S., has left a lasting impact on patient care and safety. Beginning on May 8, the cyberattack disabled electronic health records (EHRs), lab ordering systems, medication tracking, and more across Ascension’s 140 hospitals, affecting millions of patients and providers nationwide. As clinicians were forced to rely on manual records and workarounds, the gaps in digital infrastructure became alarmingly clear.

Event Details

The attack against Ascension highlighted how deeply hospitals rely on digital systems to manage and coordinate care. Without access to EHRs and digital tracking systems, clinicians experienced significant delays in lab results, medication administration errors, and challenges in coordinating patient care. Critical errors, such as nearly administering incorrect drug doses, underscored the potential for harm that can arise when automated safety checks are removed from the equation.

Clinicians in several Ascension hospitals reported that patient care was severely compromised, with some expressing concerns about the potential for life-threatening mistakes. Emergency procedures, such as ventilating patients due to medication errors, occurred, and cases of fatal delays due to inaccessible lab results were also reported. Staff members expressed frustration, stating that they were unprepared for the extent and duration of the disruption, which far exceeded typical short-term downtimes of one to two days.

Reactions and Consequences

Ascension’s response included restoring some services, such as EHR access, over the following weeks, but staff have called for greater support, including hiring additional nurses to manage workloads under manual systems. Nurses and physicians have raised alarms over the potential risks to their professional licenses due to errors that arose during the disruption. Union representatives and clinicians have urged Ascension’s leadership to acknowledge the incident’s severity and make systemic changes to address vulnerabilities in cybersecurity and patient care infrastructure.

Key Insights: Healthcare’s Cybersecurity Vulnerabilities

The Ascension incident highlights the growing cyber threats facing healthcare providers. Hospitals have become prime targets for ransomware attacks, as cybercriminals recognize the sector’s critical need to access patient data. Without proper cybersecurity measures in place, healthcare providers are at constant risk, and patient outcomes are at stake.

This breach reinforces the urgent need for healthcare systems to adopt robust cybersecurity models, such as Enterra’s Cybersecurity Maturity Model. By progressing through each maturity stage, healthcare organizations can proactively protect against similar incidents:

• Basic Stage: Introduce foundational cybersecurity practices, such as regular password updates and role-based access.

• Coordinated Stage: Implement essential security layers like multi-factor authentication (MFA), Security Information and Event Management (SIEM) systems, and network allow-lists. For Ascension, such measures could have prevented the attackers from accessing critical systems by requiring additional verification and restricting access only to trusted sources.

• Proactive Stage: Adopt advanced monitoring and response tools, allowing healthcare providers to identify unusual activity early and respond quickly.

• Adaptive Stage: At this level, AI-driven threat detection and Zero Trust models enable continuous risk assessment, ensuring the security architecture evolves with emerging threats.

  
  

In Ascension’s case, an adaptive cybersecurity model would have limited the attack’s impact by maintaining operational resilience and providing real-time backup and access to critical data.

Moving Forward: Protocols for Improved Cybersecurity in Healthcare

Given the potential consequences of cyberattacks on patient care, healthcare systems should implement comprehensive cybersecurity protocols:

1. Mandatory Multi-Factor Authentication (MFA): MFA adds a layer of protection by verifying user identities, ensuring only authorized individuals access sensitive data.

2. Network Segmentation: Isolate sensitive systems to minimize the impact of unauthorized access and protect critical patient data from cascading breaches.

3. Routine Security Audits: Regular audits of network access, credentials, and security configurations ensure systems are up-to-date with the latest protections.

4. Backup and Recovery Plans: Establish a plan for regularly backing up data and swiftly recovering systems, particularly for EHRs and lab systems.

5. Employee Training: Equip staff with cybersecurity training, preparing them to handle disruptions and reinforcing best practices, such as secure credential handling and identifying potential phishing attempts.

   
   

A Call to Action: Strengthen Cybersecurity Across the Healthcare Sector

The recent cyberattack on Ascension demonstrates the urgent need for improved cybersecurity across healthcare organizations. Hospitals must view cyber resilience as essential to patient safety, investing in technologies and protocols that protect against future threats.

Enterra’s cybersecurity maturity model offers a roadmap to guide healthcare organizations in advancing through various security stages, ensuring digital infrastructure that supports safe, uninterrupted patient care. As healthcare becomes more digitized, the importance of maintaining secure systems that can withstand cyber threats is paramount. In this shared responsibility, healthcare providers must prioritize cybersecurity to safeguard both their patients and their professional integrity in an increasingly risky digital landscape.