When the lights go down in the delivery room: Lessons from a ransomware attack.

OBJECTIVE

To describe the challenges facing the obstetric division following a cyberattack and discuss ways of preparing for and overcoming another one.

METHODS

A retrospective descriptive study conducted in a mid-sized medical center. Division activities, including the number of deliveries, cesarean sections, emergency room visits, admissions, maternal-fetal medicine department occupancy, and ambulatory encounters, from 2 weeks before the attack to 8 weeks following it (a total of 11 weeks), were compared with the retrospective period in 2019 (pre-COVID-19). In addition, we present the challenges and adaptation measures taken at the division and hospital levels leading up to the resumption of full division activity.

RESULTS

On the day of the cyberattack, critical decisions were made. The media announced the event, calling on patients not to come to our hospital. Also, all elective activities other than cesarean deliveries were stopped. The number of deliveries, admissions, and both emergency room and ambulatory clinic visits decreased by 5%-10% overall for 11 weeks, reflecting the decrease in division activity. Nevertheless, in all stations, there were sufficient activities and adaptation measures to ensure patient safety, decision-making, and workflow of patients were accounted for.

CONCLUSIONS

The risk of ransomware cyberattacks is growing. Healthcare systems at all levels should recognize this threat and have protocols for dealing with them once they occur.