Tully Jeffrey L, Rao Sumanth, Straw Isabel, Gabriel Rodney A, Longhurst Chris, Savage Stefan, Voelker Geoffrey M, Dameff Christian J
Center for Healthcare Cybersecurity, University of California, San Diego, La Jolla.
Department of Anesthesiology, University of California, San Diego, La Jolla.
JAMA Netw Open. 2025 Jul 1;8(7):e2530226. doi: 10.1001/jamanetworkopen.2025.30226.
Modern health care depends on digital infrastructure. Widespread technology outages affecting health care delivery organizations may impact clinical care.
To determine the availability of health care delivery organization internet-connected networks before, during, and after the faulty CrowdStrike software update of July 19, 2024.
DESIGN, SETTING, AND PARTICIPANTS: This cross-sectional study measured availability of health care delivery organization networks by performing scans on internet address ranges and Fast Healthcare Interoperability Resources (FHIR) end points corresponding to individual hospitals, spanning various sizes, geographic range, and organizational types, assessing responsivity to scans 2 weeks before, during, and 2 weeks after the CrowdStrike update. Hospitals affiliated with US-based health care delivery organizations that used the Epic electronic health record and that had publicly observable internet services, including FHIR end points, were included. Data were analyzed from July 19, 2024, to May 17, 2025.
A widely distributed faulty software update for enterprise cybersecurity software distributed on July 19, 2024, which, when installed on computers, resulted in a system crash.
The primary outcome was loss of response to internet scanning techniques indicating computer system downtime. A secondary analysis was performed on unresponsive domains attempting to identify the function of the network services provided.
Among 2232 hospitals with available data, loss of response to internet scanning techniques immediately following the CrowdStrike update was observed in 759 hospitals (34.0%). A total of 1098 distinct network services with outages were identified, of which 631 (57.5%) were unable to be classified, 239 (21.8%) were direct patient-facing services, 169 (15.4%) were operationally relevant services, and 58 (5.3%) were research-related services.
This cross-sectional study of US hospitals found that a widespread technology outage was associated with outages in patient-facing network services integral to care delivery. These findings suggest that internet measurement techniques may be useful for surveillance and study of critical digital health care infrastructure.
现代医疗保健依赖于数字基础设施。影响医疗保健服务机构的广泛技术中断可能会影响临床护理。
确定在2024年7月19日CrowdStrike软件更新出现故障之前、期间和之后,医疗保健服务机构互联网连接网络的可用性。
设计、设置和参与者:这项横断面研究通过对与各个医院相对应的互联网地址范围和快速医疗保健互操作性资源(FHIR)端点进行扫描,来测量医疗保健服务机构网络的可用性,这些医院规模各异、地理范围不同且组织类型多样,评估在CrowdStrike更新前2周、更新期间和更新后2周对扫描的响应能力。纳入了与美国医疗保健服务机构相关联、使用Epic电子健康记录且具有公开可观察互联网服务(包括FHIR端点)的医院。对2024年7月19日至至2025年5月17日的数据进行了分析。
2024年7月19日分发的企业网络安全软件的广泛存在故障的软件更新,安装在计算机上时会导致系统崩溃。
主要结局是对互联网扫描技术失去响应,表明计算机系统停机。对无响应的域名进行了二次分析,试图确定所提供网络服务的功能。
在2232家有可用数据的医院中,759家医院(34.0%)在CrowdStrike更新后立即对互联网扫描技术失去响应。总共识别出1098个出现中断的不同网络服务,其中631个(57.5%)无法分类,239个(21.8%)是直接面向患者的服务,169个(15.4%)是与运营相关的服务,58个(5.3%)是与研究相关的服务。
这项对美国医院的横断面研究发现,广泛的技术中断与护理服务中不可或缺的面向患者的网络服务中断有关。这些发现表明,互联网测量技术可能有助于对关键数字医疗保健基础设施进行监测和研究。
