Cass Regional Medical Center restarts EHR system after ransomware attack

Missouri-based Cass Regional Medical Center brought its electronic health record (EHR) system back online after a July 9 ransomware attack. The IT department engaged in a complete shut down for 10 days until it could confirm the threat had been investigated and systems were improved. 

“After consulting with our EHR vendor, we determined that any immediate threat that may have been present as a result of last week’s attack was mitigated, and that it was in the best interest of our patients to go ahead and bring the system back up,” said CEO Chris Lang in a prepared statement.

Cass and Meditech, the hospital’s EHR vendor, determined the breach was caused by a “brute-force attack” via Remote Desktop Protocol, an IT program that permits remote access to business IT systems for remote work.

“RDP is a widely-used interface that allows remote access to systems for legitimate business purposes,” Lang said. “Unfortunately, the attackers were able to exploit this feature and gain access. We have since modified our systems to eliminate this risk.”

""

As a senior news writer for TriMed, Subrata covers cardiology, clinical innovation and healthcare business. She has a master’s degree in communication management and 12 years of experience in journalism and public relations.

Around the web

No devices need to be returned at this time. However, the FDA warned, using these heart pumps without reviewing the updated instructions could result in "serious injury or death.” 

The FDA recently cleared the company's cable-free, credit card-sized heart monitor that produces 12-lead ECGs.

If 25% tariffs go into effect, it could have a big impact on the cost of medical imaging and radiotherapy systems, with many manufacturing facilities in Mexico.