A “cybersecurity incident” struck Tenet Healthcare last week, resulting in the immediate suspension of access to IT applications. Tenet is one of the largest hospital care service providers in the U.S. with over 146 hospitals.
Upon discovery, the security team promptly launched cybersecurity protection protocols and took steps to restrict the unauthorized activity.
The notice does not detail the driving cause of the cybersecurity incident, nor the day the outages began. But several local news outlets reported that disruptions began on some information systems and phone lines at two of Tenet Health’s Florida hospitals on April 20.
Clinicians are reportedly relying on patient-based records and leaving the hospital to make phone calls. Local news outlet WLFX also reported Tenet’s St. Mary’s Medical Center in West Palm Beach is diverting patients to nearby hospitals due to the network outages.
The outages appear to be ongoing, as its press release notes that Tenet is making “important progress on its “efforts to restore impacted IT operations.” The incident initially caused a temporary disruption to a “subset of acute care operations,” but the remaining hospitals have remained operational amid the outages.
Clinicians are continuing to deliver patient care by leveraging “well-established back-up processes.” Tenet has largely restored its critical applications and some of the affected facilities have resumed normal operations.
The investigation is ongoing, as Tenet works to continue its response to the incident and implement additional security measures in response to the incident. Officials noted that, “Tenet is grateful to its physicians, nurses and staff for their dedication to safely care for patients as the company works to resolve this matter.”
Tenet is just the fifth U.S. healthcare provider to report cyber-related outages this year. But in France, the GHT Coeur Grand Est. Hospitals and Health Care Group is currently facing similar outages after hackers gained access to its network and stole troves of patient data. The security team took the impacted systems offline to mitigate the attack.
In the U.S., the impacted providers include Taylor Regional Hospital in Kentucky, Partnership HealthPlan of California, East Tennessee Children’s Hospital, and Oklahoma City Indian Clinic. Of these providers, only the California health plan and ETCH have completely restored all of its impacted systems.