Officials at the University of Mississippi Medical Center (UMMC) confirmed on the morning of Feb. 19 that it was struck by a cyberattack that disrupted its IT network and electronic medical records (EMR) system.
In response to the attack, UMMC is operating under downtime procedures, which limit elective procedures and clinic patients, UMMC Vice Chancellor LouAnn Woodward said during a press conference.
Clinics statewide were closed and appointments were rescheduled. UMMC hospitals and emergency departments continue to provide emergency and critical care services.
“Patients in our hospital and in our emergency department are being cared for. Clinical equipment and operations remain functional,” Woodward said. “We are still taking patients, certainly those level one trauma patients and others that definitely need our services.”
Woodward confirmed that the attackers have communicated with UMMC officials.
Woodward also confirmed that UMMC is working closely with federal agencies and cybersecurity specialists including the FBI, Homeland Security, and the U.S. Cybersecurity and Infrastructure Security Agency.
“We are in the process of surging resources, both locally and nationally, into this incident to make sure that we are standing alongside with UMMC and their vendors as we look to understand the extent of this attack and then the actions we need to take to help them on the path of recovery, with our number one priority being helping them get their systems up and providing services to their patients,” FBI Special Agent Robert Eikhoff said.
As a precaution, UMMC has taken down all IT systems and will conduct risk assessments before restoring operations, according to Woodward. UMMC officials also communicated with local hospitals, health systems, and ambulance providers to ensure seamless coordination.
Med Com operations, which handle emergency communications and patient transfers, remain fully functional with dedicated lines and emergency systems isolated from affected networks, according to Assistant Vice-Chancellor Alan Jones.
Jones also pointed out that UMMC routinely tests plans and processes for continuity of operations if the EMR were to be compromised.
“We actually take the electronic medical record down routinely for scheduled maintenance, and then we have unplanned downtime. So, we have downtime procedures, so we know how to take care of patients without an EMR,” Jones said.
He also added that all equipment is functioning, and that patient safety remains uncompromised.
“At the point of care, all of our processes are intact, all of our equipment works. Patients are being cared for safely, so there will be no patient impact as a result of this downtime,” Jones said.
The duration of the disruption remains uncertain, Woodward said.
In a statement posted Feb. 20, UMMC said it continues to work with federal authorities and national experts in cyberattack response as it evaluates the extent of the attack and next steps.
