The Rippling Impact of a Ransomware Attack
In July 2019, a Ransomware attack on the Springhill Medical Center in Mobile, Alabama resulted in Springhill having to shut down their network for nearly eight days due to the attack. The network outage resulted in critical medical equipment, such as health monitoring devices, not functioning. Despite this, Springhill Medical Center continued to accept new patients into the hospital and operated under emergency procedures. At this time, a baby was born in the maternity ward with their umbilical cord wrapped around their neck– a medical emergency that could not be detected due to malfunctioning medical equipment. This oversight led to the infant patient suffering fatal injuries. Eight months later, the child died from their injuries, prompting a negligent homicide investigation and a wrongful death lawsuit against Springhill Medical Center.
In analyzing this critical incident, students should be able to:
1. Identify how a ransomware attack begins and progresses
2. Recommend basic actions to defend against cyber attacks
3. Evaluate whether a hospital is to be held accountable for the welfare of their patients, both physically and virtually
4. Evaluate the positives and negatives of a healthcare organization remaining open to the public during a cyber attack