On January 18, 2018 Allscripts experienced a ransomware attack that impacted their cloud based EHR and other services. At this time, Allscripts does not believe there is any reason to believe any data has been removed from their systems.
Allscripts sent out the following message to their clients: "We are in the process of cleaning impacted systems and services to ensure they will be operational once we are able to bring the services back online." They also said that "work continues to restore both the directly affected serviceshosted Pro EHR and hosted EPCSand the other unaffected services that we proactively shut down to protect clients and client data." From there Allscripts stated that "there is still no evidence that any client data has been removed from our systems."
Last week Indiana-based Hancock Health experienced a ransomware attack and ended up paying $55,000 to recover 1,400 patient files. Hancock Health CRO reported that no patient information was taken. The recovery process was made easier due to file backups. However, the breach raises concerns for healthcare entities as they try to work on preventing confidential patient information from being compromised.
Healthcare Compliance Pros will be monitoring this incident closely. If you have questions or were impacted by the incident and have questions what steps you may need to take, please contact us by email: [email protected] or by phone: 855-427-0427