Expect weeks of delays for procedures, tests at CKHA


Area hospital officials and their support partner have released a few more details about operations in the wake of the recent cyberattack.

The Chatham-Kent Health Alliance, Bluewater Health, Erie Shores HealthCare, Hôtel-Dieu Grace Healthcare and Windsor Regional Hospital, and service provider TransForm Shared Service Organization were hit in late October by a ransomware attack.

It will be weeks before operations are back to normal.

Some information was released online after the hospitals and TransForm refused to pay a ransom.

Officials on Monday confirmed CKHA’s electronic health record was not affected by this incident. However, officials said the impacted shared drive that got hacked at Bluewater Health did contain some CKHA patient information.

CKHA can confirm the theft of an employee database report containing information about more than 1,400 people employed by CKHA as of Feb. 2, 2021. If you were employed by CKHA on that date, CKHA believes that your data was taken, including name, address, social insurance number, gender, marital status, date of birth and basic pay rate.

CKHA officials said the attack, as the investigation continues, has impacted in-hospital systems. As a result, doctors may not have access to patient records, medical history, medication lists, reports from other clinicians who are involved in patient care, and pre-admission workups.

Diagnostic imaging and lab work is an area that has been particularly impacted, officials said. 

“While some of our systems are functional, they are slower than usual and require extra time,” the officials said in a media release. “To ensure safe care, some physicians will have to cancel procedures if, in the absence of important information, they feel it is unsafe to proceed. If this is required, physicians will do their very best to reschedule as quickly as possible.” 

Patients also need to bring their health card to the hospital when seeking care. 

Furthermore, officials said the safest route going forward in re-establishing a safe and secure information network is to rebuild the network. The affected organizations have identified five phases of recovery from the attack, and at this time, only the first has been checked off as complete. That is containing the cyberattack.

The investigation into the cause of the attack, in the form of a forensic investigation, is still underway.

So too is strengthening the system and adding additional protections; bringing systems and applications back online, something officials said is being done based on clinical priority; and monitoring traffic into and out of the network.

“We can confirm that the restoration process is on track. While it will still take some time before all affected critical systems are completely online, our teams are working around the clock to ensure the process is progressing as quickly and safely as possible,” officials said. “We are also working with leads at each hospital for a seamless return to service.”

This restoration is expected to be complete by mid December. Delays will be reduced for patients once digital charting is restored. 

Some patients and families may still experience diagnostic and/or treatment delays while teams work to restore all systems, officials said. 

The investigation into the incident is also in progress to determine the specific individuals whose data may have been taken, and this is expected to take a number of months, according to hospital officials.  

A patient cybersecurity hotline has been established at 519-437-6212, 8 am. To 11 p.m. Monday to Friday.

Cybercriminal group Diaxin has claimed responsibility for the attack here in southwestern Ontario.

How they got into the system is something hospital officials refuse to comment on, as there is a multi-national police investigation underway.

The cyberattack here is not an isolated effort. Michael Garron Hospital in Toronto was also targeted in late October. Officials there said it did not impact patient care or clinical services.

A year ago, Toronto’s Sick Children’s Hospital was hit.

Queensway Carleton Hospital and Carleton Community Hospital were victimized this past spring.

The Toronto Public Library suffered a ransomware attack as well recently. 


Please enter your comment!
Please enter your name here