Cyber outage forces radiologists to transcribe reports, delay nonurgent cases

A cyber outage on Friday forced radiologists at one hospital system to transcribe their reports and delay nonurgent cases, according to local media coverage.

The nonmalicious global technology glitch first occurred the morning of July 19 stemming from a faulty software update issued by cybersecurity firm CrowdStrike. This technology is widely used by provider entities and other businesses, the American Hospital Association noted.

At Piedmont Health System in Atlanta, the outage severely affected radiologists’ activities. Piedmont’s ability to generate reports was decreased by about 80% as of Friday. Amid the disruptions, rads were transcribing their reports and only attending to the most critical cases, local ABC affiliate KRCR reported.

Between 200 and 300 routine studies were left sitting in the queue Friday after the disruption, Croft Stone, MD, with Piedmont South Imaging, told the outlet. The voice-recognition program Piedmont rads use to dictate their reports was almost “completely nonfunctional for almost the entire workday” on Friday, he noted.

“It's more of a feeling of vulnerability, that just one glitch like this could cause not only a global outage, but something that directly affects you personally, your work, your hospital, your patients and everybody else who relies on your work in a timely outage,” Stone said, adding that Piedmont was able to navigate the outage by sending cases to a teleradiology service.

Crowdstrike said over the weekend that it was actively assisting customers affected by the interruption. Mac and Linux hosts have not been impacted by the incident, with the company already deploying a fix for Windows users. The Cybersecurity and Infrastructure Security Agency also issued an alert on the outage. Meanwhile, the AHA said it remains in close contact with the hospital field and the administration about next steps. It appears as if the effect on providers varies widely, the association noted.

“Some have experienced little to no impact while others are dealing directly with some disruptions to medical technology, communications and third-party service providers,” AHA National Advisor for Cybersecurity and Risk John Riggi said in a statement. “These disruptions are resulting in some clinical procedure delays, diversions or cancellations. Impact is also being felt indirectly as a result of local emergency call centers being down. Impacted hospitals are working hard to implement manual restoration of systems and the CrowdStrike patch. Affected hospitals have also implemented downtime procedures to ensure that disruptions to patient care are minimized or avoided to the extent possible.”      

In a blog post, Microsoft estimated that the outage affected 8.5 million Windows machines—or less than 1% of all such devices. At least 12 hospitals of health systems across the U.S. were affected by the outage, forcing some to cancel elective procedures, ABC reported. Interrupted organizations included Cleveland Clinic, Cincinnati Children's, Kaleida Health/Cayuga in Buffalo, Harris Health System in Texas, Hospital for Special Surgery in New York City, Martha's Vineyard Hospital, Mass General, Memorial Hermann in Texas, Mount Sinai in New York, Nationwide Children's Hospital in Ohio and Ohio State University Wexner Medical Center.

Mass General was among those canceling certain nonurgent care services on Friday. However, the Boston-based institution said Saturday that all scheduled appointments and procedures were expected to occur on Monday, July 22.