Hospital Cyberattacks: Part XII: A Personal Encounter

EDITOR’S NOTE: Edward Roche, in association with RACmonitor, is writing a series of articles on the need for U.S. healthcare facilities to protect themselves from cybercriminals demanding ransoms for patient records. This is the twelfth installment in the series.

It all started innocently enough.

Dr. Wang said my EKG looked “a little off,” but she could not pin down anything specific. They ordered up my previous EKGs from six years ago. “There is a slight change,” she said. “I think you should have a cardio stress test.”

“What’s that?”

The medical community calls it a “stress test;” I call it the “radioactive rat track torture.” You are hooked up with so many wires you look like Robocop. Then, on command, you start running on the treadmill, just like a rat. There were encouraging words from the attending physician: “the treadmill always wins.”

I get going along at a brisk pace, and they inject radioactive dyes into my blood. “Don’t go near children for three days,” I’m told. “We will give you a pass in case you set off a bomb detector at the airport.” Comforting thoughts.

Then there was imaging, then more of the “radioactive rat track torture,” then more radiation injections and more imaging. 

“The test is not conclusive,” I am told. “Let us know what your cardiologist says.”

Back to Dr. Wang. “I suspect something, but nothing shows up,” she says. “I think you should go to the cath lab for an examination.” 

“What’s that?”

“Oh, it’s a simple procedure. They look into your heart with a camera and if something is wrong, they fix it. It is an outpatient procedure. Easy in, easy out.” She explained the procedure further. “They are going to do what?”

So, I start calling around. To my surprise, most of my buddies have had it done already. My high school friend Benny: “it’s nothing to worry about, I’ve had it done five or six times. The only problem is the mental effects, heh heh.”

With me sulking through similar feelings as an inmate on death row, the surgery day finally arrives. The hospital sends a car and driver for me. It is 5:50 a.m., but the Italian chauffeur from Jersey starts a cheerful conversation. “So you’re going to get your pipes blown out, right?”

I arrive at the hospital, but the information booth does not know where to direct me. “Our computer is slow today.” After wandering around the halls for a while like a medical refugee, I find the right place.

“Here, fill out this form.”

Then more waiting, then on to the next step, the preparation room. They ask me a few questions and log the data into paper forms. “We are having problems with our computers today,” I’m told. “Most people are working with a pencil.” I didn’t give it much thought.

They do an EKG, but the first one looks like modern art because the machine goes haywire and its needles seem to have a mind of their own. It resembled an original Jackson Pollock painting. “Perhaps we should try it again.”

“OK, wait and someone will call you.”

And they did.

Up to the next floor, all of your shoes and clothes go into a bag, and there’s the donning of those goofy hospital covers that leave your backside exposed. Hospital attire is in serious need of a makeover.

Then I’m in the holding pen. “We will move you into surgery as soon as a room is available.” They said that five times, each time with no effect.

Then the time comes. “Ready to go?”

They begin to roll the bed, then stop dead in their tracks. A physician’s assistant (PA) runs up. “There is no blood test!” 

No can believe it. “How could this happen?”

It’s the computer, stupid.

The hospital had been hit with a cyberattack. They were operating in paper mode. The prep team did not have a computer to tell them that a blood test was needed.

Then more delays. What should have been an “in and out” procedure turned into 48 hours.

The medical professionals continued to go about their work, but with less certainty than before.

We depend on computers too much of the time.

“If my case had been urgent,” I thought to myself, “the hacker would have killed me.”

This series on cyber security will return to its regular themes in the next issue of RACmonitor.

Yes, the author is still with us.

Print Friendly, PDF & Email
Facebook
Twitter
LinkedIn

Edward M. Roche, PhD, JD

Edward Roche is the director of scientific intelligence for Barraclough NY, LLC. Mr. Roche is also a member of the California Bar. Prior to his career in health law, he served as the chief research officer of the Gartner Group, a leading ICT advisory firm. He was chief scientist of the Concours Group, both leading IT consulting and research organizations. Mr. Roche is a member of the RACmonitor editorial board as an investigative reporter and is a popular panelist on Monitor Mondays.

Related Stories

EHI Export Requirements – Is Your EHR Ready?

EHI Export Requirements – Is Your EHR Ready?

EDITOR’S NOTE: Senior healthcare consultant, Rose Dunn, past president of AHIMA, reported this story today during her appearance on Talk Ten Tuesdays. The Electronic Health

Read More

Leave a Reply

Please log in to your account to comment on this article.

Featured Webcasts

Leveraging the CERT: A New Coding and Billing Risk Assessment Plan

Leveraging the CERT: A New Coding and Billing Risk Assessment Plan

Frank Cohen shows you how to leverage the Comprehensive Error Rate Testing Program (CERT) to create your own internal coding and billing risk assessment plan, including granular identification of risk areas and prioritizing audit tasks and functions resulting in decreased claim submission errors, reduced risk of audit-related damages, and a smoother, more efficient reimbursement process from Medicare.

April 9, 2024
2024 Observation Services Billing: How to Get It Right

2024 Observation Services Billing: How to Get It Right

Dr. Ronald Hirsch presents an essential “A to Z” review of Observation, including proper use for Medicare, Medicare Advantage, and commercial payers. He addresses the correct use of Observation in medical patients and surgical patients, and how to deal with the billing of unnecessary Observation services, professional fee billing, and more.

March 21, 2024
Top-10 Compliance Risk Areas for Hospitals & Physicians in 2024: Get Ahead of Federal Audit Targets

Top-10 Compliance Risk Areas for Hospitals & Physicians in 2024: Get Ahead of Federal Audit Targets

Explore the top-10 federal audit targets for 2024 in our webcast, “Top-10 Compliance Risk Areas for Hospitals & Physicians in 2024: Get Ahead of Federal Audit Targets,” featuring Certified Compliance Officer Michael G. Calahan, PA, MBA. Gain insights and best practices to proactively address risks, enhance compliance, and ensure financial well-being for your healthcare facility or practice. Join us for a comprehensive guide to successfully navigating the federal audit landscape.

February 22, 2024
Mastering Healthcare Refunds: Navigating Compliance with Confidence

Mastering Healthcare Refunds: Navigating Compliance with Confidence

Join healthcare attorney David Glaser, as he debunks refund myths, clarifies compliance essentials, and empowers healthcare professionals to safeguard facility finances. Uncover the secrets behind when to refund and why it matters. Don’t miss this crucial insight into strategic refund management.

February 29, 2024
2024 ICD-10-CM/PCS Coding Clinic Update Webcast Series

2024 ICD-10-CM/PCS Coding Clinic Update Webcast Series

HIM coding expert, Kay Piper, RHIA, CDIP, CCS, reviews the guidance and updates coders and CDIs on important information in each of the AHA’s 2024 ICD-10-CM/PCS Quarterly Coding Clinics in easy-to-access on-demand webcasts, available shortly after each official publication.

April 15, 2024

Trending News

Happy National Doctor’s Day! Learn how to get a complimentary webcast on ‘Decoding Social Admissions’ as a token of our heartfelt appreciation! Click here to learn more →

SPRING INTO SAVINGS! Get 21% OFF during our exclusive two-day sale starting 3/21/2024. Use SPRING24 at checkout to claim this offer. Click here to learn more →