Officials at the University of Mississippi Medical Center say “significant progress” is being made in responding to a cyberattack that has disrupted statewide operations for nearly a week. However, the health care provider has canceled previously scheduled clinic appointments and elective procedures for at least two more days.
“Regularly scheduled clinic appointments and elective procedures will be cancelled through Friday. All cancelled appointments will be rescheduled soon,” a Wednesday afternoon update from UMMC said.
Patients in need are encouraged to call UMMC’s triage line at (601) 815-0000 in the meantime.
“Patients who contact us and require urgent care will be contacted directly to schedule a clinic visit today through Friday,” the update continued.
UMMC hospitals and emergency departments in Jackson, Grenada, Madison County, and Holmes County remain open, and officials are aiming to resume normal statewide operations as early as Monday.
“Through diligent and around-the-clock work, we are hopeful that we will be able to resume elective procedures and regular clinic operations as early as Monday. Our ability to do this will be clearer over the next couple of days. We sincerely apologize for this inconvenience,” the update concluded.
On the morning of Feb. 19, patients and employees reported that UMMC’s record system had gone offline. Other systems, including the hospital’s website, some phone lines, and email, were also not functioning properly. Later that morning, UMMC officials confirmed a cyberattack was to blame, saying some networks had been compromised while others were shut down as a precaution.
The provider – which operates seven hospitals, 35 clinics, and nearly 200 telehealth sites – was quickly contacted by the theft actors. On Tuesday, UMMC vice chancellor of health affairs Dr. LouAnn Woodward said demands had been received, but she did not disclose how they are approaching those demands. Both the FBI and Department of Homeland Security, along with state and other federal partners and experts, are working the ransomware case.
It also remains unclear if patients’ private information has been compromised.
“That’s what we’re trying to determine,” Woodward said Tuesday on Mornings with Richard Cross. “Like I said, our electronic health record was one of the components that we know was impacted by the attack. What we are trying to learn is what has been encrypted, what has been exported or exfiltrated. So, that’s some of the effort that is going on now and has been going on since last Thursday that takes time to test and validate.
“Our highest concern is getting our services back up and being able to take care of our patients, but very quickly right after that is the integrity of patient data.”