Health and Wellness Informatics News

A reported ransomware attack is causing weeks of Aprima EHR outages

Some customers are describing being unable to access their chart notes, clinic schedule, incoming test results, refill requests, with other issues.

There is a report regarding the ransomware attack on the CompuGroup Medical data center partner MedNetworRX. It has impeded the access of the customers to their Aprima electronic health record systems for two and more weeks. This Aprima EHR Outages began on April 22, and some of the hosted clients are still waiting for the services before Friday.

Fox’s clinic, the Alpine Center for Diabetes Endocrinology and Metabolism, works as an Aprima EHR Client. According to them, they do not have access to their clinic schedule, refill requests, chart notes, or test results. They were even unable to schedule new appointments. The availability and the open time slots are quite unknown. They have been using their downtime protocols, though they are not designed to serve for 14-day outages.

On April 27, eMDs sent an email signed by Derek Pickell, CompuGroup Medical CEO, to host the Aprima customers detailing this incident. A sophisticated criminal organization is carrying out this ransomware attack in some of the hosting vendor’s systems.

They do not yet have the confirmation that this is a data breach. However, the eMDs Incident Response Team is continuing to follow all the data integrity with the appropriate government regulations. eMDs will be sending a written data breach notice to any of the customers whose data has been encrypted. The email is also encouraging the hosted customers to continue with their operating under the HIPAA disaster protocols.

They are working extremely closely along with the hosting vendor to ensure that APRIMA has priority restoration. They have engaged some additional outside technical professionals to investigate their network. Every server in the main and secondary backup/ disaster recovery sites is passing through the review process.

Their goal is to remove any kinds of malware from the systems. It will ensure that all the devices are clean. At the same time, it will restore the full functionality of the data. Some customers are taking to social media to discuss the effects they are experiencing.

They are still operating as normal to continue along with their providing of service to their patients. They are processing manually instead of electronic systems. As of May 6, eMDs says that 260 customers are having their system availability restored.

They are still on their target to provide all the affected customers with access to their data by Monday. They are hoping that they will be able to bring that flow into their work very soon.