162 Regional Emergency Department Census Impacts During a Cyber Attack

Abstract

Modern emergency department (ED) care is critically dependent on computerized systems such as medical devices, electronic health records, and imaging systems. Many clinical systems have software and hardware vulnerabilities that can be exploited by malicious computer hackers. Cyber-attacks including ransomware on healthcare delivery organizations (HDO) are increasing in severity and frequency, impacting both individual hospitals and the broader regional healthcare delivery ecosystem. The effects of healthcare cyber-attacks on neighboring HDOs has yet to be reported in the literature. The purpose of this study is to report the impact on fully functioning hospital EDs during an active cyber-attack on a neighboring HDO. We performed a retrospective analysis of the daily combined census of two large urban academic EDs in San Diego, CA for the first week of a ransomware cyber-attack on a nearby multi-hospital HDO (May 2nd - 8th 2021). We then compared the mean to the 5-year historical census (2016-2020), matched by week (ex. first full week in May 2020 etc.) A one-way analysis of variance (ANOVA) and Tukey test were used to compare census years. The matched mean combined daily ED census for years 2016 - 2020 (no cyber-attack) were: 2016 – 221 (SD 12), 2017 – 211 (SD 21), 2018 – 174 (SD 30), 2019 – 229 (SD 29), and 2020 – 179 (SD17). For 2021 (week of the cyber-attack) the mean was 281 (SD 37). There was a statistically significant higher census during the cyber attack when compared to the 5 years prior (Table 1). Cyber attacks on hospitals can have significantly detrimental effects on patient care due to the loss of critical digital systems. This study demonstrated an associated “spill over” effect of significantly higher ED census numbers at facilities in proximity to HDOs under active cyber-attack.