How Cyber Attacks Disrupt the Patient Access Journey

The patient access journey is thrown into disarray when cyber attacks shut down digital health services. Cyber attacks targeting healthcare organizations more than doubled in 2020, with nearly half of healthcare IT professionals saying their organization has experienced a ransomware attack. 

Ransomware is a type of malware that blocks access to or encrypts an organization’s data. The stolen data can only be unlocked when the target pays the ransom hacking group. However, there is no guarantee that the data will truly be returned.

In addition to financial loss and data security, cyber attacks also disrupt how, when, and where patients access their care. 

Cyber Attacks Limit Patient Access & Create Delays

When patient data is jeopardized, healthcare organizations may limit access to their EHRs, patient portals, and online scheduling systems. As a result, patients can’t use their preferred digital channels to access care. 

According to a Ponemon survey, the disruption in care delivery wrought by cyber attacks can delay appointments, increase length of stays in the hospital, and abruptly transfer patients to new facilities:

• 71% of providers hit with a cyberattack reported a longer length of stay for patients.
• 70% said they experienced delays in procedures and tests.
• 65% said they experienced an increase in patient transfers or facility diversions.

When online scheduling is offline, call centers also become flooded with patients searching for appointments. For example, the Southern Ohio Medical Center (SOMC) saw more than a week of EHR downtime after a November 2021 cyber attack. When the non-profit health system canceled appointments during that period, their phone lines grew extremely busy due to efforts to reschedule postponed visits. 

Cyber Attacks Push Patients to Seek Care Elsewhere

In addition to slowing down care delivery, ransomware attacks damage patient loyalty. Half of patients say they would change hospitals if their health system was hit by a ransomware attack. 

However, consumers avoiding hacked health systems creates patient access challenges at neighboring facilities. When Scripps Health experienced a ransomware attack in May 2021, Christian Dameff, MD of the University of California San Diego Health studied the incident’s “spillover effect” on other regional hospitals. Dameff found that emergency room visits rose by 40% overnight. The overflow of patients created backups in appointment scheduling, lab tests, and wait times. 

“The consequences are the waiting rooms fill up, the amount of time for providers to see patients goes up, and the time it takes to get test results back or an X-ray done goes through the roof,” Dameff said at Infosec World DIGITAL 2021. 

Protecting Patient Access

Digital health services have become a lifeline for consumers during the COVID-19 pandemic. According to PYMNTS, 75 million consumers accessed at least one type of health-related product or service online during December 2021. Healthcare experts thus predict that the industry will balance innovating the digital access experience with protecting patient safety both on and offline.