By Jeff Wardon, Jr., Assistant Editor

Heywood Hospital and Athol Hospital are investigating a cybersecurity incident that caused a network outage affecting several service systems, The Gardner News reports. The outage led Heywood Hospital to issue a temporary “Code Black” diversion, closing its emergency department to all patients. Hospital officials also took affected systems offline and began working with cybersecurity experts and law enforcement to assess the incident. 

The incident at Heywood is indicative of a growing trend afflicting healthcare facilities nationwide. Even smaller or regional hospitals are increasingly being targeted because of their limited IT resources and high dependency on connected systems. As previously reported by Healthcare Facilities Today, an outage at Kettering Health sparked by a ransomware attack prompted the organization to immediately shut down their IT infrastructure. 

When outages occur, the continuity of care is interrupted, endangering the well-being of patients and organizations. Emergency departments end up going offline, causing diagnostic delays for labs and imaging and furthering communication issues with patients since online portals are down.  

Bouncing back from these scenarios is difficult, but having all relevant stakeholders involved in the overall recovery and response strategy is key to being resilient.  

“Your information security program needs to be a critical part of your overall resilience strategy,” Errol Weiss, chief security officer at Health-ISAC, told Healthcare Facilities Today. “Infrastructure teams need to be involved in the planning process for what happens when major IT systems go down and become unavailable.” 

Healthcare facility managers need to know that cybersecurity isn’t just under the purview of IT – it's their concern too since it affects patient safety and operational resilience. Facilities teams, clinical leadership and IT must collaborate and coordinate with each other to prevent significant outages and downtime from happening. 

Ultimately, protecting cyber infrastructure means protecting patients. When systems fail, the ability to deliver timely care and maintain patient trust relies on how ready facilities are to adapt. Managers can work closely with IT and clinical teams to ensure that healthcare facilities remain safe and operational, no matter what happens online. 

Jeff Wardon, Jr., is the assistant editor of the facilities market.