Texas Hospital Diverting Ambulances After Ransomware Attack
University Medical Center (UMC) in Lubbock, Texas, is grappling with a significant IT outage following a ransomware attack last week. The public health system, which includes a level-one trauma center and a children’s hospital, has been forced to divert ambulances as it works to restore affected patient services. Despite the disruption, UMC’s clinics and physician offices remain operational, though certain departments are following downtime procedures, causing delays in patient care.
UMC has advised patients to bring their medical prescriptions list and to physically visit clinics for immediate assistance, as access via phones and the patient portal is not guaranteed. Non-emergency laboratory and radiology appointments are being delayed. Out of caution, UMC is temporarily diverting both emergency and non-emergency ambulance patients to nearby facilities until its IT systems are back online. The hospital currently has no timeline for full restoration but is implementing downtime procedures to minimize disruption.
The ransomware attack has also impacted Texas Tech University Health Sciences Center (TTUHSC), UMC’s primary teaching partner, which is experiencing a similar IT outage. TTUHSC has limited its clinical operations and halted academic activities, instructing team members and students to refrain from accessing electronic resources until further notice.
UMC is the latest in a series of healthcare systems recently targeted by ransomware, disrupting patient care services nationwide. Earlier this year, hospitals like Ascension in Missouri and McLaren Health System in Michigan faced similar attacks, resulting in prolonged IT outages. The U.S. Department of Health and Human Services (HHS) has been increasingly scrutinizing healthcare organizations for such breaches, issuing financial penalties and corrective action plans to entities like Cascade Eye and Skin Centers.
In response to the growing threat, two Democratic lawmakers have proposed the Health Infrastructure Security and Accountability Act, which seeks to enforce stricter security mandates for healthcare organizations critical to national security. The legislation aims to bolster the healthcare sector’s defenses against cyberattacks and mitigate the risks of major data breaches, emphasizing the need for thorough risk assessments and robust monitoring of electronic health record systems.