A cyberattack on a major American hospital system has caused dangerous medication mix ups including patients administered narcotics by mistake, leading to an admission to intensive care for life-threatening breathing difficulties.
In another case, a female patient suffered a cardiac arrest and died after data mishaps delayed test results that would determine her life-saving treatment.
Elsewhere, a nurse working for the Kansas branch of the major medical group recalled a ‘near miss,’ which involved him almost administering a potentially life-threatening dose of narcotic to a baby — because of confusing paperwork.
Employees at Ascension, a Catholic healthcare system with more than 140 facilities across the country, said these patients are just some of those suffering from the continued fallout of a cyberattack last month.
The healthcare giant ‘detected unusual activity’ across its networks, which left doctors and nurses locked out of digital systems and unable to access vital details about patients’ care.
Despite Ascension claiming on June 14 that access to the network was ‘restored,’ more than a dozen staff have revealed that astonishing mistakes are still taking place across hospital sites — from medication mix-ups to lost test results.
Employees say their hospitals are relying on shocking workarounds to bypass the computers, including using handwritten, sticky notes to keep track of dozens of critically ill patients.
Justin Neisser, a travel nurse working at the Ascension hospital at the time time, told CBS4 in May: ‘I just want to warn those patients that are coming to any of the Ascension facilities that there will be delays in care. There is potential for error and for harm.
A emergency room doctor at an Ascension hospital in Michigan, who remained anonymous for fear of retaliation, told Michigan Public and Kaiser Health News a patient was given a dangerous narcotic intended for someone else because of confusing paperwork.
After receiving the mistaken drug, the patient’s breathing slowed dangerously down and they had to be admitted to the ICU and put on a ventilator.
The doctor said: ‘We intubated him and we sent him to the ICU because he got the wrong medication.’
Another ER provider, a nurse also in Michigan who remained anonymous, told Kaiser a woman suffering from low blood sugar and confusion went into cardiac arrest and died after hospital workers said they waited four hours for lab results they needed in order to proceed with her care.
But they never received the results.
The nurse said: ‘If I started having crushing chest pain in the middle of work and thought I was having a big one, I would grab someone to drive me down the street to another hospital.’
Marvin Ruckle, a nurse at Ascension Via Christi St Joseph in Kansas, told Kaiser Health News he almost gave a baby ‘the wrong dose of narcotic’ because of confusing paperwork.
The nurse has worked in the neonatal intensive care unit for 20 years, but said it was ‘hard to decipher which was the correct dose’ of the infant’s medication on the baby’s chart.
Mr Ruckle said he had ‘never seen that happen when we were on the computer system’ before the ransomware attack. He added he had not received training for cyberattacks.
Another ICU nurse working at Ascension Via Christi St. Francis in Kansas said she almost gave the wrong medication to a critically ill patient because she couldn’t scan it like she had always done in the past with electronic records.
Lisa Watson told Kaiser: ‘My patient probably would have passed away had I not caught it.’
And while Ms Watson had used paper charts for much of her career before electronic records were implemented, she said the system in place after the cyberattack was ‘by no means the same.’
Across the country in Maryland, ICU nurse Melissa LaRue at Ascension Saint Agnes Hospital in Baltimore, said she too almost administered the wrong dose of a drug – a patient’s blood pressure medication.
She said: ‘Luckily, [it was] triple-checked and remedied before that could happen. But I think the potential for harm is there when you have so much information and paperwork that you have to go through.’
While Ascension may be one of the most recent, it is far from the only institution suffering from cyberattacks. The FBI released its internet crime report earlier this month revealing that in 2023, nearly 1,200 organizations were affected by ransomware, including 250 reports made by medical groups – the most of the 16 industries the report covered.
However, experts have warned hospital attacks don’t just steal a patient’s information, but pose a serious threat to public safety. Due to other recent cyberattacks, Americans were blocked from receiving lifesaving medication and in one case, a nine-month-old baby lost her life.
Cybersecurity expert Steven McKeon previously told DailyMail.com that rickety infrastructures and outdated security systems have made it too easy for hackers to infect networks with ransomware, warning the situation will only get worse.
Sean Fitzpatrick, Ascension’s vice president of external communications, told Kaiser via email: ‘As we have made clear throughout this cyberattack, which has impacted our system and our dedicated clinical providers, caring for our patients is our highest priority. We are confident that our care providers in our hospitals and facilities continue to provide quality medical care.’