Paubox News | HIPAA Compliance, Email Security and Healthcare Tech

Rural Illinois hospitals set to close after ransomware attack

Written by Abby Grifno | June 16, 2023

St. Margaret’s Health, with two locations in Illinois, announced they were permanently closing amid financial troubles caused in part by a ransomware attack. 

 

What happened

As of Friday, June 16th, St. Margaret’s Health in Spring Valley and Peru, Illinois, will be closing permanently. The organization has tentative plans to sell the Peru location to another Catholic healthcare organization, but no opening date has been set. 

According to NBC News, the hospitals in rural Illinois have faced financial troubles for years. They are one of many hospitals to be affected by staff shortages and the impacts of COVID-19, but the first that has cited a cyberattack as one of the major factors leading to its closure. 

The attack occurred in 2021, halting the hospital’s ability to submit claims to insurers, Medicaid, or Medicare for months. Critical operating systems were down for more than 14 weeks, and once they were operating again, the recovery and process to catch up was long and slow. 

They never recovered fully financially, and in January, their Peru location temporarily suspended operations. 

 

Why it matters

The closing of St. Margaret’s Health shows the significant financial implications of ransomware attacks, especially on hospitals that may already be financially troubled. According to a report by the University of North Carolina, there have been over 190 hospital closures in rural locations, often linked to higher levels of poverty and unemployment in the areas. 

According to a statement by Errol Weiss, the chief security officer of a cybersecurity nonprofit, while it’s common for cybersecurity issues to take out small businesses, the effect on St. Margaret’s is tragic and unprecedented. 

Related: #StopRansomware Guide released by the U.S. Joint Ransomware Task Force

The closing of St. Margaret’s may further hurt the economy in Spring Valley and Peru and lead to gaps in care. On St. Margaret’s website, they advise those in medical emergencies to call 911, but there are no nearby hospitals. 

According to a local news source, patients will now need to drive up to 30 minutes away to receive care. This change could lead to delays in care, especially with the nearby hospital likely seeing an uptick in patients.  

 

What was said

The Mayor of Spring Valley, Melanie Malooley-Thompson, said, “The hospital closure will have a profound impact on the well-being of our community. This transition will be challenging for many residents who rely on our hospital for quality healthcare.” 

According to CNN, Linda Burt, who was Vice President at the Spring Valley location, said that the ransomware attack disrupted their system long after it was over, “It took months after we went back online to catch up with billing.” 

 

The bottom line

CNN reported that St. Margaret’s Hospital has not been the only one to see devasting effects from cyberattacks; an 88-bed hospital in Idaho was recently forced to divert an ambulance in Chicago. 

As the possibility of attacks continues, hospitals must do the best they can to engage in proactive and preventive cybersecurity measures and ensure that their employees are up-to-date on best practices, tools, and software. 

RelatedHIPAA Compliant Email: The Definitive Guide