Many doctors still can’t use a transcription service made by Nuance Communications three weeks after the company was hit by a powerful, debilitating computer attack.
Hospital systems including Beth Israel Deaconess in Boston and the University of Pittsburgh Medical Center said eScription, a Nuance staple product that allows physicians to dictate notes from a telephone, still isn’t functioning. The outage obliterated doctors’ instructions to patients, forcing some to revert to pen and paper.
The computer virus, called Petya, has sent ripples through health care, among the last industries to make the switch to digital record keeping and one of the most frequently targeted by hackers, said Michael Ebert, a partner with KPMG who advises health and life-science companies on cyber security.
“Health care has been late to respond to the need for protected information, and the information is worth more,” Ebert said. “It’s amazing how far behind we are, and we know we have to do something.”
Hackers increasingly use viruses to encrypt companies’ information systems, unlocking the data only when a ransom is paid. After the Petya attack began in late June, companies from Oreo-maker Mondelez International to Reckitt Benckiser Group warned of a blow to their sales. Information systems used by FedEx Corp’s TNT unit may never fully recover, the shipping company said Monday.
The University of Pittsburgh Medical Center, a system of 25 hospitals and 3,600 doctors, said that its dictation and transcription services are still affected “with no estimated time of resolution.” The nonprofit is using features of medical records systems made by Cerner Corp. and closely held Epic Systems in the interim, said Ed McCallister, the Pittsburgh system’s chief information officer.
When the hack hit in June, the virus spread quickly. Ebert said one of his clients stood in a parking lot with a bullhorn, pleading with employees not to turn on computers, lest the virus spread into them. Another saw 100 workstations infected in an hour. Others shut down their entire systems, painstakingly starting computers one by one offline to see whether they had been tainted.
After acknowledging June 28 that portions of its network were affected, Nuance, based in Burlington, Massachusetts, is still picking up the pieces. In addition to transcription, Nuance named about 10 other affected products, including those used for radiology, billing and software that tracks the quality of care.