Great Plains Health patients currently might not be able to access the OneChart patient portal to view bills, fill prescriptions or schedule appointments, but they can still call the hospital to do those things, said hospital Chief Information Officer Brandon Kelliher.
Kelliher also said it is highly likely that the program will be restored by the end of this weekend.
This situation is due to a “security incident” involving IT systems at Omaha-based Nebraska Medicine last weekend. The investigation into what happened is still in its early stages, Nebraska Medicine spokesman Taylor Wilson said, “and we can’t yet speculate on the nature and scope of the incident.”
The health system had a computer network outage early Sunday, Wilson said, that required workers at Nebraska Medical Center to do things by hand that are normally done on computers. Appointments Monday at Nebraska Medicine locations were postponed.
Other hospitals that use Nebraska Medicine systems, including Hastings, Norfolk and Beatrice, were also affected.
GPH uses an electronic health record system called Epic, Kelliher said, which is hosted at Nebraska Medicine.
“Since (Nebraska Medicine is) currently having a cybersecurity event that caused their network to go down, as well as many of their servers, we’re unable to get to Epic,” Kelliher said. But he clarified that GPH’s “systems here were not attacked.”
“At this point we don’t have any reason to believe any patient information is compromised,” Kelliher said, but the investigation at Nebraska Medicine is still ongoing.
This hasn’t impacted the hospital’s ability to care for patients, according to Kelliher, since patient data stored in other record-keeping systems can still be accessed.
“We’re pulling data out of those systems so we can care for the patient safely and we know about them and things like that, so we’re OK there, with a couple minor exceptions,” Kelliher said. The hospital has asked a couple of patients to postpone nonurgent procedures “just to be safe” because the appropriate records can’t be accessed, but according to Megan McGown, GPH marketing manager, those are “isolated cases.”
The cybersecurity attack that GPH faced in November 2019 helped prepare the hospital to continue running after the Nebraska Medicine security event.
“We’ve done many things not only around protecting the organization’s data, but also about preparing for downtimes, which is the real disruption. We’ve had teams meeting ever since December and working on downtime processes,” Kelliher said. “We were planning to test one (in October); however, our test just occurred. The real operations of the hospital in downtime situations depend on the people’s willingness to work together, and if there’s one thing hospitals do, it’s that we pull together when there’s a problem. So people are being taken care of and things are getting done.”