Critical Care Explorations (Apr 2024)
Ransomware Cyberattack Associated With Cardiac Arrest Incidence and Outcomes at Untargeted, Adjacent Hospitals
Abstract
OBJECTIVES:. Healthcare ransomware cyberattacks have been associated with major regional hospital disruptions, but data reporting patient-oriented outcomes in critical conditions such as cardiac arrest (CA) are limited. This study examined the CA incidence and outcomes of untargeted hospitals adjacent to a ransomware-infected healthcare delivery organization (HDO). DESIGN, SETTING, AND PATIENTS:. This cohort study compared the CA incidence and outcomes of two untargeted academic hospitals adjacent to an HDO under a ransomware cyberattack during the pre-attack (April 3–30, 2021), attack (May 1–28, 2021), and post-attack (May 29, 2021–June 25, 2021) phases. INTERVENTIONS:. None. MEASUREMENTS AND MAIN RESULTS:. Emergency department and hospital mean daily census, number of CAs, mean daily CA incidence per 1,000 admissions, return of spontaneous circulation, survival to discharge, and survival with favorable neurologic outcome were measured. The study evaluated 78 total CAs: 44 out-of-hospital CAs (OHCAs) and 34 in-hospital CAs. The number of total CAs increased from the pre-attack to attack phase (21 vs. 38; p = 0.03), followed by a decrease in the post-attack phase (38 vs. 19; p = 0.01). The number of total CAs exceeded the cyberattack month forecast (May 2021: 41 observed vs. 27 forecasted cases; 95% CI, 17.0–37.4). OHCA cases also exceeded the forecast (May 2021: 24 observed vs. 12 forecasted cases; 95% CI, 6.0–18.8). Survival with favorable neurologic outcome rates for all CAs decreased, driven by increases in OHCA mortality: survival with favorable neurologic rates for OHCAs decreased from the pre-attack phase to attack phase (40.0% vs. 4.5%; p = 0.02) followed by an increase in the post-attack phase (4.5% vs. 41.2%; p = 0.01). CONCLUSIONS:. Untargeted hospitals adjacent to ransomware-infected HDOs may see worse outcomes for patients suffering from OHCA. These findings highlight the critical need for cybersecurity disaster planning and resiliency.