UPDATED: October 26, 2022

In 2017, we ran the original article below in response to a ransomware attack that hit Britain’s National Health System. In 2020, we updated the article when history predictably repeated itself with a wave of attacks on several hospitals here in the U.S. from Ryuk, a group believed to be operating out of Russia and timed with both a surge in COVID-19 cases and the 2020 presidential election.

It started in early October 2020, when Universal Health System’s network of 400 hospitals was forced into EHR downtime procedures for three weeks, according to Health IT Security. The attacks continued later in the month with a coast-to-coast strike on up to 30 hospitals. On October 28 2020, the U.S. Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, and the Department of Health and Human Services issued a joint alert that said they had “credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers” from Ryuk.

see tigerconnect in action

Care Team Collaboration in one Easy App

To learn more about how TigerConnect improves care team collaboration and communication, reach out to us at any time with questions or to request a demo.

Now in 2022, there have been at least ten ransomware attacks on healthcare organizations ranging from large health systems to small hospitals and surgery centers. The collective ransomware attacks wreaked havoc on clinical systems, EHRs, and patient information. On October 12th, 2022, CommonSpirit Health reported that a ransomware attack led to EHR shutdowns as well as canceled appointments and procedures at facilities across the health system.

For these reasons, we felt it was once again time to emphasize the importance of using secure, text-based messaging as a vital part of a readiness response.

Throughout this latest wave of attacks, TigerConnect customers have shared stories about how having a separate, external, mobile-centric communication channel enabled both IT and clinical departments to continue coordinating when the EHR and other systems had to be shut down. In light of these events, we urge all healthcare IT and operational teams to adopt a secure collaboration platform now as a critical part of your ransomware attack preparedness. After all, if there’s one thing we know, the recurring threat from cyberattacks is here to stay.


  • Do not tie your communication channel to the EHR. This is a critical shortcoming of EHR secure chat tools.
  • Do not assume that it will be easy to switch to standard SMS in an attack. While encrypted, SMS is not HIPAA-compliant, and, more importantly, these apps risk patient safety as they lack healthcare-specific workflow capabilities needed for delivering timely and effective care.
  • Do adopt a care team collaboration solution, which can be a literal lifesaver. Nearly all are HIPAA-compliant, and some provide an extra layer of security with HITRUST certification.

Original Article:

Published May 15, 2017

On Friday, May 12, 2017, the world witnessed the effect that a ransomware attack can have on a large health system as the United Kingdom’s National Health System (NHS) became the latest victim of this serious and malevolent act. While U.S. health systems have been dealing with the ransomware threat as far back as 2012, this most recent event starkly reminds us that dependence on all-in-one software systems can leave hospitals especially vulnerable during unexpected attacks and system outages.

As a provider of a cloud-enabled care team collaboration platform, we at TigerConnect find ourselves advising our health system customers more frequently on the importance a standalone solution can play as part of their contingency plan in the event of an attack. Our recommendation is simple: Your communication channel (system of action) must reside separately from the central system (system of record).

Because cloud-based communications solutions operate in fortified data centers, they enjoy a clear advantage over on-premise solutions as they can be more nimble when critical situations arise. Having an architecture that separates communications from data preserves a vital workaround that can be leveraged for both care team communication (in the absence of EHR access), and for broadcasting organization-wide status updates to employees. Executives and IT teams can also use the platform to maintain protected health conversations and coordinate action plans for patient, family member, or public-facing communications.

Growing cyberattack threats are not a simple problem to solve. But there is one obvious and cost-effective way to prepare for cyberattacks like those that have struck hospitals, including Hollywood Presbyterian and Methodist Hospital in Kentucky [October 2020: Hospitals hit include all UHS hospitals, Hardin Memorial Hospital, and Sky Lakes Medical System].

With cloud-based platforms, any hospital unable to access its on-premise software could rely on a secure cloud platform (in TigerConnect’s case – a HITRUST-certified platform) to ensure critical communication and collaboration activities remain isolated during a ransomware attack. Care teams can coordinate activities without disruption via secure text messaging. Doctors, nurses, and allied health professionals can continue caring for patients and ensure real-time, secure access to critical care team members.

While healthcare organizations primarily utilize TigerConnect to optimize their daily communication workflows, it’s also true that if the unexpected happens and IT systems are compromised, a cloud-based communication platform like ours will ensure care teams continue seamless operations on a separate, dedicated, secure platform.

We are in a new and disturbing era of emerging threats, and failsafe thinking is vital to preserving the continuity of care. See how TigerConnect can help your organization optimize its workflows with a clinical communication platform. Learn more about it here.

ransomware underscores value of secure messaging blog header

Stay Connected & Receive our Latest Healthcare Insights