For the first time since last month's cyberattack, the CEOs of five hospitals impacted by the breach held a virtual news conference with local media on Friday.
The breach of a shared service provider has impacted patient care and forced the cancellation of thousands of appointments at Bluewater Health, Chatham-Kent Hospital Alliance, Windsor Regional Hospital, Hotel Dieu Grace Hospital, and Erie Shores HealthCare.
At Bluewater Health, the hackers behind the breach stole the information of over 250,000 patients, including the Social Insurance Numbers (SIN) of thousands.
Bluewater Health President and CEO Paula Reaume-Zimmer said those patients whose social insurance numbers were compromised had filed WSIB claims.
"We've established a call centre, where our privacy officer and her team is manning the calls and providing the information that individuals need for credit monitoring," said Reaume-Zimmer.
Patients who visited the hospital, or any of its past associated institutions, since November 1999 for a work-related injury, such as a WSIB claim, are asked to call 519-346-4604 between 9 a.m. and 5 p.m. Monday through Sunday.
In Chatham-Kent, recently diagnosed cancer patients are still being forced to seek treatment outside of the municipality.
CKHA President and CEO Lori Marshall said because they are a satellite clinic of London's oncology program, they're deferring new chemotherapy patients until their systems are back up.
She said the most significant impact at the hospital has been the limitations in the ability to provide stroke care for patients.
"Patients experiencing stroke symptoms in the community are being transported to London Health Sciences Centre or Windsor Regional Hospital via our local EMS for emergent stroke care," said Marshall. "We take our role very seriously for the care that we have not been able to provide during this cyberattack. Our patients have always been our first priority, and will continue to be."
Erie Shores HealthCare CEO Kristen Kennedy said the greatest impact at the Leamington hospital has been within the diagnostic imaging department.
"While x-rays and nuclear stress tests continue, our ultrasounds, CT scans and mammograms unfortunately have had to be rescheduled, with some delays extending upwards of six weeks," said Kennedy.
An investigation into the cyberattack continues by several law enforcement agencies, including INTERPOL and the F.B.I.
Windsor Regional Hospital CEO David Musyj said they're dealing with a different type of criminal, and the last thing you want to do is poke the bear. He said concerns shared with them by experts in situations like these is why they've decided against paying the ransom.
"We want these criminal actors to go away, to minimize the damage to our patients, staff and the community," said Musyj. "It is horrible one patient or one staff member was impacted by this criminal act, however we do not want to cause more damage to them than has already been caused."
President and CEO of Hotel Dieu Grace Hospital Bill Mara said all the affected hospitals have been working closely to restore impacted systems.
"As we continue to work through this criminal act, our teams are focused on restoring systems and investigating any further data impacts," said Mara. "At this time, we have not identified any further data impacts specific to our hospital, outside of what has been communicated to date."
CKHA President and CEO Lori Marshall said the phased regional approach has included a review of each digital system.
"To review whether or not the server was impacted, and if it was, following a series of steps to ensure that it is backed up, restored, scanned, repaired and placed behind a new firewall," said Marshall. "Bringing the systems back up is a phased, prioritized approach with critical patient systems being the first priority for all of us."
The hospitals, in a joint news release last week, said they hoped to have the patient charting system fully restored by mid-December.