Q&A: How Redundancy Enabled Resilience After Crowdstrike’s Outage
When CrowdStrike attempted to parse a bad Falcon Suite configuration file that had been pushed to millions of Windows machines last July, it crashed the entire operating system and its associated applications, impacting countless machines across numerous industries around the world.
The global IT outage caused widespread disruption to healthcare, with many hospitals and health systems losing access to electronic health records and other mission-critical patient care systems and forced to revert to paper.
CHI Health in Omaha, Nebraska was one of them.
But Dr. Abhishek Singh, a neurologist at CHI Creighton University Medical Center-Bergan Mercy, said cloud-based analytics helped him continue caring for patients in the immediate aftermath of the Crowdstrike crisis.
Singh says using the mobile image analysis tool RapidAI, he was able to gather information about a stroke patient from home and remotely direct his team as they treated the life-threatening condition.
For Singh, the ability to access mobile image analysis “was kind of a fallback system for us at a time when our laptops and our physical systems were going down,” he says. Healthcare IT News.
For the healthcare industry, network outages – whether caused by cyberattacks or other types of network outages – can put patients at risk. Redundancy is therefore a critical part of business continuity planning.
The Crowdstrike incident was an example of how “the growing reliance on interconnected IT systems has expanded the surface area of risk,” said Dr. Mark Green, R-Tenn., of the House Homeland Security Committee. said last month.
The outage demonstrated “the urgency of promoting cyber hygiene and resilience,” Green said, as the committee called Adam Meyers, senior vice president of counter-adversary operations at CrowdStrike, to testify before the Subcommittee on Cybersecurity and Infrastructure Protection on Sept. 24.
Meanwhile, two months after the event, Microsoft announced that the Crowdstrike outage would end top agenda item from discussion during the private Windows Endpoint Security Ecosystem Summit taking place September 10 at the Redmond, Virginia office.
We recently spoke with Dr. Singh of CHI Health about his experiences ensuring continuity of care following the Crowdstrike incident.
Q. What happened to CHI Health clinical workflows during the Crowdstrike outage?
A. Unfortunately, like many other industries – airlines, corporates, local governments and more – the implementation of this Crowdstrike security patch in our healthcare system resulted in a temporary loss of access to our computer systems, as they had to be shut down.
Although our IT team immediately went to work to restore functionality, the outage disrupted our EHR system, communication tools, and all operations that relied on the affected computers or laptops. Over the past 10-15 years, our healthcare system has transitioned from paper charts to electronic records, which we have become extremely dependent on.
Of course, despite the outage, patients still needed care.
That morning a critical situation arose when a young patient arrived at our hospital’s ED in serious condition, suffering from a posterior circulation stroke. This type of stroke affects a part of the brain that can lead to high mortality and morbidity, and we typically lose four out of five of these patients.
In stroke care specifically, we are often completely dependent on computer systems to view brain images. As a comprehensive stroke center, it is therefore crucial that we have direct access to the images and that we can continue to communicate with the teams.
With our documentation and many of our communication systems down, our radiologists, neurologists, and other physicians faced significant challenges in providing care. From the moment the patient arrived, we were at a disadvantage because we did not have access to all the imaging that we normally have. Fortunately, we were able to manually review the CAT scan – in my case from outside the hospital – using the RapidAI mobile platform.
This showed that the patient had no bleeding and that we had to administer the intravenous drug Tenecteplase.
I was also able to use the mobile tool to communicate with the care team who administered the medication in a timely manner and activated our neurointerventional radiology team to perform an intra-arterial treatment. As a result, the patient showed remarkable improvement and was discharged three days later.
Q. How did access to image analysis and clinical workflow technology provide an opportunity to maintain patient care during the Crowdstrike outage?
A. It was critical that we had access to this type of technology during the outage and system failure, creating a parallel system that provided image analysis and clinical workflow capabilities via our mobile phones.
It gave us the critical and time-sensitive information we needed to maintain patient care. With these redundancies, plus flexible cloud-based technology, we were able to maintain continuity of care during an outage of this nature.
Q. What was the ultimate value to patients after the BSOD crisis?
A. In this particular situation, access to mobile analytics could have saved the patient’s life, but these advanced tools play a vital role every day in reducing miscommunication and improving the speed and accuracy of diagnoses.
This time sensitivity is especially critical in strokes, because every minute without care results in billions of neurons lost, never to be restored. We as physicians need to be able to quickly determine if there is bleeding, clots, their location or size, and what the best course of treatment is.
What makes some of these tools even more valuable is that specialists like me can use them outside of the hospital when we are on call or if we need to serve another hospital in our network due to a specialist shortage.
This is especially common in the Midwest and other rural areas, where specialized expertise is less common.
Fortunately, artificial intelligence tools are helping us expand and share our knowledge with more people and fill gaps in our healthcare systems. By securely accessing patient information and making informed healthcare decisions from a remote location, we can ensure that patients don’t have to wait as long for our treatment guidelines.
Q. How has AI helped improve the diagnosis of vascular and neurovascular diseases?
A. In short, over the past 10 to 15 years, AI algorithms have significantly improved their diagnostic accuracy and impacted the timeliness of diagnoses.
For example, when RapidAI received approval from the U.S. Food and Drug Administration to analyze the presence of blood in a CAT scan, it was critical because treatments that dissolve blood clots cannot be administered to patients with brain hemorrhages.
The same thing happened when the tool was approved for accurately measuring intracranial hemorrhage volumes, as this was previously done manually using a 40-year-old formula, which was time-consuming and less accurate. Now, deep clinical AI automates this process for us and provides accurate measurements of hemorrhage volumes, which are vital in clinical practice and serve as an excellent tool for benchmarking and assessing patient outcomes.
AI tools also give us more options to work with, which is incredibly valuable.
I think we’ll see even more advances in the future, particularly in the development of better scoring systems in medicine and certainly in stroke care. Soon, AI will help us predict bleeding and complications from procedures, guide patient selection for new and emerging treatments, and optimize the triage process to prioritize our limited resources even more efficiently and automatically than we do today.
Andrea Fox is Editor-in-Chief of Healthcare IT News.
Email address: afox@himss.org
Healthcare IT News is a publication of HIMSS Media.
The HIMSS Healthcare Cybersecurity Forum is scheduled for October 31-November 1 in Washington, DC More information and registration.