Appalachian Regional Healthcare Security Breach Announced

Hospitals in Kentucky and West Virginia have been forced to work without key computer systems as a result of an Appalachian Regional Healthcare security breach.

A virus was discovered on Saturday that has caused a number of technical complications which Appalachian Regional Healthcare is attempting to resolve.

Upon discovery of the virus, computer systems were shut down to prevent the spread of the virus and the Emergency Operations Plan was initiated, although limited details of the Appalachian Regional Healthcare security breach have been released at this point in time.

The investigation into the virus infection is ongoing and federal authorities are now involved. A statement was issued by ARH spokesperson, Melissa Cornett, on Saturday explaining that electronic web-based services are currently limited as a result of the virus. Electronic communications have also been disrupted.

Many processes that are normally conducted electronically are now being performed manually. Patient care, medications, registrations, imaging services, and laboratory tests are not being performed electronically at present. This is causing some delays although Appalachian Regional Healthcare has reported that the emergency room is continuing to accept patients and medical services are still being provided at ARH hospitals.

However, since patient health records cannot be accessed this is having an impact on patients. To reduce delays and ensure that patients continue to receive high quality care they have been advised to bring details of any medications they have been prescribed and details of their medical histories to appointments until advised otherwise.

Regular assessments are being performed and critically ill patients will be transferred from ARH hospitals to other facilities if necessary.

At this point in time it is unclear exactly which systems have been affected by the Appalachian Regional Healthcare Security Breach and whether the protected health information of patients has been compromised.

A statement was released on Tuesday indicating no evidence has been uncovered so far that indicates PHI or financial data have been viewed or copied by the persons responsible for the infection. However, should it turn out that PHI has been accessed, prompt action will be taken by ARH to ensure risk to patients is minimized.

A spokesperson for ARH said “ARH continues to work with authorities and computer experts to address the problems and restore our systems to operational capacity as quickly as possible.”

Author: Richard Anderson

Richard Anderson is the Editor-in-Chief of