Oracle Engineers Caused Days-Long Software Outage at US Hospitals (cnbc.com) 14
Oracle engineers mistakenly triggered a five-day software outage at a number of Community Health Systems hospitals, causing the facilities to temporarily return to paper-based patient records. From a report: CHS told CNBC that the outage involving Oracle Health, the company's electronic health record (EHR) system, affected "several" hospitals, leading them to activate "downtime procedures." Trade publication Becker's Hospital Review reported that 45 hospitals were hit.
The outage began on April 23, after engineers conducting maintenance work mistakenly deleted critical storage connected to a key database, a CHS spokesperson said in a statement. The outage was resolved on Monday, and was not related to a cyberattack or other security incident. CHS is based in Tennessee and includes 72 hospitals in 14 states, according to the medical system's website.
The outage began on April 23, after engineers conducting maintenance work mistakenly deleted critical storage connected to a key database, a CHS spokesperson said in a statement. The outage was resolved on Monday, and was not related to a cyberattack or other security incident. CHS is based in Tennessee and includes 72 hospitals in 14 states, according to the medical system's website.
The Oracle Guarantee (Score:2)
Re:The Oracle Guarantee (Score:5, Funny)
People will die
Now we can say: "People are dying to see Oracle's software working properly."
Oracle (Score:4, Insightful)
Re: (Score:1)
Might be hard to switch Hospital systems after Oracle buys the one you are using.
Re: (Score:2)
The only time to use Oracle is if you don't know any better.
The problem with this is that you can substitute the name Oracle for literally any other company of that scale with that product. Oracle, SAP, IBM, debating who has the best enterprise scale database solution is like debating which pig is the cleanest in the mud pit.
... for some definition of "related" (Score:5, Interesting)
The outage was resolved on Monday, and was not related to a cyberattack or other security incident.
The cybersecurity people who give me headaches would definitely include unintended downtime a security incident -- a loss of the availability part of the security triad [nist.gov]. (They give me headaches because they act like they are convinced nobody else can pay attention to concerns like that.)
The really cynical among us would consider the use of Oracle in the first place to be a kind of cyberattack....
Re: (Score:2)
Five-day outage is in a domain of business continuity.
Deleting data - happens.
Did they have backups?
Did they have recovery plans and procedures?
Had they tested them?
What failed?
Shakes fist in air... (Score:3)
L A R R Y ! ! !
It happens (Score:4, Informative)
A coworker of mine once absentmindedly blew away a critical database table at a large east coast hospital as I sat one desk over. It was then that the hospital found out their backups were broken.
Re: (Score:2, Informative)
Backups should be reviewed and tested at least once a year. It only takes a few things like renaming files, changing folder locations, or storage filling up to break a backup plan.
If you don't periodically test your backups, all you have is a wish.
Re: It happens (Score:2)
Bring back paper (Score:2)
It's so much safer.
Computers are dangerous...
Computers are very sharp tools, and like any sharp tool, when used badly, will do a lot of damage very fast. However the benefits are enormous, there just needs to be a recognition of the dangerous and therefore enough training and time for IT staff to find out what they are doing. Unfortunately this cost MONEY... CEOs and boards need to recognise the need to spend a lot of money to be safe; this will be hard for them!