House Committee Presses Nuance Executives on NotPetya Attack | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

House Committee Presses Nuance Executives on NotPetya Attack

October 20, 2017
by Heather Landi
| Reprints

The U.S. House Energy and Commerce Committee is requesting that Nuance Communications executives provide more information about the malware incident, called NotPetya, that impacted the company, along with multinational companies in 65 countries, back in June.

U.S. Representative Greg Walden (R-Oregon), chair of the Energy and Commerce Committee, sent a letter to Nuance Communications chairman and CEO Paul Ricci requesting a formal briefing to the Committee, by Nov. 2, about the circumstances surrounding Nuance’s initial infection by NotPetya, as well as what steps it has taken to recover and resume full capabilities.

Nuance Communications, a Burlington, Mass.-based technology company, provides cloud-based dictation and transcription service to hospitals and health systems, and portions of Nuance’s network was impacted by the June 27 malware incident, which includes a significant part of its services to healthcare organizations. The company announced late in July, a month after the NotPetya malware attack, that it finally had restored service to the majority of its clients on its flagship transcription platform.

In the letter Walden wrote that while Nuance has announced that impacted services have been fully restored, the company’s original infection and its effects adds to the growing list of concerns about the potential consequences of cyber threats to the health care sector. “It is important, therefore, for the Committee to understand the details of this event so we can work together to ensure appropriate lessons are identified and addressed. Learning from this event will not only benefit the health care sector, but also the millions of patients who depend on the availability of products and services,” Walden wrote.

When the malware incident occurred, Nuance said it initiated an emergency shut down of its global network and suspension of all data backups to limit the spread of the malware within its systems. Walden noted in his letter that while this response protected Nuance’s systems from additional damage, it also prevented the use of Nuance’s services by those in the health care sector who depend on them for transcription and dictation, for periods ranging from days to weeks.

“While Nuance was not the only company to suffer degraded capabilities due to the June 27 outbreak, Nuance’s role as a transcription and dictation provider for a large percentage of the health care sector sets its infection and subsequent availability issues apart and raises the possibility of more serious aftereffects for the health care sector as a whole,” Walden wrote.

Get the latest information on Cybersecurity and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More



Class Action Lawsuit Claims eClinicalWorks Deficiencies Led to Inaccurate Medical Records

A class action lawsuit filed Thursday in the U.S. District Court in the Southern District of New York alleges that electronic health records vendor eClinicalWorks failed “millions of patients by failing to maintain the integrity of patients’ records.”

HHS Secretary Names Three Members to HIT Advisory Committee

The U.S. Department of Health and Human Services (HHS) Acting Secretary Eric D. Hargan named three members to the Health Information Technology Advisory Committee (HITAC), established by the 21st Century Cures Act.

Survey Gauges Health System Preparedness for Quality Payment Program

A new survey indicates that most healthcare organizations are relying on EHRs and population health management solutions for quality performance management. However, survey respondents also report low satisfaction with these solutions, which puts organizations at risk of falling short of their goals for maximizing payment incentives.

House Committee Examining Personnel and Organizational Changes at HHS Cybersecurity Center

The House Committee on Energy and Commerce is examining whether the U.S. Department of Health and Human Services (HHS) retaliated against two key HHS cybersecurity officials and whether those actions weakened the federal agency’s role in responding to healthcare cybersecurity incidents.

Large Physician Group Joins Michigan’s Growing Statewide HIE Network

Oakland Physician Network Services (OPNS) has joined the Michigan Health Information Network Shared Services (MiHIN), a statewide health information network that continues to grow with now its 13th health information exchange qualified organization.

Survey Indicates Major Jump in Telemedicine Adoption in Past Three Years

A new survey shows broad acceptance of telemedicine services among health care executives and providers compared to just three years ago as 76 percent of healthcare professionals said their organizations currently offer or plan to offer telemedicine services.