Palomar Health Medical Group's (PHMG) phones and computer systems are still down after "suspicious activities" nearly two months ago.
Palomar Health said it discovered the problem on May 5, which was affecting certain computer systems, and quickly took those systems offline to prevent the spread of possible malware.
The health care system said it is working with a third party to investigate the source and restore those systems as soon as possible.
Sabbir Hasan, however, said Palomar has been less than forthcoming with information about what happened. He only found out the issue when he took his parents to see their doctors last month and was told the office "didn't have any medical records" whatsoever.
"The other problem is that the doctor can not come up with any conclusive treatment plan, because they don't have access to the previous records,” Hasan said.
Adding to the frustration was the difficulty getting his parents' prescription filled. Because the computers were down, the doctor's office had to issue a written prescription, which Hasan said his pharmacy lost track of because it was inundated with written prescriptions.
Hasan's problems mirror others who contacted KPBS about the same issue.
Poway resident Erin Allin said that nurses had to ask her what the doctor diagnosed her with. Cecil Stockton from Valley Center said she wasn’t able to obtain her prescriptions since the outage began and neither has Dan Martinez from Escondido.
Palomar said PHMG is separate from Palomar Health Medical Centers and its hospitals were unaffected and fully operational.
Tony Anscombe, a cybersecurity expert at ESET, a cybersecurity company whose North American headquarters are in San Diego, said there’s been a rise in cybersecurity attacks on hospitals and health care systems because so much personal information is stored there.
“If I go and attack a regular company that's got invoicing data and maybe your home address and some payment information. I've got a reasonable amount of data," he said. "But now put me into a medical facility. And suddenly, if I've managed to get medical records as well, I've got this very rich data that includes your social security number.”
Palomar, so far, has released very little information about the incident.
Anscombe said that could be a good thing because, by law, the health care system has to notify people if their personal information has been compromised. The other alternative, he said, is that the FBI is involved and has asked Palomar not to disclose any information while it is investigating.
Palomar did not respond to a request for comment by deadline.
