McLaren Hospital cyberattack: Employee says they were forced to use PTO

Since McLaren Health Care was the target of a criminal cyberattack last week, operations have not yet resumed to normal.

Along with affecting some non-urgent appointments, tests, and treatments – the current attack is also impacting employees' paychecks. 

A current McLaren worker, who asked to remain anonymous, said employees were notified that they needed to use their own paid-time-off to compensate for missed days caused by the cyberattack.

"I feel like I’m being punished for something that I didn’t do," she said, concerned about her finances.

The disruption to McLaren's technology began on Monday, Aug. 5, according to the employee. The attack was confirmed by the healthcare company on Wednesday. In Michigan, McLaren Health Care, which is based in Grand Blanc, has 13 hospitals. 

Their hospitals are still functioning, and emergency departments continue to operate as normal – with surgeries and procedures happening as scheduled.

However, access to information technology systems remains limited, and patients may have to wait longer than usual to be seen by a doctor. 

When going to an appointment, patients are still asked to bring "a list of current medications or empty prescription bottles, printed doctor orders for imaging studies or treatments, printed results of recent lab tests available in the patient portals, and a list of allergies they have," according to McLaren.

Some ambulances are now being diverted to the next closest facility due to the attack, the health care company said in its latest update. And some primary and specialty care clinics are also still experiencing intermittent issues with their phone systems.

When disruptions began on Monday, employees were told to shut down their computers, the worker told FOX 2.  Staff were eventually given the option to use their PTO or go unpaid for the days they missed – and not all employees have enough PTO hours to cover their absences. 

Moving forward, as McLaren continues working to resolve issues caused by the cyberattack, employees have the option to exhaust their PTO or file for unemployment. 

"We need to use (our PTO) or we don’t get paid," the anonymous worker said. "Or we can file for unemployment."

When FOX 2 reached out to McLaren Health Care, they shared a statement reiterating that workers can now file for unemployment, adding that the hospital system is willing to work with its employees who aren’t working due to the attack.

"Because we stopped working doesn’t mean the bills are going to stop coming," the McLaren employee said.

Michigan Attorney General Dana Nessel wants consumers to be vigilant after the attack, as it is still unclear if data, including personal information, has been leaked.

"I encourage everyone to be diligent in safeguarding their accounts and to be on the lookout for any indications of personal data exploitation," Nessel said in a news release. "Unfortunately, at this time, information is scarce as to what information may have been exposed."

According to Nessel, McLaren patients should look out for:

  • A bill from your doctor for services you didn’t receive.
  • Errors in your Explanation of Benefits (EOB), like services you never received or medications you don’t take.
  • Calls from debt collectors about medical bills you don’t owe.
  • Medical debt collection notices on your credit report that you don’t recognize.
  • A notice from your health insurance company saying you’ve reached your benefit limit.
  • Denied insurance coverage due to a pre-existing condition you don’t have.

If data from your medical provider is breached, promptly protect your personal information by updating passwords for your medical portal accounts, carefully check your EOBs from your insurer, and notify your bank and credit card companies to set up alerts on your financial accounts, according to the General Attorney's office. 

"We continue to work with cyber security experts to determine if any patient or employee data was impacted," McLaren said.

Among McLaren's facilities is Michigan’s most extensive network of cancer centers and care providers.

"As of August 12, all radiation therapy units at Karmanos Cancer Institute care facilities across the state are operational – with some sites having started treating patients over the weekend," the company stated.

For more information on how to protect yourself in case of a data breach, click here.

Related

McLaren patient stuck in limbo after cyberattack affects prescriptions

McLaren Health Care was targeted in a cyber attack this week -- and it's putting patients in limbo as they need medicine and appointments.

HealthMichiganAround MichiganCrime and Public Safety