The entire public health system is on high alert tonight after the cyber attack that crashed the Waikato District Health Board's computers and phones.
Five hospitals in the region have had their second day without IT systems following a major ransomware attack yesterday morning.
Doctors at Waikato Hospital are reverting to whiteboards and hardcopy records to continue treating patients.
A doctor working at Waikato Hospital's emergency department says they are rolling up their sleeves and dealing with the crisis - like it's 1999.
Speaking to RNZ as president of the Australasian College for Emergency Medicine, Dr John Bonning said more nurses and administration staff had turned up to help.
"We've gone back to whiteboards, we're able to use some non-networked computers, everybody is rolling their sleeves up and working together," he said.
"Everybody's impacted and we'll deal with this crisis."
Dr Bonning said the hospital could still provide clinical care - but people were asked to visit a GP or an urgent care clinic if their situation was not a critical emergency.
"The labs are still able to process results it just takes a lot longer and things come down on paper. It's a little bit like it was 20 odd years ago, a little bit slower and less efficient, but patient safety is still paramount and we're doing everything we can to look after people."
Patients were understanding of the situation, he said.
"The few conversations I've had about the sort of people that do this sort of thing [cyber attack], it's just how malicious and terrible these sorts of people are," he said.
"It's just beyond my level of understanding how any human being would want to do this."
Dr Bonning said he hoped the computer systems could be restored before the weekend.
"The weekend will be a challenge for us [because] we're always very busy and Mondays are always busy too. It's added another layer of complexity and we need to be very careful as we manage this."
Waikato DHB has engaged an external specialist cyber security company to help it recover from the cyber attack.
It is also working with the Ministry of Health and the National Cyber Security Centre.
The malware is believed to have come from an overseas hacker, in an email attachment - a phishing scam.
Waikato DHB chief executive Kevin Snee said it was not believed to be a case of double extortion - where the attackers first demand payment to stop the attack, and then payment to prevent information being leaked to the dark web.
"We isolated the problem very quickly, and as I say, in these circumstances primarily about extorting money by creating disruption."
Dr Ruth Large, the chair of the Telehealth Leadership Group which advises the ministry's digital and data team, said phishing scams could be ruthless and efficient.
She said the first response was to put the systems into quarantine to prevent the virus spreading further.
"The outage doesn't necessarily mean that this virus has infected multiple bits of equipment or activity, what it means is that most likely we have to shut everything down so that it doesn't spread."
The ministry said all DHBs faced cyber attacks in various forms every day.
It said this cyber attack did not appear to be linked to an attack targeting Ireland's health department last week.
DHBs are being asked to go through their IT systems looking for patterns of a similar event, and to check their antivirus and other security systems are up to date.
The Privacy Commissioner is awaiting further information to determine if it needs to investigate any breach of confidential information following the cyber attack.
Other public health departments remain on alert, including the Southern DHB, which has added more security measures as a precaution.
The Southern DHB said it had noticed an increase in the number of cyber attacks over the past seven days.