Ransomware sucks, but it's definitely on their IT for not maintaining backups. The medical field is highly susceptible to this sort of attack because they 100% absolutely need the patient files and often have really shitty IT practices. My organization got hit at one point last year, we restored from a back up and everything was running as intended three hours later. Some clinics that we associate with haven't been so lucky, one declined to pay, and the others all ponied up the cash. The sad part is that there is an increasing preponderance of ransomware attacks where the group will take the money and never provide a key. About the only silver lining to this is that the entire ransomware industry is based on trust, and if that strange trust is broken, people will stop paying and the entire industry will dissipate.