On October 31, 2022, the Osaka General Medical Center experienced a severe ransomware cyber-attack, similar to a previous incident at Handa Hospital in Tokushima Prefecture in 2021. The attacker exploited vulnerabilities in the VPN equipment, gaining access to the electronic medical record system and encrypting a significant amount of data, resulting in a critical information security incident. In response, we implemented a reference system using undamaged equipment and established a core system reference, which allowed for limited medical treatment during the recovery process. The full restoration of the electronic medical record system was achieved on January 11, 2023, covering over 80 departmental systems. However, the downtime significantly impacted outpatient and inpatient services, necessitating medical service restrictions. The cyber-attack originated from an intrusion through an external connection service in an out-of-hospital food preparation center operated by an external food service provider. Subsequently, the attacker gained access to our electronic medical record system and deployed the "elbie" ransomware. Throughout the incident, experts were involved from the early stages to address the challenges faced in various departments due to the disruption and medical service limitations. The restoration process involved rebuilding all servers and performing clean installations on more than 2,000 client PC terminals, which were subsequently reallocated to different departments. To prevent future incidents, we will outline specific examples of immediate security measures that organizations can implement. These measures aim to enhance system resilience and safeguard against potential cyber threats.