When I began my career in healthcare information technology in the 1980s, the critical application for business continuity was payroll. Back then, computers were just starting to augment manual processes, whereas today, business and clinical areas cannot function without them.
Computers have been great for productivity and efficiency, but they’ve also introduced a very complicated set of information security challenges to which hospitals are especially vulnerable. Last year, at the same time they were being overwhelmed by the COVID-19 pandemic, hospitals saw a huge uptick in cyberattacks. One analysis found that ransomware attacks caused nearly $21 billion in downtime costs for hospitals in 2020.
I’ve argued here frequently that hospitals need to have contingency plans in place. Yet it’s not enough to simply have a disaster recovery plan. You need to think about your facility’s operations and how your clinical teams can continue to provide high-quality care when information systems are not available.
That’s the topic of a presentation I recently delivered during the virtual spring conference sponsored by the Indiana and Kentucky Bluegrass Chapters of HIMSS. Among other things I covered in my presentation:
- Why hospitals are uniquely vulnerable
- Why switching to manual, paper-based processes during a systems downtime is problematic
- The numerous risks downtimes pose for hospitals
- Some low-cost, high-return things hospitals should do to lower their risk
You can watch the presentation below.