The COVID-19 situation unfolding around the world in the past few months has led to citizens, government officials and healthcare workers needing to make decisions they’ve never been faced with before and come together to find new solutions to address unprecedented challenges.
HHS first declared the spread of COVID-19 a public health emergency in January. The World Health Organization classified it as a pandemic on March 11, and on March 13, the President declared a national emergency. As US cases continue to increase, hospitals and health centers are facing several challenges, including maintaining an adequate supply of respirator masks, concerns about the availability of ICU beds if cases continue to increase, and potential drug shortages and disruption to the supply chain.
For physicians, nurses, and other front-line care workers, however, the primary concern is delivering effective, high-quality care to patients as they come in. And doing so requires consistent, secure access to critical patient data precisely when and where it is needed. In order to make the right treatment decisions swiftly for patients with COVID-19, care teams may need information from lab, radiology, ER, and other departments within the health system, or from offsite physician offices, ambulatory centers, and other remote locations.
However, many of these different departments and offsite locations may not operate on the same EHR, making sharing of that information within the system difficult. Additionally, health systems may not have efficient, automated, HIPAA-compliant methods to distribute reports within or across the enterprise. When facing a situation like COVID-19, report distribution of critical information must happen quickly and efficiently so that care teams have all the necessary information on-hand.
Another very real concern when it comes to data access in a pandemic situation is the possibility of system downtimes. This could include anything from internet interruptions and power outages that make EHR data unavailable for hours, days, or weeks, to cybercriminals taking advantage of a health industry thrown into upheaval as an opportunity for cyberattacks. First, consider the more innocuous of these scenarios – system downtimes due to power or internet interruptions. In October 2012, when hurricane Sandy hit the east coast, hospitals across New York, New Jersey, and Pennsylvania lost power for days and relied on backup generators; many hospitals were even forced to evacuate.
Due to the power outages, data access during hurricane Sandy quickly became a challenge. “Staten Island University Hospital could no longer access electronic health records after flooding on Monday disrupted power to the building where data is stored. Doctors continued to use paper records on Tuesday,” Modern Healthcare reported at the time. “Other hospitals lost access to EHRs during the storm. Doctors at West Penn Allegheny Health System in Pittsburgh reverted to paper and written orders as the storm came ashore and damaged a data center in Mountain Lakes, N.J. … Allegheny General and Western Pennsylvania hospitals, both in Pittsburgh and the emergency room at Forbes Regional Hospital, Monroeville, could not access electronic medical records between 8:30 p.m. on Monday and 4 a.m. on Tuesday.” When it comes to a pandemic like COVID-19, hospitals face the possibility of eventual power outages or system interruptions. It’s important for hospital IT teams to consider these possibilities in advance and have solutions in place to ensure uninterrupted care. Another threat to data accessibility during the current unfolding situation is that cybercriminals may use the opportunity to execute data breaches or other attacks.
Unfortunately, we’re already beginning to see this happen across the globe. On March 13, the Brno University Hospital, one of the Czech Republic’s biggest COVID-19 testing laboratories, was hit with a cyberattack in the midst of a COVID-19 outbreak. “The hospital was forced to shut down its entire IT network during the incident, and of the hospital’s other branches, the Children’s Hospital and the Maternity Hospital, were also impacted,” ZDNet reported. “The incident was deemed severe enough to postpone urgent surgical interventions and re-route new acute patients to nearby St. Anne’s University Hospital.” Czech police and hospital IT staff were “working together on-site to recover the hospital’s IT network.” This kind of care interruption, loss of access to EHR data, and postponement of necessary treatment can quickly become a life-or-death situation for COVID-19 patients. Which is why it is so important to have a solution in place that can serve as the critical first response tool to get through the immediate impact of a cyberattack lockdown while patient information is typically unavailable. “As the novel coronavirus that causes Covid-19 continues its march around the world and through the United States, it is spawning another kind of infection: Covid-19 cyber threats aimed at individuals and health systems,” according to STAT News. “Covid-19 cyber threats, made more complicated by the unknown unknowns that always accompany emergencies, will require increased resources … cybersecurity awareness, preparedness, and activity must be heightened.
Criminals are not looking for a fight — they are looking for victims, and organizations under stress are easier marks.” In an effort to help hospital IT departments face these challenges head-on, we’d like to offer you a complimentary, 30-minute consultation between now and April 30 to discuss any data-accessibility questions or concerns your organization may have related to the evolving COVID-19 crisis. Now more than ever, it’s important for us to innovate and collaborate as an industry to safeguard the health of our patients.