Providers need contingencies if the power goes out

Increasingly digital hospitals need solid backup plans in case they become unplugged because of natural disaster or power grid attack.

There are all variety of reasons why power blackouts happen. Some can be foreseen, while other times, there’s no way a healthcare organization can anticipate, and prevent, the lights going dark and a data center going still.

For example, one hospital lost power after Mylar balloons from a nearby party landed on a power line, says Ed Spears, a technical manager at Eaton, a global power management company that tracks outage information to educate entities on the causes and impacts of outages.

What many healthcare providers don’t know is how finicky power can be. If power goes out for three seconds, it could take five hours to bring it back, Spears contends.

That could be five hours that the imaging systems and other critical applications are out of commission, with open data lost or needing to be regenerated via backup systems, and patients possibly being sent home with their appointments rescheduled. That all adds up to significant lost revenue and potential major expenses for hospitals.

To better weather an outage, providers may create and share a disaster recovery site with generators, an uninterruptible power supply (UPS) battery backup and be able to move data to another facility without interrupting services.

Obviously, a back-up generator system is a necessity for healthcare providers, although some very small entities may find that they don’t have enough fuel to survive for several days after a catastrophic event, such as a big storm, cuts power.

Use of an UPS during a blackout can bridge the gap and keep imaging, pharmacy, medical labs, critical applications and the operating suite going, as long as the fuel holds out.

That’s why it is important to contract with a fuel supplier under a first priority services arrangement, Spears says.

An organization in a pinch can move computer capability to another facility, particularly a hospital if necessary, so the organization can keep the electronic health record running.

This is especially important for smaller hospitals as telemedicine and smartphones increasingly come into provider sites, increasing the need for and dependency on electrical power. “Anywhere you break the chain of power, you will lose resources,” Spears cautions. “Small clinics should have at least three days of backup tapes.”

Get some help

Now, when they’re not facing an immediate disaster, is a good time for hospitals to invite power companies to take a look at the facility’s power program and find improvements before a failure occurs. Providers also should get a guide from the Healthcare & Public Health Sector Coordinating Councils, which provide advisory services to the industry.

“Every hospital I’ve ever worked with has UPS systems, especially for patient care systems like the electronic health record and backup generators,” says Kate Borten, President at Marblehead Group, a healthcare privacy and data security consultancy. “Long Island hospitals hit with superstorm Sandy in 2012, for example, needed to be prepared and used their backup generators since power was out,” she explains.

Consequently, the use of business impact analysis and disaster recovery plans that are based on comprehensive system inventories should identify and prioritize systems so that IT staff know which systems to put on backup power supplies and where to focus recovery work, according to Borten.


Most hospitals have some level of a backup generator, but the level of backup availability varies significantly, says Linn Freedman, a healthcare attorney and partner in the Providence, Rhode Island law office of Robinson & Cole.

“Can the generator withstand a day, two days, a week or a month?” she asks. “All hospitals should have one or more generators that can last two weeks, which is how long hospitals hit by hurricanes Sandy and Katrina were generally able to last.”

If a catastrophic power disruption strikes a region, it takes time for power companies to mobilize workers and get them on site, assess the issues and then start to mitigate the problems.

Providers, particularly hospitals, if at all possible are among the first customers that power companies restore, says Roger Morgenstern, senior public information director at Consumers Energy in Grand Rapids, Mich., which serves 6.7 million of Michigan’s 10 million residents.

“We have these facilities specially coded in our outage management system so they are immediately flagged when there is an outage,” he explains. “In addition, hospitals have customer account managers assigned to them so the client can get updates on our restoration efforts and when power is expected to be returned.”

Morgenstern suggests that providers talk with entities who sell and install generators about proper sizing and fuel use for generators.

“Many hospitals have redundant electric feeds for improved reliability. Generators powered by natural gas are often more common in larger installations as there is no need to add fuel; the generators are professionally installed and connected to the building’s natural gas systems.”

Power companies like Consumers Energy and DTE, Michigan’s other major utility, also have public safety liaisons who work with police and fire agencies to identify health facilities that because of their size may not have on-site or limited backup generators, so these providers also can be prioritized for restoration.

Resiliency is a critical component for utilities; it is designed in from the start, says Randi Berris, a spokesperson at DTE. “We can look to the March 2017 wind storm, the largest storm event in DTE’s history,” she explains. “Michigan experienced near-hurricane-force winds for many hours, causing 800,000 customers—a third of our consumer base—to lose power. During the storm, all major hospitals and Great Lakes Water Authority facilities continued to operate.”

Staying mum

Healthcare organizations don’t seem to want to talk about blackouts. Health Data Management asked 10 chief information security officers—those in charge of protecting the organization’s information—for an interview, and no one accepted. But the reality is that urgent surgeries can continue during a blackout because generators are available--however, that certainly is not optimal.

Surgery with a gamma knife can be done with a generator, but software to show the surgeon where best to cut may not be available, experts say. A big problem could be that a blackout occurs and the organization didn’t backup its data in one or more information systems, so that data is gone.

Even worse is the prospect of a destructive cyberattack that takes many types of systems in a hospital hostage, preventing it from getting the generator back online because it has been desynchronized and cannot return to its normal functions.

Targeting the grid

A report from the Congressional Research Service (CRS), issued in September 2018, explained evolving cybersecurity threats that can come from direct attacks aimed at the electric grid or other critical infrastructure, impacting the operations or security of the grid.

“The greatest cyber threats to the grid have been intrusions manipulating industrial control systems networks,” CRS warned. “Cyber intrusions have resulted in malware being placed on industrial control system networks, able to take over certain aspects of system control or functionality.

“Recent concerns include Internet of Things devices connected to networks. IoT devices are increasingly targeted by botnet malware where the hacker takes over devices to launch denial of service or other attacks. If such IoT cyberattacks were able to access electric utility networks, they could potentially impair these systems or cause electric power networks to operate based on manipulated conditions or false information.”

The CRS report also notes that the Trump administration in 2017 got more serious about the nation’s electrical grid amid growing reports of foreign hackers targeting power and other critical infrastructure, compelling the administration to issue Executive Order 13800. The order called for assessing a prolonged electronic power outage caused by one or more cyberattacks and evaluation of the readiness and gaps in the nation’s ability to handle such an outage.

The biggest worry

Despite the problems electrical blackouts bring, an Internet blackout would be far more concerning for providers, says Freedman. The most important health information is in the core electronic health record system and a slew of ancillary systems.

“Many providers no longer have paper records or they cannot be found or the information is too old to be relevant,” she advises. “Once the generator dies, you have no backup and no paper records, because what the patients need is all online.

“Everything is digital—all medical devices, drug monitoring systems, PACS and imaging,” Freedman continues. If Internet service goes down for an extended time, a hospital would be devastated to not have the ability to access products and services provided by the Internet. That would be much harder to cope with than an electrical blackout.”