Disaster preparedness is more than a cost of doing business. It is more than just a line item on a budget spreadsheet. Healthcare organizations need to have a plan in place to continue services when crisis strikes.

As a healthcare IT leader, it is not only your responsibility and obligation to provide care to the community throughout a normal day, but you also must be prepared to continue these vital services during any significant business disruption.

The stakes of a disruption are all too real. In healthcare, a disruption means a community may not have access to life-saving services, while other industries lose an average of $42,000 an hour during unplanned IT outages, according to Gartner. An effective response plan that addresses each aspect of your critical information is absolutely crucial to weathering the storm (no pun intended). Revenue, reputation and even the survival of your organization may be at stake.

Damage sustained at St. John's Regional Medical Center after the May 22 EF-5 tornado that struck Joplin, Mo.
Damage sustained at St. John's Regional Medical Center after the May 22 EF-5 tornado that struck Joplin, Mo.
Elissa Jun/FEMA

Like most industries, healthcare can be a victim of unpredictable, catastrophic disasters. In 2015 alone, flooding from Hurricane Joaquin affected hospitals in South Carolina, and heavy rainfall in Missouri forced the Mercy Jefferson Hospital’s Emergency Department to close its doors and relocate. We all remember when Hurricane Sandy wreaked havoc on the East Coast in 2012 affecting the New York healthcare sector, and in 2011, when St. John's Regional Medical Center in Joplin, Mo., was blown apart by a tornado.

Because the healthcare industry operates in an environment of accelerated change, it is now more critical than ever that healthcare leaders take the necessary steps to ensure that individual areas of responsibility are prepared for any business disruption. The same can be said for leaders of other industries. With such an increased focus on the customer experience, all businesses cannot afford to have unexpected circumstances disrupting their services. In fact, studies show U.S. companies lose $41 billion each year because of poor customer service. Organizations must understand the importance of establishing a business continuity plan in case of any emergency.

When the unexpected becomes the reality

To assist your leadership teams with preparedness activities, a business continuity plan should be in place and up-to-date. Such a plan provides a pragmatic and comprehensive approach that outlines the simple steps and procedures you need to take when the unexpected becomes the reality – whether it is a natural disaster or even a data breach. According to the Ponemon Institute’s 2015 Cost of a Data Breach Study, a business continuity plan can reduce the cost of a breach by an average of $7.10 per record, and that total can quickly add up, depending on the number of records that are compromised.

Quote
Because the healthcare industry operates in an environment of accelerated change, it is now more critical than ever that healthcare leaders take the necessary steps to ensure that individual areas of responsibility are prepared for any business disruption.

The objective is to ensure that your organization has a business continuity plan in place for every business segment in every location in which your organization operates. That said, this is not a one-time initiative. Business continuity management is a consistent endeavor that requires ongoing planning and testing to instill the resilience necessary to respond effectively to any crisis. It is a leadership imperative that requires ongoing preparedness activities with your employees, patients, customers, suppliers and other external organizations on which you rely.

As a leader, you might have responsibility for a small department, a facility with hundreds of employees, or a global business unit with numerous direct reports dispersed across various regions. No matter the scale, the responsibility is the same. You must balance efforts toward managing your area of responsibility day to day, with an understanding of addressing the risks your organization may face in the future. A business continuity plan provides the necessary methods and tools for you to prepare your organization for the unexpected, and develop the resilience to withstand any type of unexpected crisis.

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access

Brian Evans

Brian Evans

Evans, CISSP, CISM, CISA, CGEIT, Senior Managing Consultant with IBM Security Services, assists healthcare organizations in building regulatory compliant information security programs.