Software systems can go down for a variety of reasons, but mitigation solutions can ensure your practice can manage through it.
Physicians felt the pain this summer when a malware attack hit Nuance Communications, a voice transcription service for healthcare providers.
Some physicians couldn’t use the company’s technology, which added dictated notes into electronic health records (EHRs), as a result of the cyberattack on the company.
The incident shows that a physician can have problems with his or her EHR even if they’re not a victim on a direct cyberattack, said Cliff Baker, chief executive officer of Meditology, a health IT security services company.
In fact, there are many threats besides a direct cyberattack that could bring down or cripple an EHR, health IT experts said.
Fires and floods can take out onsite computer servers running the EHR software. Construction mishaps and power surges can knock out electricity or Internet connections. Faulty system upgrades and corrupt code can cause a system crash. Baker said he saw one system failure caused when someone unplugged a piece of critical hardware.
“It’s a likelihood that you won’t have access to your clinical information at some point for any number of reasons, so you need to think through what you would do without it,” said Andrew Gettinger, MD, chief medical information officer and director of the Office of Clinical Quality and Safety for the Office of the National Coordinator for Health Information Technology.
Certainly, physicians will need to contact their EHR vendor as well as their IT providers if their EHR crashes.
But experts said that action alone will not enough to ensure the practice can continue to operate while systems are down.
Gettinger said physicians should determine in advance what other steps to take in case of a system failure and formalize them in a disaster recovery-business continuity plan based on their risks and requirements.
Key strategies to work into a plan include: