Checklists for responding to a security crisis

EHR system
Responding effectively to a security crisis requires planning, leadership involvement and outside help.

Responding effectively to a security crisis requires planning, and an article at Hospitals & Health Networks provides checklists to guide that effort.

The article differentiates between a security incident, in which an authorized person gains access to one or more computers, networks or other assets, and a security crisis, in which an intrusion affects the organization’s ability to operate.

That crisis can affect confidentiality, such as a breach of patient-protected data; integrity, in which patient records may be altered; and/or availability of systems for regular business.

RELATED: Emergency prep: C-suite's role in a disaster

One of the first steps: Notify hospital leaders and board members who have the authority—and the budget—to respond, says the author, Chris Williams, chief cybersecurity architect at Leidos Health, a consulting firm based in Reston, Va.

He also outlines the skills, services and other resources that will be required, such as being prepared for a high-stress situation.

“While a cyber crisis is hardly the only emergency that can occur at a hospital, it is one of the few that involves an active adversary who may try to thwart recovery. Encourage your team to be ready. It’s going to happen,” he says.

RELATED: Editor's Corner: Double down on those EHR contingency plans

Ninety-five percent of hospitals responding to a survey by the Department of Health and Human Services’ Office of Inspector General had a written EHR contingency plan, and more than two-thirds addressed HIPAA requirements such as having a data backup plan and an emergency mode operations plan.