top of page
Search

Hey Healthcare, what are you ready for? An auditor or a disruption in services?

It's no surprise that when an organization has limited funds or human capital, they feel the need to limit their investment into an authentic disaster program. Authentic? What do I mean by that?


When I am invited to help organizations, especially healthcare organizations, I find that most of their emergency operations, business continuity, or information technology disaster recovery plans are written to:


  • Comply with particular ERM requirements,

  • Comply with audit findings,

  • Comply with any of the many standards which regulate healthcare (Joint Commission, HIPAA / HITECH, EHNAC, FDA, FISMA, ISO 27X).

When I stress test their plans, I find that while it may be good enough to pass an audit, it is often not strong enough to lead the organization through a major disruption, cybersecurity incident, or catastrophic event.


"But Ang, it passes our audit. What about Joint Commission? We are ISO certified."


My response is usually the same, "I didn't see Joint Commission in your DR plan? What is your auditor's role during a major incident, declaration or activation of your disaster plan? I mean, you don't see the local media, GAO's office at a FEMA's EOC driving your emergency response, do ya?"


Design an authentic emergency, continuity, or disaster program based on your region's past, present, and future hazards and actual readiness and capabilities. You'll not only be ready for the real thing, but you can also meet your governance requirements. I promise.


I'm not saying to throw away the regs. They came about because the US Healthcare System is fragile, critical and non-resilient. However, if healthcare organizations do not design their contingency plans to focus on patient care delivery, they've failed in their mission and are actually taking on more risk.


Let's not forget...do no harm. Our priorities are simple.

  1. People: Patients, visitors, workforce, and community

  2. Processes: Operations

  3. Infrastructure: Places & facilities

  4. Technology

3 views0 comments

Recent Posts

See All

Leading As a Cultural Misfit

December 28, 2023 – Angie M. Santiago Untraditional. Eccentric. Unconventional. Different. Nonconformist. In the creative arts...

I Got to Thinkin'

about my first disaster deployment, Hurricane Andrew in 1992. I've been thinking about how little the healthcare community was prepared...

Comments


bottom of page