“Examples of Potentially Useful Practices/Scenarios” on the left with the “Contingency Planning SAFER Guide Recommended Practice
Match the “Examples of Potentially Useful Practices/Scenarios” on the left with the “Contingency Planning SAFER Guide Recommended Practice” on the right. (Each example matches with only one recommendation, and every recommendation has either one or two examples.)
Match the “Examples of Potentially Useful Practices/Scenarios” on the left with the “Contingency Planning SAFER Guide Recommended Practice” on the right. (Each example matches with only one recommendation, and every recommendation has either one or two examples.)
–
A large healthcare organization that provides care 24 hours per day has a remotely located (i.e., >50 miles away and >20 miles from the coastline) “warm-site” (i.e., a site with current patient data that can be activated in less than 8 hours) backup facility that can run the entire EHR.
–
The organization maintains a redundant path to the Internet consisting of two different cables, in different trenches (a microwave or other form of wireless connection is also acceptable), provided by two different Internet providers.
–
In the event of a power failure, there is an uninterruptible power supply (UPS), either batteries or a “flywheel,” capable of providing instantaneous power to maintain the EHR for at least 10 minutes.
–
The on-site, backup electrical generator is able to maintain EHR functions critical to the organization’s operation (e.g., results review, order entry, clinical documentation).
–
The organization maintains enough paper forms to care for patients on an in-patient unit for at least 8 hours. Paper forms could include those required to enter orders and document the administration of medications, labs, and radiology on each unit.
–
The organization has a daily, off-site, complete, encrypted backup of patient data.
–
The organization has a “read-only” backup EHR system that is updated frequently (optimally at least hourly).
–
There is a mechanism in place to register new patients during downtime, including assignment of unique temporary patient record numbers along with a process for reconciling these new patient IDs once the EHR comes back online.
–
The organization conducts unannounced EHR “downtime drills” at least once a year.
–
The organization has methods other than electronic (i.e., not email, Twitter, voice-over-IP) to notify key organizational administrators and clinicians about times when the EHR is down (either planned or unplanned).
–
A paper copy of the current EHR downtime and recovery policy is available on clinical units.
–
Access to the “read-only” backup EHR is disabled (e.g., icons on the computer screens are “greyed out” or not available) during periods of normal EHR operations.
–
The user interface of the read-only backup EHR system is visibly different than the fully operational system (e.g., there is a different background color for screens, a watermark across screens, data entry fields are greyed out).
–
The organization conducts simulated phishing attacks [i.e., sends fraudulent (but safe) email messages or websites that appear to be from legitimate sources] to raise user’s awareness of the problem.
–
The organization regularly monitors and reports on system downtime events.
–
The organization creates easy mechanisms for users to report slow system response time to the IT Helpdesk.
–
The organization convenes a multi-disciplinary group of clinicians and IT professionals to review the >24 hours downtime event and its management, identify potential root causes, and discuss future prevention or mitigating procedures.
A.
Patient data and software application configurations critical to the organization’s operations are backed up
B.
Paper forms are available to replace key EHR functions during downtimes
C.
The user interface of the locally maintained backup, read-only EHR system is clearly differentiated from the live/production EHR system
D.
A communication strategy that does not rely on the computing infrastructure exists for downtime and recovery periods
E.
Policies and procedures are in place to ensure accurate patient identification when preparing for, during, and after downtimes
F.
Review unexpected extended system downtimes greater than 24 hours using root-cause analysis or similar approaches.
G.
There is a comprehensive testing and monitoring strategy in place to prevent and manage EHR downtime events.
H.
An electric generator and sufficient fuel are available to support the EHR during an extended power outage
I.
Staff are trained and tested on downtime and recovery procedures
J.
Written policies and procedures on EHR downtimes and recovery processes ensure continuity of operations with regard to safe patient care and critical business operations
K.
Users are trained on ransomware prevention strategies including how to identify malicious emails.
L.
Hardware that runs applications critical to the organization’s operation is duplicated
M.
Functional system downtimes (i.e., unacceptably slow response time) are identified and addressed proactively.
Collepals.com Plagiarism Free Papers
Are you looking for custom essay writing service or even dissertation writing services? Just request for our write my paper service, and we'll match you with the best essay writer in your subject! With an exceptional team of professional academic experts in a wide range of subjects, we can guarantee you an unrivaled quality of custom-written papers.
Get ZERO PLAGIARISM, HUMAN WRITTEN ESSAYS
Why Hire Collepals.com writers to do your paper?
Quality- We are experienced and have access to ample research materials.
We write plagiarism Free Content
Confidential- We never share or sell your personal information to third parties.
Support-Chat with us today! We are always waiting to answer all your questions.
