Each cybersecurity event, whether planned or not, “offers an opportunity for all of us to find ways to build our resiliency muscle and protect our patients,” Wolfe says. “Preparation is key and each downtime event provides an opportunity to discover ways to improve our resiliency. One of the areas my team is focused on is finding those cyber risk ‘blind spots.’”

Through MLH’s research of the major healthcare breaches in the past five years, the common theme that emerged is that organizations have come to rely on technology so much that offline capabilities of hospital staff have either completely atrophied or are impossible to accomplish, Werner says.

“In situations where staff felt they were prepared, a myriad of unanticipated issues ultimately arose during downtime,” Werner says. “Our goal is to prepare staff for the inevitability of continuing patient care when electronic systems are no longer available, but also to find the unanticipated issues that ultimately extend downtime and have negative patient care consequences.”