When an EHR goes dark, hospitals don’t just go back in time. They go back to a workflow they have not fully run since the 1990s. I sell the layer that prevents the regression. Last week, the American Hospital Association made the case for me.
BY RUSS COBB | Chief Revenue Officer, Shelter Zoom | 5 MIN READ
I.
PICTURE THE ICU at the end of week one of an EHR outage.
The whiteboard at the nursing station has names, room numbers, allergies, and current medications written in dry-erase marker. Drug interactions get checked against a printed reference, and sometimes against a colleague’s memory. Orders move on color-coded paper forms, carried by hand from the unit to the pharmacy. The pharmacist verifies. A runner takes the verified order back. Lab results come back on a print queue at a central printer that someone has to babysit. Medication reconciliation at admission gets reconstructed from whatever the family remembers and whatever the patient brought in a plastic bag.
This is not a fictional scene. This is week one of UHS in 2020. Week three of Scripps in 2021. Week one through week six of Ascension last May. It is what happens to a modern hospital when the EHR is unreachable for longer than the downtime kit was designed for.
The downtime kit was designed for 24 to 72 hours. The downtime now runs 14 days. 19 days. 38 days. Six weeks.
I have a name for this. I call it pre-EHR-istoric medicine. It is what we are still doing every time a major healthcare cyberattack lands.
II.
I lead revenue for ShelterZoom. We make Spare Tire, the on-demand healthcare downtime resilience solution. The product runs in parallel with the primary EHR on a separate cloud. When the primary goes dark, clinicians log in on web or mobile and keep documenting, ordering, and verifying medications. When the primary comes back, the records flow back automatically. The architecture is built to do one thing: keep the workflow above the line where paper would otherwise take over.
I am not a clinician. I am not a security analyst. I am a commercial leader for a company that built one specific layer. My commercial stake is on the table.
The reason I am writing this is that last week, the American Hospital Association and the Joint Commission published a program that makes the case for the layer I sell better than any sales deck I have ever built.
“Healthcare ran on paper for the better part of a century. We spent twenty years getting off it. The events of the past five years have been a slow regression back to it.”
III.
The Cyber Resilience Readiness program launched on May 4. It is a voluntary self-assessment with an expert-review option and a full certification pathway arriving this summer. On the surface, it is a fourth or fifth document in a category that already has plenty.
That framing misses what is actually in it.
The CRR defines a 30-day or longer cyber-related technology outage as the planning benchmark for hospitals. Not 48 hours. Not three days. Thirty days or longer. From the body that accredits 23,000 hospitals.
The four dimensions the CRR evaluates do not include a single technical IT recovery metric. Maintaining safe patient care during cyber disruptions. Coordinating clinical, operational, and leadership response during downtime. Preparing staff to function during a significant cyber incident. Identifying risks to clinical continuity.
Every one of those is an operational question about whether the hospital can run while the IT team is restoring systems. None of them is a question about how fast the restoration happens. The CRR is asking whether care continued. Not whether systems came back.
John Riggi, the AHA’s National Advisor for Cybersecurity and Risk, framed it at launch. He called a cyberattack that delays patient care “more than a data crime; it is a threat to life crime.” That is not a sales line. It is the most senior cyber voice in American healthcare saying out loud what my product was built to prevent.
IV.
So here is what I am asking hospital leadership to do, and the order matters.
First. Take the free CRR self-assessment. It is on the Joint Commission’s website. It takes 35 to 45 minutes. Bring the CIO, the CISO, the CMIO, and at least one nursing leader to the table while you complete it.
Second. Read the four dimensions carefully against your current capability. If your honest answer to “can we maintain safe patient care during a 30-day cyber-related outage” is anything other than yes, you have what the CRR was designed to surface. A continuity gap.
Third. Look at what closes the gap. There is one architectural answer. A continuity layer that runs in parallel with the EHR, on infrastructure separated from the systems it protects, with full read-write clinical workflows accessible from web and mobile, ready before the outage starts. That is the category. Spare Tire is the anchor product in it. Evaluate other options too. The question is not whether to evaluate. The question is how soon.
V.
I do not need the CRR to make my product matter. The math has worked since the first event in this series. UHS in 2020 lost $67 million across three weeks of paper. CommonSpirit in 2022 lost $160 million across 38 days. Ascension last May lost $1.8 billion across a fiscal year that was, at the bedside, a six-week reversion to clipboards.
What the CRR does is take the conversation about how to prevent the next one out of the sales meeting and put it in the accreditation framework.
Healthcare ran on paper for the better part of a century. We spent twenty years getting off it. The events of the past five years have been a slow regression back to it, one outage at a time. The CRR is the first official statement from this industry’s leadership that the regression is not acceptable as a continuity plan.
I agree. That is why I do what I do.
The next time the EHR goes dark in your hospital, the clinicians should be opening a browser. Not a binder.
ABOUT THE AUTHOR
Russ Cobb is the Chief Revenue Officer of ShelterZoom, makers of Spare Tire®, the on-demand healthcare downtime resilience solution. He writes from the commercial seat, not the clinical one. The views here are his own.
sparetire.io / shelterzoom.com / info@shelterzoom.com