Ensuring Healthcare Provider Resiliency
As one of our nation’s 16 critical infrastructure sectors, healthcare is looked to for its resiliency in providing services in the event of a terror or cyber attack, a public health disease outbreak and during natural disasters.
To gauge their organization’s resiliency, hospital and health system leaders must ask hard questions such as:
- Do we have a continuity plan in place that covers our most critical business processes?
- Do we know what those critical processes are?
- Do we know what our vital systems and applications are?
- If disaster or disruption happens, could our organization continue to deliver services?
- How can we minimize the risk of disruption to our operations?
Leading organizations recognize the value of a Business Impact Analysis (BIA) in helping answer those important questions. A BIA is a systematic process to determine and evaluate the potential effects of an interruption to critical business operations because of a disaster, accident or emergency.
The goal of a BIA is to identify information assets and tier them in order of criticality which can be used to determine the Recovery Time Objective (RTO) and the Recovery Point Objective (RPO).
Prioritizing Resources Based on Criticality and Business Value
Clearwater follows a proven four-step process to help healthcare providers prioritize resources (e.g., hardware, devices, data, and systems) based on their classification, criticality, and business value.
Step 1: Business Unit Survey
- Identify in-scope business units
- Identify business owners
- Kick off meeting
- Send out survey
- Gather data
- Target date for on-site discovery
Step 2: On-Site Discovery
- Schedule interviews
- Gather outage impacts and downtime estimates
Step 3: Data Analysis
- Establish recovery time objectives
- Establish recovery point objectives
- Create asset tiering
Interested in learning more about Clearwater's Business Impact Analysis Services?
- The Rise of Telehealth: Planning for the Future: October 15, 2020 | 11:00am–12:00pm CT - September 14, 2020
- A Tale of Two Hacker Incidents - September 1, 2020
- Emerging Risk Management Issue: Vendors Hit by Ransomware - August 18, 2020