Our world is faced with significant hazards, risks, and consequences from improper preparedness, response frameworks, and resiliency. To mitigate this, healthcare organizations utilize Hazard Vulnerability Analyses (HVA) to understand various risk factors and calculate risk scores for specific hazards. The previous articles in this series explored the use and accuracy of HVA tools as well as how the Delphi Technique can be employed to facilitate the risk assessment and hazard vulnerability analysis process in healthcare. In this article, we further explore three different HVA risk categories that organizations should address in their hazard vulnerability analysis processes.
Cybersecurity Threats
For many, cybersecurity concerns continue to rise to the top of healthcare organizational risk assessments. Although malicious actors may strike at any institution, cyberattackers largely target supply chain and financial institutions due to their impact on the American economy. Healthcare organizations are specifically vulnerable to cybersecurity threats, including data breaches, phishing and ransomware attacks.
Cyberattacks on protected health information (PHI) are especially critical as they can disrupt the provision of health care services to patients. According to the U.S. Department of Health and Human Service’s Office for Civil Rights (OCR), reports of PHI breaches by healthcare covered entities increased 45% from 2019 to 2020 with over 700 breaches reported in 2021.
To add to this, the Russia-Ukraine war has raised concerns over Russian hackers launching broader cyberattacks against Western allies. Governments and intelligence agencies have warned that nearly all organizations are at risk from Russian cyberthreats, whether state-sponsored or led by criminal organizations.
Click here to read more about Russian cyber threats from Jensen Hughes security risk consulting expert, Kenneth Bouche.
Energy Storage Systems
The use of energy storage systems (ESS) has accelerated substantially over the last two decades to meet the rising power needs of governmental agencies, power utility companies and commercial building owners. In healthcare organizations, when combined with other energy supply systems, ESS can offer a low-cost electricity solution that can be used to ensure continuous power supply for critical operations. Furthermore, ESS can be used to support new innovative technologies for staff, visitors, and patients, such as charging stations for electric cars in parking decks.
Lithium-ion ESS, however, carries a risk of fire and explosion not found within legacy energy storage systems. Although the fire protection community has developed standardized guidance for energy storage systems, even comprehensive fire protection, life safety and facility hazard mitigation strategies may not address all the risks. Hazard vulnerability assessments can be used to close these gaps.
Click here to read more about ESS safety concerns from Jensen Hughes industrial safety expert, Jens Conzen.
Clinical Engineering
Healthcare organizations continue to expand their service capabilities while introducing new innovative technologies and clinical devices to support delivery of care. While medical devices, in general, are not often perceived as carrying a great deal of risk in emergency preparedness programs, the hazards posed by devices that support clinical teams should be considered during hazard vulnerability analysis.
Medical devices are ubiquitous in healthcare. Thus, they are likely to be involved in hospital adverse clinical events and may play a role in operational concerns. Emergency preparedness programs need to account for the potential impact of medical device failures, such as the risks and hazards associated with automatic dispensing cabinets, the failsafe battery turnover of life saving equipment, and the unknowns of other medical devices requiring a level of resiliency.
Read more about medical device failures from Jensen Hughes risk forensics expert Scott Lucas.
Jensen Hughes is engaged with healthcare partners to discover these hazards, risks, and consequences and develop innovative solutions to complex challenges. Come back in a few weeks for the next article in our HVA series, where we review a case study involving the use of the Delphi Technique in hazard vulnerability analysis.
Stay up-to-date on our Hazard Vulnerability Analysis series: