Hazard Vulnerability Analysis In Healthcare: Addressing Specific Categories Of Risk (Part 3)

Matt Icenroad

We explore different risk categories that organizations should address in their hazard vulnerability analysis processes.

Share this post

Our world is faced with significant hazards, risks, and consequences from improper preparedness, response frameworks, and resiliency. To mitigate this, healthcare organizations utilize Hazard Vulnerability Analyses (HVA) to understand various risk factors and calculate risk scores for specific hazards. The previous articles in this series explored the use and accuracy of HVA tools as well as how the Delphi Technique can be employed to facilitate the risk assessment process. In this article, we further explore different risk categories that organizations should address in their hazard vulnerability analysis processes.

Cybersecurity Threats

For many, cybersecurity concerns continue to rise to the top of organizational risk assessments. Although malicious actors may strike at any institution, cyberattackers largely target supply chain and financial institutions due to their impact on the American economy. Healthcare organizations are specifically vulnerable to cybersecurity threats, including data breaches, phishing and ransomware attacks.

Cyberattacks on protected health information (PHI) are especially critical as they can disrupt the provision of health care services to patients. According to the U.S. Department of Health and Human Service’s Office for Civil Rights (OCR), reports of PHI breaches by healthcare covered entities increased 45% from 2019 to 2020 with over 700 breaches reported in 2021.

To add to this, the Russia-Ukraine war has raised concerns over Russian hackers launching broader cyberattacks against Western allies. Governments and intelligence agencies have warned that nearly all organizations are at risk from Russian cyberthreats, whether state-sponsored or led by criminal organizations.

Click here to read more about Russian cyber threats from Jensen Hughes security risk consulting expert, Kenneth Bouche.

Energy Storage Systems

The use of energy storage systems (ESS) has accelerated substantially over the last two decades to meet the rising power needs of governmental agencies, power utility companies and commercial building owners. In healthcare organizations, when combined with other energy supply systems, ESS can offer a low-cost electricity solution that can be used to ensure continuous power supply for critical operations. Furthermore, ESS can be used to support new innovative technologies for staff, visitors, and patients, such as charging stations for electric cars in parking decks.

Lithium-ion ESS, however, carries a risk of fire and explosion not found within legacy energy storage systems. Although the fire protection community has developed standardized guidance for energy storage systems, even comprehensive fire protection, life safety and facility hazard mitigation strategies may not address all the risks. Hazard assessments can be used to close these gaps.

Click here to read more about ESS safety concerns from Jensen Hughes industrial safety expert, Jens Conzen.

Clinical Engineering

Healthcare organizations continue to expand their service capabilities while introducing new innovative technologies and clinical devices to support delivery of care. While medical devices, in general, are not often perceived as carrying a great deal of risk in emergency preparedness programs, the hazards posed by devices that support clinical teams should be considered.

Medical devices are ubiquitous in healthcare. Thus, they are likely to be involved in hospital adverse clinical events and may play a role in operational concerns. Emergency preparedness programs need to account for the potential impact of medical device failures, such as the risks and hazards associated with automatic dispensing cabinets, the failsafe battery turnover of life saving equipment, and the unknowns of other medical devices requiring a level of resiliency.

Click here to read more about medical device failures from Jensen Hughes risk forensics expert Scott Lucas.

Jensen Hughes is engaged with healthcare partners to discover these hazards, risks, and consequences and develop innovative solutions to complex challenges. Come back in a few weeks for the next article in our HVA series, where we review a case study involving the use of the Delphi Technique in hazard vulnerability analysis.

Stay up-to-date on our Hazard Vulnerability Analysis series:

Get in Touch

By completing the above form and checking this box you confirm that you have read, understood and accept our Privacy terms as well as our Cookie terms. Read our Privacy Policy.

Jensen Hughes ensures non-discrimination in all programs and activities in accordance with Title VI of the Civil Rights Act of 1964. If you need more information or special assistance for persons with disabilities or limited English proficiency, contact the Jensen Hughes Compliance Team at 410-737-8677 or compliance@jensenhughes.com. 

More blog posts from Jensen Hughes


Clearing Up the Confusion: Understanding Accessibility Codes for Continuing Care Communities

Sep 30, 2022

Often referred to as Continuing Care Retirement Communities, these facilities are popping up throughout the United States.

Read more
Domestic Violence in the Workplace: Five Tips to Keep in Mind

Sep 29, 2022

40% of women who died as a result of workplace violence in 2016 did so at the hands of domestic partners or relatives.

Read more
TOP 10 BENEFITS OF EMERGENCY RESPONSE PLANNING + MANAGEMENT

Sep 29, 2022

Here are the top ten reasons why a proactive approach to emergency response planning pays off.

Read more