Hall and other CalvertHealth leaders knew there was room for improvement, but amid tight budgets and competing priorities, an upgrade seemed too expensive. Instead, CalvertHealth migrated its EHR recovery site to Amazon Web Services.
Recovery time is now between two and four hours, Hall says, and CalvertHealth has since conducted two failover tests without anyone noticing.
“To me, it was a no-brainer. I thought, ‘If we don’t do it now, we won’t get to do it again.’ As a stand-alone, rural-based organization, we couldn’t achieve this on our own,” she says. “It was a huge win for us, and the driving piece of it was ensuring that we can deliver patient care.”
Rural Hospitals Have Unique Cybersecurity Challenges
While many healthcare systems across the U.S. face financial hardships and staffing shortages, smaller, rural hospitals are especially hard-hit and have been declining for more than a decade. Over 135 rural hospitals closed between 2010 and 2021, according to the American Hospital Association, with more hospitals at risk in the coming years.
In a troubling economic landscape, an increase in cyberattacks and vulnerabilities makes security investments imperative. Cyber incidents hit an all-time high in 2021, according to one analysis of government data. Still, Fitch Ratings warns that cybersecurity spending is likely to be a low priority for health systems focused on cost containment.
With all these concerns, rural health systems such as CalvertHealth face a sobering question: Can they afford to protect themselves?
But as rural populations continue to lack access to quality healthcare, the facilities that are still operating must remain able to respond to medical emergencies and otherwise serve their communities, says Natalie Schibell, vice president and research director at Forrester.
“Organizations have to consider the impact of cyberattacks on top of everything else,” she says. “If the economy doesn’t take them out, a cyberattack will. One click can shut down an entire hospital.”