In the modern healthcare landscape, “downtime” is no longer just an IT headache—it’s a clinical emergency.
For years, hospital disaster recovery plans focused on short-term outages or mass casualty events. But as cyberthreats like ransomware become more sophisticated and healthcare’s reliance on AI grows, a new priority has emerged: Clinical Care Resilience.
Based on recent insights from industry leaders at the 2026 ViVE conference, here is why your organization needs to shift its focus from simple “uptime” to true “resilience.”
1. It’s Not “If,” It’s “When”
Clinicians are trained for medical emergencies, but they aren’t always prepared for an IT “code blue.” Whether it’s a system failure or a targeted ransomware attack, the reality of modern medicine is that digital tools are as vital as oxygen. Clinical care resilience ensures that when the EHR goes dark, the care doesn’t stop.
2. The Relationship Factor
Technology is the backbone, but people are the nervous system. As Nate Couture (CISO at University of Vermont Health Network) noted, their 2020 ransomware attack took systems offline for four weeks. What saved them wasn’t a magic software patch—it was the established relationships between IT, legal, and clinical departments. Resilience is built in the “peace time” through cross-departmental collaboration.
3. The “AI Paradox”
Artificial Intelligence allows us to do more with less, increasing throughput and efficiency. However, this creates a “resilience debt.” If you staff your unit based on the efficiency of an AI-driven workflow, what happens when that AI disappears? Organizations must account for how they will handle “the old-fashioned way” of care with modern staffing levels.
4. Training Needs to be “Micro,” Not Just “Macro”
Gone are the days when one large annual drill was enough. Forward-thinking organizations, like Children’s National Hospital, are moving toward “mini-exercises.” By conducting monthly drills with individual units—especially nursing leadership—resilience becomes second nature rather than a forgotten manual on a shelf.
How to Start Strengthening Your Resilience Strategy
To move toward a more resilient future, healthcare leaders should focus on these three pillars:
- Ownership: Clearly define who “owns” resilience. It shouldn’t just be the CISO; it requires buy-in from clinical operations and executive leadership.
- Inventory for the Long Haul: Most hospitals are prepared for a 3-hour outage. Are you prepared for 3 weeks? Audit your physical supplies (paper charting, manual ID bands) and ensure staff know exactly where they are.
- Focus on the “Back to Normal”: Resilience isn’t just about surviving the outage; it’s about the recovery. Have a clear plan for how data collected on paper will be reintegrated into the EHR without burning out your staff.
The Bottom Line
In the words of CDW Healthcare Strategist Eli Tarlow, resilience should be part of the governance process now—not a standard we try to meet three years too late. By prioritizing clinical care resilience today, we ensure that our commitment to patient safety remains unbreakable, no matter what happens to the network.
Is your organization ready for a three-week outage? Let’s talk about building a strategy that keeps your clinicians empowered and your patients safe.
