The Business Continuity profession has seen rapid and explosive growth in the days since 9/11. On that terrible day, the significant difference between those businesses housed in the World Trade Centers that would reopen and those that would close was the degree of business process resilience that business possessed.
The years since 9/11 have seen businesses large and small implementing not only data redundancy, but continuity planning for all critical business processes. To be sure, healthcare has also implemented data redundancy and business process continuity planning for business and administrative activities, but what about the true business of healthcare?
Business continuity planning is designed to preserve those critical business processes that must be preserved to maintain operations and profitability. For an investment company, those processes include data storage, client accounting and real time financial processing to mention just a few. Healthcare business contingency planning is directed at supporting such processes as data storage, client accounting and real time financial processing; but does this support the mission of healthcare?
An investment company is in the business of managing money and markets; their business continuity planning supports that mission. Healthcare is in the business of delivering medical care. Currently healthcare business continuity is split between two professionals, the business continuity professional and the medical contingency planner/safety officer. The business continuity professional is charged with ensuring that the financial and administrative processes of the healthcare business are maintained. The Medical contingency planner/safety officer is charged with ensuring that the delivery of healthcare continues uninterrupted. But the does this split approach support the mission of healthcare?
Healthcare business continuity planning must preserve those critical business processes required to maintain operations and profitability. This by necessity includes both critical medical services and critical financial and administrative processes. However, most healthcare institutions in the United States are private sector businesses. These businesses do not meet their operational budgets with emergency medical services or even general hospital admissions. This was borne out in the late 1970’s and early 1980’s when the losses in emergency medical services caused hospitals to either close or restrict services in the emergency room. In an effort to stop this trend, Congress passed the 1986 Emergency Medical Treatment and Active Labor Act (EMTALA). In 2007, healthcare institutions subsidize the unfunded EMTALA mandate with outpatient services. These are the very services that most medical contingency planners/safety officers close when disaster strikes.
Like business contingency planning, healthcare disaster planning begins with a vulnerability analysis; however, unlike the business vulnerability analysis which focuses on identifying critical business processes, the healthcare vulnerability analysis focuses on quantitating external threats. Healthcare disaster planning is based on an “All Hazards” approach. Despite the apparent emphasis on external threats, an “All Hazards” approach is meant to be “Process Hazards” approach. Here in is the challenge for the medical contingency planner/safety officer and the new market opportunity for the business continuity professional.
Healthcare desperately needs a planning professional who can combine the healthcare vulnerability analysis with the business process vulnerability analysis. The average daily revenue loss for a hospital that closes outpatient services following a disaster is a quarter of a million dollars. In addition, financial losses occur as a result of process failures in registration, charge entry and billing. The delivery of healthcare services frequently suffers as a result of process failures during disaster that cause a backlog of patients and a loss of efficiency. Healthcare disaster planning based on standard healthcare vulnerability analysis combined with process vulnerability analysis would not only address the business process continuity, but would highlight medical process vulnerabilities allowing limited medical resources to be concentrated on medical process continuity. Finally an attention to business continuity focusing on the primary mission of the healthcare institution to deliver healthcare and maintain profitability would support the business processes and the medical processes while quickly returning to normal operations to restore all streams of revenue.