Quick Feedback Request

Need Assistance?

Would you like more assistance regarding Health IT and QI Workforce Development strategies or support in using any of the included resource sets?

Request Support

Upcoming Events

Leveraging AI in Health Center Operations and Clinical Practice (4/29/2025 2:00 PM - 3:00 PM (UTC-05:00) Eastern Time (US & Canada))
Making Technology Work for Every Health Center, Anywhere (5/14/2025 2:00 PM - 3:00 PM (UTC-05:00) Eastern Time (US & Canada))
Making Technology Work for Every Health Center, Anywhere (5/28/2025 2:00 PM - 3:00 PM (UTC-05:00) Eastern Time (US & Canada))

The Quadruple Aim

A Conceptual Framework

Improving the U.S. health care system requires four aims: improving the experience of care, improving the health of populations, reducing per capita costs and improving care team well-being. HITEQ Center resources seek to provide content and direction aligned with the goals of the Quadruple Aim

Learn More

Leadership Buy-In Resources Overview

This section of the website provides resources intended to help spur leadership action on to new or improved quality efforts. The tools are intended to be used by leaders, but also by other Health Center staff who are determined to solicit the help of leaders on quality work.

Embarking on, or making significant advancements to quality work requires strong Health Center leadership. Leaders help define how decisions will be made, provide the resources necessary to analyze data and processes, and develop or guide strategic planning efforts that integrate all the functions of a Health Center. At the highest level of function, quality is driven by organizational culture, rather than strategy. Here too, leaders play important roles in helping to define and spread culture change throughout an organization.

Health IT & QI Workforce Leadership Buy-In Resources

Health Center Health IT Emergency Response Resources

Molly Rafferty / Tuesday, October 22, 2024

/ Categories: Electronic Patient Engagement, Mobile Health, EHR Implementation, Health Information Exchange, Relevance of HIE, Description of HIE, Implementation of HIE, HIPAA, Security Risk Analysis

Health Center Health IT Emergency Response Resources

Updated January 2025

Ready to take the next step towards enhanced IT preparedness? The resources linked below, organized by topic, share actionable strategies that health centers can implement to move towards greater resilience.

Preserving access to Electronic Health Record (EHR) data

The Office of the National Coordinator for Health Information Technology’s Safety Assurance Factors for EHR Resilience (SAFER) self-assessment for contingency planning identifies recommended practices for managing EHR downtime, including use of redundant hardware, regular backup of data, use of uninterruptible power supplies, and protocols for use of paper forms.
The American Medical Association’s Guidelines for Developing EHR Downtime Procedures includes a list of considerations that planners can use when developing or improving information technology EHR downtime procedures.
If you’re considering installing solar microgrids, Capital Link offers information in Building Resilient Health Center Facilities and shares case studies in Net Zero Health Centers.

Preventing cyber-attacks

The HITEQ Center’s Guide to Essential Cybersecurity Tasks For Health Centers with Limited Resources provides a baseline of day-to-day tasks that health center IT and compliance staff should consider to protect their systems and comply with regulatory requirements. These include strategies to prevent successful phishing attacks, limit unnecessary physical and virtual access to systems, and keep security patches up to date.
The Office of the National Coordinator for Health Information Technology (ONC), in collaboration with the HHS Office for Civil Rights (OCR), developed a downloadable Security Risk Assessment Tool to help guide you through the process.

Responding to cyber-attacks

Federal cybersecurity organizations such as the Cybersecurity & Infrastructure Security Agency (CISA) actively publish risk management frameworks and incident response plans, including one specific to ransomware, that can be leveraged by health centers when developing incident response plans.
The U.S. Department of Commerce National Institute of Standards and Technology’s Guide for Cybersecurity Event Recovery describes the contents of a typical cyber-attack recovery plan and includes a checklist of items (a “playbook”) that should be implemented as part of the recovery process.

Leveraging EHR data for patient outreach

The HITEQ Center’s “Accessing Your Data: Questions to consider with your Electronic Health Record Vendor,” is a checklist that can be used to talk with vendors about how health centers use EHR system capabilities for activities such as report generation. Relevant questions include 1) whether data, including reports, can be accessed from any location at any time; 2) whether and how your practice can generate ad hoc reports; and 3) whether it is possible to query the EHR to identify certain patients, for example, those with particular conditions, using particular medications, or in a particular geography.
Some EHR enhancers, such as Relevant’s Data Explorer, enable health centers to use the EHR to build reports without writing code and automate text messaging to subsets of patients.
The National Association of Community Health Center’s Heat-Related Illness Management in EHR Systems contains methods for integrating heat-related illness alerts into EHRs.
Resources like Centers for Disease Control and Prevention’s Heat and Medications and Americares' Climate Resilience for Frontline Clinics Toolkit can inform what information to include in patient outreach.

Sharing data with emergency response entities to prevent or mitigate a serious or imminent threat

The U.S. Department of Health and Human Services Office for Civil Rights’ Hurricane Katrina Bulletin: HIPAA Privacy and Disclosures in Emergency Situations and Summary of the HIPAA Privacy Rule address the use and disclosure of protected health information by covered entities when that disclosure is believed to be necessary to prevent or lessen a serious and imminent threat to a person or the public.

Sharing data with other healthcare providers to support care continuity

In addition to the strategies for preserving access to EHR data, participation in local or state health information exchanges (HIE) or in vendor-supported EHR based data-sharing initiatives (e.g., Epic's Care Everywhere or eClinicalWorks PRISMA) facilitates data sharing. Learn more about HIE capabilities in HITEQ Highlights: Advancing Interoperability & Health Information Exchange for Health Centers.
Collaborating with local organizations and partners can further response and equity. Examples of this are outlined in the case study on page 36 of the American Medical Association’s Embedding equity in crisis preparedness and response in health systems.

Print

2863

Tags: health information exchange Data Sharing and Interoperability vendor communication planning Data Access HIPAA cybersecurity texting text messaging cyber security text message cybersecurity risks Cyber-resiliency Environmental preparedness

Related Resources

Acknowledgements

This resource collection was compiled by the HITEQ staff with portions contributed by Chris Espersen, HITEQ Advisory Committee member and Independent Contractor and Past President of Midwest Clinicians Network; Shane McBride, Independent Contractor and Past Vice President of Quality and Clinical Systems at South End Community Health Center; Chris Grasso, Associate Director for Informatics & Data Services- The Fenway Institute; and Ed Phippen, Principal - Phippen Consulting, LLC.

Looking for something different or have something you think could assist?

HITEQ works to provide top quality resources, but know your needs can be specific. If you are just not finding the right resource or have a highly explicit need then please use the Request a Resource button below so that we can try to better understand your requirements.

If on the other hand you know of a great resource already or have one that you have developed then please get in touch with us by clicking on the Share a Resource button below. We are always on the hunt for tools that can better server Health Centers.

Request a Resource Share a Resource