When Your EHR Goes Down: Why Downtime Planning Is No Longer Optional for Ambulatory Practices
There is a particular kind of stress that settles over a clinical office when the EHR goes down at 8:45 on a Monday morning. Check-in is backed up. The schedule cannot be pulled. A provider is trying to recall the last medication dosage from memory. Staff are printing blank forms they have not used in years. And somewhere in the back, someone is rebooting a router hoping that fixes it.
Most ambulatory practices have lived this moment. Many have lived it more than once. What separates organizations that recover quickly, with minimal disruption to care and minimal staff panic, from those that lose a full morning of productivity is almost never luck. It is preparation.
Downtime planning is not a new concept in healthcare. But in 2026, with ransomware attacks, cloud platform outages, and aging infrastructure creating new sources of disruption, it has become something that every ambulatory practice and senior living organization needs to treat as a core operational requirement rather than an IT afterthought.
The Real Cost of Unplanned Downtime
When a clinical system goes down unexpectedly, the costs run deeper than the inconvenience of the moment. There are several layers worth understanding.
Clinical continuity risk. Providers without access to patient records are making decisions with incomplete information. In urgent or complex cases, that gap has real patient safety implications. Medication histories, allergy records, recent lab results, and care plans are all inaccessible until systems are restored.
Staff productivity loss. Administrative workflows, scheduling, billing, and documentation all stop or degrade significantly during unplanned outages. The hours lost cannot be recovered. Appointments that cannot be checked in back up. Documentation that cannot be completed creates catch-up work after systems are restored.
Revenue impact. Billing cannot be processed during downtime. Claims are delayed. In longer outages, some charges are simply not captured at all. For practices operating on thin margins, even a few hours of disruption can have a measurable effect on monthly revenue.
Compliance exposure. HIPAA requires covered entities to maintain the availability of electronic protected health information. Organizations that cannot demonstrate how they protect that availability, including what they do when systems fail, face audit risk. The 2026 HIPAA Security Rule updates specifically strengthen expectations around contingency planning.
Reputational cost. Patients who experience visible disorganization during an outage notice. Staff who are asked to work around broken systems without clear guidance lose confidence in leadership. Both outcomes are avoidable with the right preparation in place.
Why Most Practices Are Not Ready
Downtime planning tends to fall through the cracks because it is not urgent until it is an emergency. IT teams focused on day-to-day support rarely have the bandwidth to develop and test contingency procedures. Leadership often assumes the EHR vendor or IT provider has covered it. And staff are not trained on what to do when the tools they use every hour of every day are suddenly unavailable.
Among healthcare providers hit by ransomware in 2025, nearly 60% reported recovering within one week, up from just 21% the year prior, reflecting real progress in preparedness and recovery planning. In a sector where downtime directly affects patient care, faster recovery is critical. That improvement did not happen organically. It came from organizations that deliberately built and tested their recovery capabilities before an incident forced them to.
The practices that recover fastest share a few things in common. They know exactly what systems are critical and in what order they need to come back online. Staff know what to do during an outage without waiting for IT direction. Leadership has a communication plan that keeps patients and staff informed without creating panic. And backup processes are documented, accessible, and actually practiced.
What a Downtime Plan Should Include
A practical downtime plan for an ambulatory practice does not need to be a lengthy document. It needs to be specific, actionable, and known to the people who will use it. The core components typically include the following areas.
System criticality mapping. Not all systems carry the same weight. The EHR, scheduling platform, and billing system are typically highest priority. Practice management tools and communication platforms follow. Understanding the order in which systems need to be restored helps IT teams make better decisions under pressure and helps leadership understand the recovery timeline realistically.
Manual downtime procedures. Every clinical and administrative workflow that depends on technology needs a documented manual alternative. What does registration look like without the EHR? How are medications verified? How are appointments tracked? These procedures need to be written down, stored somewhere accessible offline, and reviewed regularly so they reflect current workflows.
Staff training and role clarity. When a system goes down, staff should not be looking to each other for direction. Each role needs a clear understanding of what to do, who to contact, and how to document activity during the outage so that information can be entered into the system when it is restored.
Communication protocols. Who notifies leadership when an outage begins? Who communicates with patients whose appointments are affected? Who interfaces with the IT team or vendor? Clear communication chains prevent the confusion that turns a manageable outage into a chaotic one.
Backup and recovery validation. A backup that has never been tested is a backup you cannot count on. Organizations need to verify regularly that their backups are complete, current, and recoverable within a timeframe that matches their clinical needs. This is particularly important for organizations that have moved data to cloud environments, where recovery processes may differ from on-premise systems.
Incident documentation. During and after every outage, there should be a record of what happened, when, what actions were taken, and what the impact was. That documentation supports compliance reporting, informs future planning, and creates accountability for how the organization responds over time.
The Connection to Cybersecurity
Downtime planning and cybersecurity are not separate conversations. The most severe and prolonged outages in healthcare over the past several years have been caused by ransomware attacks, not hardware failures or software bugs. Organizations with strong backup validation and tabletop-tested playbooks reported fewer days of disruption and lower forensic, legal, and notification costs after ransomware incidents in 2025.
That means the same disciplines that support good downtime planning, which are tested backups, clear recovery procedures, defined communication chains, and trained staff, are also the disciplines that determine how well an organization survives a cybersecurity event. They are not parallel tracks. They are the same track.
An organization that has invested in a structured cybersecurity program and has documented contingency procedures is operating with a fundamentally different risk profile than one that has not. That difference shows up in recovery times, insurance costs, regulatory audits, and the daily confidence of the clinical teams who depend on technology to do their jobs.
How DAS Health Supports Healthcare IT Resilience
DAS Health helps ambulatory healthcare and senior living organizations build the infrastructure, processes, and support structure they need to maintain operations when systems are under stress. That includes proactive monitoring that catches issues before they become outages, backup and recovery planning aligned to clinical priorities, and incident response support from a team that understands healthcare environments.
We act as an extension of your team, which means when something goes wrong, you are not starting from scratch with a vendor who has never seen your environment. You are working with a team that already knows your systems, your workflows, and what getting back online means for your patients and staff.
If your organization does not have a tested downtime plan in place, that is the right conversation to start today.
Frequently Asked Questions About Healthcare IT Downtime Planning
What should a medical practice do when the EHR goes down?
When an EHR goes down, a medical practice should immediately confirm whether the outage is widespread or limited to a single device, notify the IT support team, and activate documented downtime procedures. Staff should switch to paper encounter forms and printed daily schedules. Clinical teams should continue seeing patients using manual documentation. All paper records created during the outage should be flagged for entry into the EHR once systems are restored. No server or network equipment should be rebooted without IT authorization.
What are EHR downtime procedures?
EHR downtime procedures are documented, step-by-step instructions that guide clinical and administrative staff through how to operate when electronic health record systems are unavailable. They typically cover patient registration using paper forms, how to verify appointments from a printed schedule, how to document clinical encounters manually, how to handle prescriptions and medication questions, how to capture charges for later billing entry, and how to communicate with patients experiencing delays. Effective downtime procedures are written in advance, stored physically at each care site, and reviewed regularly to reflect current workflows.
How long does healthcare IT downtime typically last?
The duration of healthcare IT downtime varies significantly based on the cause. Hardware failures may be resolved within hours. Software outages dependent on an EHR vendor can last from hours to days. Ransomware attacks historically caused the longest disruptions, with some organizations experiencing weeks of degraded operations. Among healthcare providers affected by ransomware in 2025, nearly 60% reported recovering within one week, which reflects improvement in preparedness and recovery planning compared to prior years.
What is the cost of EHR downtime for a medical practice?
The cost of EHR downtime includes lost staff productivity, delayed or missed billing, rework required to enter paper documentation after restoration, potential patient dissatisfaction, and in some cases compliance exposure if systems supporting data availability obligations are affected. For ransomware-related outages, additional costs include forensic investigation, legal notification, and potential regulatory penalties. The average cost of a healthcare data breach in 2025 was approximately $7.42 million, though outage costs for smaller practices vary based on duration and scope.
What is a healthcare downtime binder?
A healthcare downtime binder is a physical, printed set of documents kept at each care site that enables staff to continue operations when electronic systems are unavailable. It typically includes printed patient schedules, blank paper encounter forms, paper registration forms, contact lists for IT support and key staff, role assignments for downtime response, and step-by-step instructions for clinical and administrative workflows during an outage. The binder should be reviewed and updated regularly and stored in an accessible location that does not depend on any electronic system.
What is a healthcare IT business continuity plan?
A healthcare IT business continuity plan is a documented strategy that defines how a practice or health organization will maintain operations during and after a technology disruption. It covers which systems are most critical to restore first, what manual procedures replace electronic workflows during an outage, who is responsible for each area of the response, how communications will be managed internally and with patients, and how the organization will document and learn from each incident. A business continuity plan is distinct from a disaster recovery plan, which focuses specifically on restoring technology systems rather than maintaining clinical and operational continuity during downtime.
Is downtime planning required by HIPAA?
Yes. HIPAA’s Security Rule requires covered entities to implement a contingency plan that addresses how the organization will protect and maintain access to electronic protected health information during an emergency or system disruption. This includes a data backup plan, a disaster recovery plan, an emergency mode operation plan, testing and revision procedures, and an applications and data criticality analysis. The 2026 HIPAA Security Rule updates reinforce these requirements and strengthen expectations around organizations demonstrating they can maintain data availability during disruptions.
How often should downtime procedures be tested?
Downtime procedures should be reviewed and tested at least annually, and updated whenever significant workflow changes, staff changes, or technology changes occur. Testing can include tabletop exercises where staff walk through downtime scenarios, which allows gaps to be identified without an actual outage forcing the discovery. Organizations that conduct regular tabletop testing have demonstrated faster recovery times and lower costs when actual incidents occur.
How does DAS Health support healthcare IT business continuity?
DAS Health helps ambulatory healthcare and senior living organizations build the infrastructure and processes needed to maintain operations during technology disruptions. This includes proactive monitoring designed to catch issues before they become full outages, backup and recovery planning aligned to clinical priorities, and incident response support from a team that already knows the client environment. Because DAS Health acts as an extension of its clients’ teams, there is no time lost getting a vendor up to speed when an incident occurs.