Cyberattacks continue to plague medical systems across the world with nearly 24% of all cyber breaches impacting health systems. In Fall 2021, a large, tertiary care county hospital in Indianapolis, Indiana, USA suffered a cyberattack, causing over four weeks of downtime, forcing the system to revert to paper charting and to operate without the electronic medical record (EMR) or internet. Communication in the Emergency Department is structured through the EMR system or wireless local area network (WLAN) phones, causing communication difficulties when online systems are disrupted.

In the twelve months following the breach, a series of communications-focused interviews with stakeholders including residents, faculty, nurses, and consultants were analyzed using a thematic analysis.

Through interviews, four key themes and recommendations were identified for every internet-dependent tertiary care system to establish and maintain communication links when the primary form of communication is compromised and access to internet is limited or nonexistent:

• Expect systems to fail–plan ahead

• Develop multilayered communication tools that are stored and structured at different sites

• Notify all affected teams immediately and initiate the downtime action plan

• Reassess and adapt the downtime action plan as information becomes available

While every system is going to experience different struggles during cyberattacks and downtime, all hospitals can benefit from improving communication structures when the established communication pathways are no longer available. Consider cybersecurity threats in your emergency planning meetings and designate systems to protect your communication abilities during downtime.