LTC IT Brief: 3 Questions to Ask Your IT Provider This Week

If you only had time to ask your IT vendor three things this week, let them be these:

1. "How do you alert us if something goes down?"

2. "Do you test our backups? How often?"

3. "Can we see a report of our system health each month?"

Why these? Because when something breaks, it's too late to ask questions.

A 2023 survey by the HIPAA Journal found that 62% of healthcare cyber incidents could have been caught sooner with better monitoring or clear communication between providers and their IT vendors.

Your IT provider isn't just a vendor. They're part of your care team. They help protect the other kind of patient record—data.

"You wouldn't skip rounds on your residents. Don't skip rounds on your tech."

Let's take those questions one by one:

How do they alert you? Some providers send emails that only go to one person. Others set up text alerts, dashboard flags, or even auto-call trees. Make sure your response plan fits your facilities' real-life routines.

Do they test your backups? It's one thing to have a system to back up your data. It's another thing to know those backups work when you need them. Ask for a test restore. It's like a fire drill, but for your files.

Can you see system health reports? You don't need to understand all the tech lingo. Ask for one page, once a month. Look for signs of slowness, failure, or repeated alerts. It can help you catch patterns before they become problems.

You can also ask about support response time. "How fast do you respond to after-hours issues?" and "Do you guarantee resolution within a certain time?" The IT industry average is between 30 and 60 minutes - how does your team/provider compare? Do they regularly share their times?

And don't forget to ask who's monitoring your vendor. Do they have checks and balances in place? Are they meeting service level agreements?

Bonus tip? Invite your IT provider to do a walk-through of your building once a year. Let them see where nurses log in, where Wi-Fi fails, and what your daily workflow really looks like. Hint: IT should be a part of your annual Risk/HIPAA Risk assessment to review access to systems/records.

These three questions (plus a few bonus ones) could save you time, money, and trust. Let them start a conversation—not just about technology, but about your peace of mind.

If you have questions about your IT operations or compliance requirements, call us and we will be happy to help you get started.

Interested in a conversation or want to learn more? Contact us here.