Your Unsupported Legacy Systems Spell Risk
February 2nd, 2021
Legacy systems are increasing your risk. Explore why the pose such a threat and how to retire them for good, saving you time and money.
There are probably technology dinosaurs lingering in your organization. Hardware and software both have finite lives, but that doesn’t mean you retired them. Your IT team experienced fluctuations and change like never before in 2020, which probably derailed implementations. The reality is you likely have unsupported legacy systems, servers, and applications, and they are all ripe for risk.
It’s time to set a new course for how you retire legacy servers and applications.
Study Finds Legacy Platforms Remain in Use
In the 2020 HIMSS Cybersecurity Survey, some critical findings on legacy usage are important to note.
- Only 45% of respondents include legacy systems in risk assessments.
- 80% of organizations said they have legacy systems in place.
That’s concerning, and the survey had little change from 2019 to 2020 in retirement or removal.
Why Is Legacy Retirement Difficult in Healthcare?
Legacy platforms are hard to retire for several reasons. Expense is a big one, but the cost of not retiring is even higher. Other challenges include the replacement’s implementation slowed, or internal teams cannot convert data from the old platform to the new one.
However, regulatory bodies continue to impress upon healthcare the threats of not retiring. In particular, a GAO (Government Accountability Office) report declared that unsupported legacy applications are “putting patient and sensitive data at risk.”
The message is that legacy equals risk. If a system, server, or application no longer receives updates, then cybercriminals will exploit it if given a chance. The industry has already seen many cautionary tales.
Managing Health Information Systems Is Complex
In the world of healthcare, you don’t typically have one health information system (HIS) or even one EHR. Healthcare IT News reported that, based on HIMSS analytics, the average hospital has 16 disparate EHRs, and 75% have 10. And that’s just the EHRs. There are many more HIS in the healthcare ecosystem, such as those for pharmacy, labs, and decision support.
There is continuous movement in the software space for healthcare. EHR dissatisfaction is rampant. Organizations need applications to meet new regulatory requirements. Interoperability is still chaos, and IT teams can hardly keep pace. It’s no wonder that legacy platforms are still so prevalent.
Planning for Retirement: Building a Data Legacy Strategy
Retiring legacy applications and servers not only reduces risk but can also save you money and be more efficient. To achieve this, you need a legacy data management strategy. To develop this, you have to decide what to do with the data to retire the platform officially.
- Do you want to convert it? If you’re replacing the platform, then you’ll want to convert the data from the old to the new. Once the data conversion is complete, you can decommission the system.
- Do you want to archive it? You don’t have to convert all the patient records to your new software. You can opt to archive it on a web-based, secure, and compliant solution. It lives in the cloud and will be accessible for as long as medical record retention requirements require.
- Do you want to move it? Moving the data is somewhat like a conversion, but it’s not between like platforms. There may be old patient data that you want to use in a new system, and the legacy application is just a parking lot. The reason why it remains there is typically because internal groups lack the capacity. However, you can work with a reputable, experienced third-party to move it.
- Do you want to delete it? If you are no longer legally obligated to keep the data, and it has no value, then you could purge it. If purging, do so in a secure, compliant manner.
Get the Support You Need to Move on from Legacy Systems
Unsupported legacy platforms are costing you money and time while increasing your risk. It’s time to move on from them and turn the page so that you can focus on the applications that matter. Trust our healthcare data experts to help with data conversions, archiving, and sharing. Contact us today to learn more.