Photo: jeffbergen/Getty Images
During a network outage or ransomware attack, an isolated recovery environment (IRE) enables doctors to access patient records. While IT teams isolate and rebuild network environments, adding capabilities and services to these isolated, segmented environments could provide better, longer-term support for care delivery.
"It is a life raft," said Jeffrey Thomas, chief technology officer at Sentara Healthcare, who will present at the 2026 HIMSS Global Health Conference & Exposition next week in Las Vegas with Michael Hegyi, EHR executive advisor at Amazon Web Services Healthcare and Life Sciences.
Ensuring continuous access to electronic health records is a clinical and financial imperative, and IREs can provide a secure, air-gapped environment to rapidly restore core EHR functionality following ransomware attacks, system failures and other incidents.
"It changes how we think, from a business standpoint, about what happens when ransomware occurs," he told Healthcare IT News ahead of the conference.
"But, it's not just relying on downtime computers or hoping that we get there. It's actually about how we support business resiliency."
While adapting to the cyberthreat environment is an important theme of HIMSS26, attendees of Thomas' session, "Safeguarding EHR Access: Isolated Recovery Environments for Ransomware Defense," will gain a clear understanding of how these immutable backups enable healthcare organizations to maintain trust, meet regulatory demands and continue delivering care even under adverse conditions.
Thomas said he will review the risks and limitations of traditional disaster recovery approaches of maintaining EHR availability during ransomware attacks, and also explain how providers of any size and with any network structure can do more with their IREs.
"It's more about their willingness to do the work," he said. "This has nothing to do with being in the cloud or on-prem. This can be done in the cloud if you are on-prem, so there is no restriction on where your EHR sits."
In presenting a case study from a multi-hospital health system, Thomas said he will demonstrate how IREs reduced recovery time to a few hours, preserved continuity of care and avoided potential losses.
A full test of that system was completed in the last month, he noted. The testing ensured clinicians could access and authenticate standard EHR capabilities on their devices in the isolated environment.
If an incident were to begin, and a business decision were made, "we then cut the environment appropriately so that we're secure, and we then start the process of turning on the right services," said Thomas.
Beyond EHRs, IREs can also be used for claims and other mission-critical systems, he noted.
"We're building it in a way that we can scale."
Thomas said he'll also outline the steps of designing a high-level IRE, walk through the business and technical goals of integrating one into existing IT and clinical environments, and discuss how to overcome implementation challenges and establish governance and testing protocols.
By building a dedicated connectivity model, a healthcare organization can quickly rebuild its network during a security crisis.
"It's really a true isolated environment that we can then rapidly recover from," he said.
Thomas' session, "Safeguarding EHR Access: Isolated Recovery Environments for Ransomware Defense," is scheduled for Wednesday, March 11, from 9:45-10:45 a.m. in Palazzo M I Level 5 of the Venetian at HIMSS26 in Las Vegas.
Andrea Fox is senior editor of Healthcare IT News.
Email: afox@himss.org
Healthcare IT News is a HIMSS Media publication.
