Been in Hospital IT, yes they did. Sure, they talked about not putting on "Life Critical Systems" but just about every system at Hospital is life critical. This is extremely common in IT because I'm sure Microsoft Windows has similar clause. Hell, I bet Epic (Electronic Medical Records) has some clause about "Make sure you have backups" when their whole pitch is "throw out the paper!"
I have seen first hand the mental gymnastics that finance/MBA leadership will go through to pretend to themselves (and the regulators) that a particular IT system isn’t “critical”.
“We have a tested backup paper procedure” - Yes, but have you tested being able to access that document when the system is down? Have you tested it when everyone’s workload is 5x normal during a real life incident, given that doing it on paper takes much longer and everyone’s already at the edge of their capacity on a normal day? Have you considered in a real life disaster scenario that something like 20% of the employees might just call out sick?
Of course not, but nobody asks that, so they just tick the “risk mitigated” box and don’t allocate any engineering effort to ensuring the system is robust.
