Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Data Management

Don Kinser – Disaster Recovery and Data Back-up

advertisement 
Establishing a Contingency Plan
www.ediltd.com | info@ediltd.com
HIPAA Security Rule
§ 164.308(a)(7) Contingency Plan
The Contingency Plan standard requires covered
entities to:
“Establish (and implement as needed) policies and
procedures for responding to an emergency or other
occurrence (for example, fire, vandalism, system failure,
and natural disaster) that damages systems that contain
ePHI.”
Agenda
 Data Backup Plan
 Disaster Recovery Plan
 Emergency Mode
Operation Plan
 Testing and Revision
Procedures
 Applications and Data
Criticality Analysis
Data Backup Plan (Required)
“Establish and Implement procedures to create and maintain retrievable exact copies of ePHI”
 What ePHI must be
backed up?
 Have we included all
data sources?
 Have we considered
various backup
methods?
 Is our backup data
stored in a safe secure
place?
Sonya Christian, CIO; West Georgia Health
Disaster Recovery Plan (Required)
“Establish (and implement as needed) procedures to restore any loss of data.”
 You may already have a
DR plan – does it
address ePHI?
 What specific threats do
you face?
 Does is address what
data is to be restored?
 Is the plan readily
available – during an
emergengy?
Emergency Mode Operation Plan (Required)
Establish Procedures to Enable Continuation of Critical Business
Processes to Protect the Security of ePHI While Operating
In Emergency Mode
Emergency Mode Operation Plan
Continuity of Operations
Planning
 Will determine the ability of
your organization to continue its
business operations
 Improve the likelihood that your
facility will survive and recover
from events that impact
business operations
Emergency Mode Operation Plan
Emergency Mode Operation Plan
Moving Towards Cloud
Computing
 Continuous Up-Time?
 What is Downtime Costing Your
Hospital?
 Is Cloud Computing an Option?
 What other risks does cloud
computing invite?
Testing and Revision Procedures (Addressable)
“Implement procedures for periodic testing and revision of contingency plans.”
 Have we documented
our processes?
 Does everyone
understand their role?
 Have we actually
practiced and tested
our procedures?
 What did we learn?
 How should we change
our plan?
Applications & Data Criticality Analysis
Applications & Data Criticality Analysis
 Review critical
computer and
electronic systems
 Identify applications
critical to patient care
Questions and Discussion
Don Kinser, PE, CPHIMS
President and CEO EDI, ltd.
dkinser@ediltd.com
678-213-3586
Mark Renfro
Healthcare Consultant
marenfro@windstream.net
706-782-0764
Related documents
pabrai_1_2
pabrai_1_2
Sample - Interview and Document Request for
Sample - Interview and Document Request for
Electronic Information – Security What Researchers Need
Electronic Information – Security What Researchers Need
6 Contingency Plan Assessment for EHR and HIE
6 Contingency Plan Assessment for EHR and HIE
Jeff Fetherolf - Central Ohio ISSA
Jeff Fetherolf - Central Ohio ISSA
Chapter 9
Chapter 9
POLICY # 40 ADMINISTRATIVE MANUAL APPROVED BY:
POLICY # 40 ADMINISTRATIVE MANUAL APPROVED BY:
Document11566354 11566354
Document11566354 11566354
Costs/Benefits of Employer- Sponsored Insurance 10/25/2009 Group insurance may increase coverage
Costs/Benefits of Employer- Sponsored Insurance 10/25/2009 Group insurance may increase coverage
Standard Security #0017 - Portable Device Security
Standard Security #0017 - Portable Device Security
Health Care Alert Death, Taxes, and Security Rule Audits:
Health Care Alert Death, Taxes, and Security Rule Audits:
Document11566355 11566355
Document11566355 11566355
Download
advertisement