Access "Tip: Developing a HIPAA-compliant storage plan"
This article is part of the August 2012 issue of Storage needs for data backup in health care
An important part of establishing and maintaining HIPAA compliance is the creation of a storage plan. Although the HIPAA regulations do not specifically require a storage plan, HIPAA Part 164.308(a)(7)(i)does require your organization to develop a contingency plan. Specifically, this regulation states: Standard: Contingency plan. Establish (and implement as needed) policies and procedures for responding to an emergency or other occurrence (for example, fire, vandalism, system failure, and natural disaster) that damages systems that contain electronic protected health information. Part ii outlines the implementation specifications for this regulation. HIPAA requires the creation of five separate documents as outlined below: (ii) Implementation specifications: (A) Data backup plan (Required). Establish and implement procedures to create and maintain retrievable exact copies of electronic protected health information. (B) Disaster recovery plan (Required). Establish (and implement as needed) procedures to restore any loss of data. (C) Emergency mode operation ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
Tip: Developing a HIPAA-compliant storage plan
by Brien Posey
Establishing HIPAA-compliant storage plans requires a three-pronged approach to meet disaster recovery, data backup and emergency operations criteria.
-
What Joplin teaches hospitals about disaster recovery planning
by Don Fluckinger, Features Writer
Last month's tornado in Missouri left one hospital destroyed and others scrambling to treat patients. A new EHR system, fast vendor support and operational WAN all helped.
-
Tip: Developing a HIPAA-compliant storage plan
by Brien Posey
-
-
Meeting HIPAA disaster recovery requirements tough but possible
by Ray Lucchesi, Contributor
The HIPAA Security Rule requires all covered entities to create a disaster recovery plan but says little about what should go into such a plan. This tip fills in the gaps.
-
Meeting HIPAA disaster recovery requirements tough but possible
by Ray Lucchesi, Contributor
More Premium Content Accessible For Free
Penn Medicine’s approach to managing BYOD and security
E-Zine
Trying to lock down senior leadership buy-in for IT security and a more HIPAA-compliant technology infrastructure might actually become a little ...
Mobile health handbook: Understanding device security
E-Handbook
Although the transition from paper to electronic took years, the adoption of mobile devices in health care organizations is quickly taking off. But ...
Meaningful use requirements only go so far for radiologists
E-Zine
The quarterly Pulse e-zine will delve into a range of issues affecting hospitals, doctors, payers, policymakers and other industry ...