PRO+ Premium Content/Health IT

Thank you for joining!
Access your Pro+ Content below.
August 2012

Meeting HIPAA disaster recovery requirements tough but possible

Under federal law, HIPAA covered entities must implement procedures to protect and secure access to electronic protected health information (ePHI). What's more, such entities also had to supply a contingency plan to insure continued ePHI availability during emergencies or disasters. However, ePHI exists only in conjunction with data processing applications and, thus, can only be recovered together with those systems. Consequently, HIPAA disaster recovery requirements state the need for an ePHI data backup plan, along with disaster recovery and emergency mode operation plans. The intent of the data backup plan was to create systems that allowed for the restoration of all ePHI. The intent of the disaster recovery plan was to identify the processes and procedures needed to insure that ePHI data could be restored in the event of loss. Finally, the intent of the emergency mode operation plan was to describe how operations could continue to protect and secure ePHI during an emergency. In addition, HIPAA disaster recovery requirements ...

Access this PRO+ Content for Free!

Features in this issue