With the today’s reliance on EHR’s, healthcare organizations have little tolerance for downtime and reverting to a paper based operation is no longer practical. Healthcare organizations must plan on how to recover business operations as well as the foundational IT systems and the data required to treat patients (e.g. electronic personal health information (ePHI)). Continuity, Contingency and Disaster Recovery planning are often used interchangeably when discussing recovery planning. They are critical components of emergency management and organizational resilience, but each type of planning has a very specific focus. Continuity planning exists to recover your healthcare organizations critical business functions and processes a disaster or adverse
…show more content…
Hackers and other cybercriminals are taking advantage of security weaknesses within healthcare organizations infrastructure. They infiltrate the defenses of the network, encrypt the data and charge the healthcare organization a premium for the key to unlock and retrieve their patient data. Even more insidious are the recent attacks, such as NotPetya, where the hackers were not interested in ransomed, but rather to destroy the data of whatever organization they compromised.
This white paper will help healthcare organizations understand the critical planning components involved in helping their organization to become more resilient to disruptions and adverse events, while maintaining compliance with the contingency plan standard outlined within the Health Information Patient Portability Act (HIPAA) Security Rule.
Developing an IT Contingency Plan
“IT contingency planning refers to a coordinated strategy involving plans, procedures, and technical measures that enable the recovery of IT systems, operations, and data after a disruption.” Within the context of HIPAA, a contingency plan contains the policies and procedures required to protect and recover ePHI after an adverse
Hackers and other cybercriminals are taking advantage of security weaknesses within healthcare organizations infrastructure. They infiltrate the defenses of the network, encrypt the data and charge the healthcare organization a premium for the key to unlock and retrieve their patient data. Even more insidious are the recent attacks, such as NotPetya, where the hackers were not interested in ransomed, but rather to destroy the data of whatever organization they compromised.
This white paper will help healthcare organizations understand the critical planning components involved in helping their organization to become more resilient to disruptions and adverse events, while maintaining compliance with the contingency plan standard outlined within the Health Information Patient Portability Act (HIPAA) Security Rule.
Developing an IT Contingency Plan
“IT contingency planning refers to a coordinated strategy involving plans, procedures, and technical measures that enable the recovery of IT systems, operations, and data after a disruption.” Within the context of HIPAA, a contingency plan contains the policies and procedures required to protect and recover ePHI after an adverse