Presentation is loading. Please wait.

Presentation is loading. Please wait.

| Establishing a Contingency Plan.

Similar presentations


Presentation on theme: "| Establishing a Contingency Plan."— Presentation transcript:

1 www.ediltd.com | info@ediltd.com Establishing a Contingency Plan

2 HIPAA Security Rule § 164.308(a)(7) Contingency Plan The Contingency Plan standard requires covered entities to: “Establish (and implement as needed) policies and procedures for responding to an emergency or other occurrence (for example, fire, vandalism, system failure, and natural disaster) that damages systems that contain ePHI.”

3 Agenda  Data Backup Plan  Disaster Recovery Plan  Emergency Mode Operation Plan  Testing and Revision Procedures  Applications and Data Criticality Analysis

4  What ePHI must be backed up?  Have we included all data sources?  Have we considered various backup methods?  Is our backup data stored in a safe secure place? Data Backup Plan (Required) “Establish and Implement procedures to create and maintain retrievable exact copies of ePHI”

5 Sonya Christian, CIO; West Georgia Health

6  You may already have a DR plan – does it address ePHI?  What specific threats do you face?  Does is address what data is to be restored?  Is the plan readily available – during an emergengy? Disaster Recovery Plan (Required) “Establish (and implement as needed) procedures to restore any loss of data.”

7 Emergency Mode Operation Plan (Required) Establish Procedures to Enable Continuation of Critical Business Processes to Protect the Security of ePHI While Operating In Emergency Mode

8 Emergency Mode Operation Plan Continuity of Operations Planning  Will determine the ability of your organization to continue its business operations  Improve the likelihood that your facility will survive and recover from events that impact business operations

9 Emergency Mode Operation Plan

10 Moving Towards Cloud Computing  Continuous Up-Time?  What is Downtime Costing Your Hospital?  Is Cloud Computing an Option?  What other risks does cloud computing invite?

11  Have we documented our processes?  Does everyone understand their role?  Have we actually practiced and tested our procedures?  What did we learn?  How should we change our plan? Testing and Revision Procedures (Addressable) “Implement procedures for periodic testing and revision of contingency plans.”

12 Applications & Data Criticality Analysis

13  Review critical computer and electronic systems  Identify applications critical to patient care

14 Questions and Discussion Don Kinser, PE, CPHIMS President and CEO EDI, ltd. dkinser@ediltd.com 678-213-3586 Mark Renfro Healthcare Consultant marenfro@windstream.net 706-782-0764


Download ppt "| Establishing a Contingency Plan."

Similar presentations


Ads by Google