All Data Fast News is © Data Fast Solutions, unless where otherwise indicated • All Rights Reserved

Data Fast News


Keep up to date with Data Fast Solutions for your business.

Disaster Recovery Planning and HIPAA

healthcare contingency planningRecent natural disasters, such as Hurricane Harvey in Texas and Hurricane Irma in Florida have, once again, put the spotlight on the importance of healthcare contingency planning. When a catastrophic event takes place, it's imperative for any business to have a back-up plan and be up and working again as soon as possible. This is especially true in healthcare. Many in the healthcare industry have contingency plans in place as required. However, testing and updating the plan as the needs of the business, and those employed by the business, change is imperative to the plan working properly should the need arise to use it.


Electronic Personal Health Information (ePHI) is an integral part of any healthcare contingency plan and the HIPAA Final Security Rule, Section §164.308(a) (7), “requires the establishment and implementation of procedures for responding to events that damage systems containing electronic protected health information”. This requirement is outlined in the Health and Human Services’ Information Technology Contingency Plan template. The template, designed for HHS, can be a useful tool for any company. It’s a comprehensive plan for all the I.T. systems in an organization should a natural disaster or other catastrophic event take place.

Keys to HIPAA Contingency Planning

As with any good contingency plan, the HHS plan establishes procedures to restore ePHI through notification, recovery, and reconstitution. The template also provides a sample contact list which is formulated to provide a line of succession for individuals with decision making authority. It also identifies the team who is responsible for enacting the contingency plan and the team’s responsibilities. In addition, and an integral part of the plan, is to establish criteria for validation and testing of the plan between the business owner and the system developer at least once a year.

Your Partners in HIPAA Disaster Recovery

Disaster Recovery PlanThe HHS I.T. contingency plan can be found with a simple Google search as can other, similar, back-up plans for HIPAA related data. However, some smaller health care organizations may not have an in-house system developer on staff. When it comes to HIPAA related data and keeping electronic protected health information (ePHI) safe, it’s important to have a knowledgeable and experienced I.T. company. An I.T. professional who can help with constructing a workable plan custom designed for the specific needs of the business will help save time and money.

Data Fast Solutions can assist with testing and continued maintenance of a contingency plan through modification, or the creation of a new plan, to make sure it coincides with any new systems put in place. As HIPAA Certified I.T. Professionals, Data Fast specializes in ePHI and restoring it quickly, so lifesaving data is readily available should a catastrophic event take place.

This article is ©2017 Data Fast Solutions • All Rights Reserved