Important concepts to disaster recovery policies and procedures include implementation of effective data back up as well as recovery procedures throughout an organization. It is imperative to copy critical data files to removable tapes or packs and store them in a secure location. This should be in another building . A data back-up plan that specifies which data files need copying and how often the back processes should be done is also necessary. Recovery procedures that will be used in case of a catastrophic event should be included as well. Another important concept is disaster planning. It is necessary to implement, test and refine disaster plans periodically .
HIPAA (Health Insurance and Accountability Act) is a set of government administrative and legislative interventions to ensure that individuals are able to access health insurance when they change jobs. It also contains administrative policy which has a greater impact. The main effect of HIPAA on disaster recovery policies and procedures is that it anticipates development of electronic methods of keeping records. HIPPA results in more strict rules on disaster recovery policies and procedures. This means government controls should be put into place for healthcare providers to establish systems which meet internal needs and facilitate information transfer across institutions. HIPAA also requires all organizations to implement the required implementation specifications and standards .
There are a number of laws that affect disaster recovery policies and strategies. These include Privacy Act of 1974 and Oregon’s Genetic Privacy Act of 1995. Privacy Act of 1974 protects the patients’ privacy. Oregon’s Genetic Privacy Act of 1995 offers legal protection of medical information .
References
HIPAA. (2013). External Environment and Government Policy. New York.
Murphy, J. C. (2003). Disaster Recovery in Healthcare Organizations: The Impact of HIPAA Security. New York: SANS Institute.
