From Clinfowiki
Jump to: navigation, search

First Definition

Availability is defined as the ability to access data when it is needed (Herzig, 2013). Access to data can be affected with simple power outages, application issues, a network related issues, hacker attack, system failure or other issues. Additionally when access to data are violated by unauthorized access, report need to be done to the U.S Department of Health and Human Services as required by section 13402(e)(4) of the HITECH Act.

Understanding that risk is an important to ensure data availability. Therefore, to maintain availability, system or media used to store data has to be reliable to avoid or minimize system failure. Additionally, backup is necessary to restore lost data in case of intentional or unintentional data loss. System security is another important factor that help data availability and prevent the harmful effect of a system hack. [1]

Second Definition

According to National Institute of Standards and Technology Special Publication, [2] to comply with the Security Rule, covered entities must be aware of the definition provided for availability:

Availability is "the property that data or information is accessible and usable upon demand by an authorized person."

Third Definition

Availability, according to the International Information Systems Security Certification Consortium (ISC2), is one of the three pillars of information security that a paramount to protecting information technology solutions. The other two being confidentiality and integrity.[3]

Availability “refers to the system and network accessibility, and often focuses on power loss or network connectivity outage.” [3] Natural disasters or accidental occurrences, such as earthquakes, fires, or hurricanes, may result in loss of availability. Man-made issues such as Denial of Services (DoS) attack or malicious software infection could compromise the system use and lead to loss of availability. Backup generators may be used to counteract such issues, while availability can be maintained by continuous operations planning and peripheral network security equipment.[3]


  1. Implementing Information Security in Healthcare: Building a Security Program (2013-02-26). HIMSS. Kindle Edition.
  2. Scholl, M., et. al., (2008) An Introductory Resource Guide for Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule, National Institute of Standards and Technology, NIST Special Publication 800-66 Revision 1, October 2008, p.7. http://csrc.nist.gov/publications/nistpubs/800-66-Rev1/SP-800-66-Revision1.pdf (Accessed 18 Nov 2015)
  3. 3.0 3.1 3.2 Hoyt, R. E., & Yoshihashi, A. K. (2014). Health Informatics: Practical guide for healthcare and information technology professionals. (6th ed.).