Difference between revisions of "Disaster Recovery Plan"
Line 1: | Line 1: | ||
− | A disaster recovery plan (DRP) is a set of processes by which an organization aims to recover its information technology and other vital infrastructure resources in the event of partial or total failure due to man-made, natural, or environmental causes. DRPs should strive to ensure that essential resources are preserved in a disaster (i.e. patient data is backed up at off-site data center not directly vulnerable to same potential events as hopsital) , that procedures are in place for continuing operations while resources are down or limited (i.e. downtime forms are available if the clinical information system is inaccessible), and that a strategy exists to resume normal operations in a timely manner (i.e. return the clinical information system to full operational capability and enter clinical data that was generated during downtime). A DRP should be frequently reviewed, updated, and tested. | + | A disaster recovery plan (DRP) is a set of processes by which an organization aims to recover its information technology and other vital infrastructure resources in the event of partial or total failure due to man-made, natural, or environmental causes. DRPs should strive to ensure that essential resources are preserved in a disaster (i.e. patient data is backed up at off-site data center not directly vulnerable to same potential events as hopsital) , that procedures are in place for continuing operations while resources are down or limited (i.e. downtime forms are available if the clinical information system is inaccessible), and that a strategy exists to resume normal operations in a timely manner (i.e. return the clinical information system to full operational capability and enter clinical data that was generated during downtime). A DRP should be frequently reviewed, updated, and tested. <ref name="IT Audit"> Carol Gonzales, Sandra Senft, Frederick Gallegos, and Daniel P. Manson. Auerbach Publications (2004).''Information Technology Control and Audit, Second Edition'' ></ref>. |
+ | |||
+ | ==HIPAA Requirement== | ||
+ | A disaster recovery plan is a HIPAA requirement under the Administrative Safeguard Standard <ref name="HIPAA"> Jones, A. E. (n.d.). Contingency Plan: Disaster Recovery Plan-What to Do and How to Do It. http://www.hipaa.com/contingency-plan-disaster-recovery-plan-what-to-do-and-how-to-do-it/></ref>. | ||
+ | |||
+ | ==References:== | ||
+ | <references/> | ||
− | |||
1. http://en.wikipedia.org/wiki/Disaster_recovery_plan | 1. http://en.wikipedia.org/wiki/Disaster_recovery_plan | ||
2. ''Information Technology Control and Audit, Second Edition''. Carol Gonzales, Sandra Senft, Frederick Gallegos, and Daniel P. Manson. Auerbach Publications, 2004. | 2. ''Information Technology Control and Audit, Second Edition''. Carol Gonzales, Sandra Senft, Frederick Gallegos, and Daniel P. Manson. Auerbach Publications, 2004. |
Revision as of 19:09, 16 November 2015
A disaster recovery plan (DRP) is a set of processes by which an organization aims to recover its information technology and other vital infrastructure resources in the event of partial or total failure due to man-made, natural, or environmental causes. DRPs should strive to ensure that essential resources are preserved in a disaster (i.e. patient data is backed up at off-site data center not directly vulnerable to same potential events as hopsital) , that procedures are in place for continuing operations while resources are down or limited (i.e. downtime forms are available if the clinical information system is inaccessible), and that a strategy exists to resume normal operations in a timely manner (i.e. return the clinical information system to full operational capability and enter clinical data that was generated during downtime). A DRP should be frequently reviewed, updated, and tested. [1].
HIPAA Requirement
A disaster recovery plan is a HIPAA requirement under the Administrative Safeguard Standard [2].
References:
- ↑ Carol Gonzales, Sandra Senft, Frederick Gallegos, and Daniel P. Manson. Auerbach Publications (2004).Information Technology Control and Audit, Second Edition >
- ↑ Jones, A. E. (n.d.). Contingency Plan: Disaster Recovery Plan-What to Do and How to Do It. http://www.hipaa.com/contingency-plan-disaster-recovery-plan-what-to-do-and-how-to-do-it/>
1. http://en.wikipedia.org/wiki/Disaster_recovery_plan
2. Information Technology Control and Audit, Second Edition. Carol Gonzales, Sandra Senft, Frederick Gallegos, and Daniel P. Manson. Auerbach Publications, 2004.