What Does HIPAA Disaster Recovery Plan Mean?
A HIPAA disaster recovery plan (HIPAA DRP) is a formal plan that specifies the actions, processes and methodologies that must be adopted to secure and restore electronic health records (EHR) in case of a natural or unnatural disaster, calamity or similar event.
It is among the core requirements of the HIPAA Act of 1996, which enforces the implementation of best practices and measures to protect EHR.
Techopedia Explains HIPAA Disaster Recovery Plan
HIPAA DRP can be applied to all entities that create, store or process electronic health records in some form. These include health providers, health care/medical insurance agencies and clearing houses. The HIPAA DRP plan must specify the planned operations and processes from recovering from an emergency and moving data securely in between different locations. HIPAA DRP typically consists of a series of different sub-plans that work together to ensure the protection, integrity and availability of EHR. These include the overall data criticality analysis and its impact on business, the data backup plan, the emergency response plan and contingency planning. HIPAA DRP also calls for having a regular DRP revision/evaluation program and certified accreditation by an internal or external entity.