HIPAA Disaster Recovery Plan

What Does HIPAA Disaster Recovery Plan Mean?

A HIPAA disaster recovery plan (HIPAA DRP) is a formal plan that specifies the actions, processes and methodologies that must be adopted to secure and restore electronic health records (EHR) in case of a natural or unnatural disaster, calamity or similar event.


It is among the core requirements of the HIPAA Act of 1996, which enforces the implementation of best practices and measures to protect EHR.

Techopedia Explains HIPAA Disaster Recovery Plan

HIPAA DRP can be applied to all entities that create, store or process electronic health records in some form. These include health providers, health care/medical insurance agencies and clearing houses. The HIPAA DRP plan must specify the planned operations and processes from recovering from an emergency and moving data securely in between different locations. HIPAA DRP typically consists of a series of different sub-plans that work together to ensure the protection, integrity and availability of EHR. These include the overall data criticality analysis and its impact on business, the data backup plan, the emergency response plan and contingency planning. HIPAA DRP also calls for having a regular DRP revision/evaluation program and certified accreditation by an internal or external entity.


Related Terms

Margaret Rouse
Technology Expert

Margaret is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical business audience. Over the past twenty years, her IT definitions have been published by Que in an encyclopedia of technology terms and cited in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine, and Discovery Magazine. She joined Techopedia in 2011. Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages.