Overview: When disaster strikes, are you prepared? Sounds simple enough, but what does being prepared really mean? From a DR-BC perspective it means that you have all the elements in place to recover from a disaster, be it manmade or natural, and you have tested and validated that plan to ensure that it will work as designed. Failing to have a DR-BC plan could result in a finding of willful neglect, since having such a plan is a core requirement in the Security Rule and has been since early on.
Areas Covered in the Session:
The relevant requirements of the HIPAA Security Rule will be presented.
The requirements of the Disaster Recovery-Business Continuity Plan standard will be explained.
A framework creating a Disaster Recovery-Business Continuity Plan will be presented.
Identifying the elements of a comprehensive DR-BC plan will and how they fit together will be discussed.
An annual update process will be discussed to keep the plan up to date.
The importance of documenting actions taken in developing a DR-BC will discussed.
Who Will Benefit:
Information Systems Manager
Chief Information Officer
Health Information Manager
Office and clinical staff
Mark Sexton is an experienced information security professional who specializes in the fields of higher education and health care. In his role as the Manager of Information Systems with the University of Nevada School of Medicine, he managed complex technical programs at all levels of the organizational structure and provided staff and faculty with specialized information security training. He has over 16 years of information security teaching and leadership experience including physical security, operational risk management, compliance programs, and information security policy development.