DRJ Spring 2020

Conference & Exhibit

Attend The #1 BC/DR Event!

Fall Journal

Volume 32, Issue 3

Full Contents Now Available!

Wednesday, 21 November 2007 23:19

An Assessment Of HIPAA Security Requirements

Written by  Virginia Miller, CBCP, GCP & Kimberley Lehman, CBCP

Although not yet published in its final form, the “proposed” Rule CFR 45 Part 142 Security and Electronic Signature Standards associated with the Health Insurance Portability and Accountability Act (HIPAA) addresses physical safeguards to “guard data integrity, confidentiality, and availability.” The mandates described in the proposed rule have been considered “best business practices” in the discipline of business and disaster recovery for decades. As dependence on automated data is becoming the norm within most healthcare entities, organizations often only consider the recovery requirements of data centers. However, the recovery of automated systems is only one aspect in preparing for recovery and/or continuity of critical business processes. The Security And Electronic Signature Standards require “contingency planning” include conducting a risk analysis, determining critical applications and data, emergency operation plans, and plan testing and revisions. All affected entities – healthcare providers, health plans, and clearinghouses – must plan to implement all aspects of contingency