Ninety-five percent of hospitals have written electronic health record contingency plans, but only about two-thirds have plans that meet four HIPAA requirements, according to a survey conducted by the Department of Health and Human Services’ Office of the Inspector General.

The HIPAA Security Rule requires that all covered entities have a contingency plan for responding to disruptions to EHR systems. The rule specifies processes to recover EHRs and access backup copies of data in the event of a disruption as a result of software or hardware infrastructure failures, as well as power outages and natural disasters. HIPAA requirements include having a data backup plan, disaster recovery plan, an emergency-mode operations plan, and testing and revision procedures.

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access