Home / Blog /What Your Practice Needs to Recover From Disasters
Practice Needs to Recover From Disasters

What Your Practice Needs to Recover From Disasters

by CompuTech City Admin Monday, 30 July 2018 CompuTech City Blog

If your practice’s computers crash and data is lost, do you have a backup plan? Will you know how much data was lost since your last backup? Do you know how long it will take to get your practice back up-and-running?

Every practice needs an overall plan for how to prepare for, protect and recover from a disaster. This is called a disaster recovery plan (DRP) and it’s required by HIPAA. Within the DRP, your practice is required to have backup and data recovery (BDR) solutions in place to replicate data and restore it in the event that it’s lost data. Practices are also required by HIPAA to have this in place. In addition to these required aspects of your disaster recovery, CompuTech City also recommends developing a business continuity (BC) plan to keep your practice running during and after a disaster. This plan ensures that you can continue to operate as best as possible regardless of the circumstances.

A DPR is used to help an organization recover from a disaster quickly and get back to doing business without data loss. It’s a plan for how your practice will respond to a natural or manmade disaster and continue operations. An effective DRP will allow your practice to quickly recover from disasters ranging from hurricanes to power outages.

Your DRP should include who to contact, where items should be stored (for instance, should workstations be covered or taken off the floor in the event of flooding?), a call tree, a list of the locations of all data and other important details needed to get your business back up-and-running.

Backing up your practice’s data and ensuring you can recover it in the event of its loss is an important responsibility of health care practices under HIPAA. It’s also key to your practice’s survival.

Simply put, your practice needs a BCDR plan within its DRP detailing how to back up data and where that backed-up data is located so you can recover it. CompuTech City also recommends that you work with an IT professional who has the knowledge and ability to restore that data in the event of a disaster.

Under HIPAA, your practice must have an adequate backup plan for your ePHI and can restore that data. Beyond regulatory requirements though, your practice needs data to ensure good patient care, for billing and reimbursements and to manage staff. If your computers crash and data becomes inaccessible, your employees can’t do their jobs effectively. If you can’t access your data, you can’t serve your patients in a timely and effective manner.

You need to continue to work uninterrupted no matter what happens. Your practice needs a business continuity plan detailing how it can continue operations to the extent possible when your systems are down, when files are being restored and other potential scenarios that would otherwise interrupt your normal practice operations.

While business continuity plans are not required under HIPAA, CompuTech City highly recommends you develop and implement one. It’s been our experience working with medical practices for well over a decade that the consequences of not doing so could be dire.

Without a plan in place, your practice could be out of business for weeks or more. Some practices never recover from this kind of downtime, losing both substantial revenue and patients, forcing their closure.

A good starting point in creating your plans is to envision possible disasters that could lead to a loss of data access. In Florida, we all know hurricanes are an annual possibility. In 2017, prior to Hurricane Irma, we ensured clients’ backup systems were operating correctly and that any data backed-up would be recoverable, and briefed clients about the steps we were taking prior to the storm.

But it doesn’t take a massive natural disaster to cause you to lose access to your data. For instance, a fire can break out in your building and take out your server room. Or a ransomware attack can encrypt your files, with the malicious attacker refuseing to decrypt them even if you pay them*.

As a 100-percent medically focused managed services provider, CompuTech City has more than a decade of experience designing and implementing disaster recovery plans, data backup and recovery and business continuity plans. Because of our large IT staff and in-depth expertise, we make sure your practice gets back up and running within minutes after an adverse event.

Want more information on BCDR and how CompuTech City can harden your practice against disasters? Contact us today.

* Note: Please do not attempt to backup files on a ransomware-infected workstation as your backups could become encrypted or corrupted as well. Disconnect the workstation from your network, but do not turn it off until security professionals have reviewed it. Rely on a third-party security firm or your MSP to remediate cybersecurity attacks.

Check out our social media:
Copyright © 2016 l computechcity.com. All rights reserved.