| HIPAA Contingency Plan Standard - Seeking More Information |
 |
 |
 |
| Written by Christopher J. Servia |
| Friday, April 16 2010 12:51 |
|
I began Lighthouse Continuity Partners, LLC as a general disaster preparation services company. I've decided to first focus my services on the health care market in my local area. I've done this because I can narrow my scope of services down to the 5 specifications of the HIPAA Contingency Plan standard. We will be releasing new services based on these specifications in the coming weeks ahead. The Contingency Plan standard requires covered entities have the following five specifications documented: 1. Application and Data Criticality Analysis 2. Disaster Recovery Plan 3. Data Backup Plan 4. Emergency Mode Operation Plan 5. Testing and Revision Procedures Under recent penalty adjustments allowed under the HITECH Act, penalties for not having these documents can be as follows: Categories of Violations and Respective Penalty Amounts Available It is unlikely that any entity could claim they "Did Not Know" that they are required to have these plans documented. Each specification is explicity spelled out in the rule. Thus, an initial penalty would likely start at $1,000 per violation and could quickly progress toward the total $1,500,000 cap. I'd like to understand what worries health care organizations most in regards to this standard under HIPAA. I'd like to hear about the concerns providers have in meeting these specifications. Does your organization have the documents immediatly available to produce to an auditor? Have you experienced loss of EPHI or access to it in the past? Are you confident in your contingency plan? ( 0 Votes ) |
Обязательно '> загляну…
'> '>