In the devastating wake of Hurricane Matthew, homes, businesses and offices, just like yours, remain engulfed in water. No matter how many safeguards a office uses on their building, nothing can withstand the mighty force of Mother Nature.
In the past, MacPractice has had clients call seeking advice after servers have been ripped from the premises via tornados or are fully submerged in hurricane and flood waters. Some disasters have left our clients without computers at all, and some have been left with nothing but a cement foundation.While recovery from such destructive events can be difficult, it can be made significantly easier when an office is prepared before disaster ever strikes. Every office that handles Electronic Patient Health Information (ePHI) should have a HIPAA Disaster Recovery Plan configured. The plan includes being prepared for any number of foreseeable events like theft or flood.
Regardless of what type of disaster there are two scenarios offices can prepare for: a disaster where you have limited warning and a disaster that has no warning.
Most disasters will be without warning which makes backups one of the most crucial aspects of your business. Backups should be ran every day that your office enters new patient information and a backup should always be saved OFF the computer, such as an external or a cloud-based backup. For cloud-based backups, we recommend DollyDrive as it is a HIPAA compliant way to secure data.
All externals that contain ePHI should be kept in secure locations, like a lock box or office safe. Ideally, wherever the backups are stored should also be fire and water proof and accessible to more than one person (in case the primary attendant is unable to grab backups in an emergency.)
With a situation like Hurricane Matthew, or any disaster that involves flooding, offices should consider investing in waterproof bags or pouches to carry external drives and thumb-drives while traveling. This will add an extra layer of protection to the hardware and the data it contains.
For more details about saving backups and securing your data, please read our past blog: Backups - What You Need To Know.
For more information about a HIPAA Disaster Recovery Plan, please visit HIPAA’s website: https://www.hipaa.com/contingency-plan-disaster-recovery-plan-what-to-do-and-how-to-do-it/
*Disclaimer: MacPractice encourages personal safety above all else. We do not recommend putting yourself, or other office staffers lives at risk in order to save hardware or data.