Sign In
Avalution Consulting
Skip navigation links
Perspectives
Client Service
About Us
Contact Us
Avalution Webinars
BCM 101
Avalution Consulting > Perspectives > Business Continuity Standards > Business Continuity Standards for US Health Organizations
Skip navigation links
White Papers and Presentations
BS 25999 Self Assessment
Business Continuity Standards
International Standards and Regulatory Requirements
Business Continuity Standards for US Financial Institutions
Business Continuity Standards for US Government
Business Continuity Standards for US Health Organizations
Business Continuity Standards for the US Energy Sector
Business Continuity Standards for the US Private Sector
Non-US Country-Specific Standards
International Enterprise Risk Management Standards
Pandemic Preparedness Assessment
Business Continuity Resources
Business Continuity Standards for US Health Organizations

Name

Purpose/Description

Scope

Health Insurance Portability and Accountability Act (HIPAA) (1996) HIPAA, an act that passed to ensure that customers are able to switch between health insurance providers as smoothly as possible without unavailability, total loss, or loss of integrity of their health data, dictates that organizations must have a contingency plan in place in order to conform to the Act.  This regulatory requirement is mandatory. Applies to the US health delivery and insurance industries
HIPAA Security Rule 164.308(a)(7)(i) This Rule identifies Contingency Planning as a standard under Administrative Safeguards. HIPAA Contingency plans address the “availability” security principle. The availability principle addresses threats related to business disruption –so that authorized individuals have access to vital systems and information when required. A data backup plan, disaster recovery plan, and emergency mode operation plan are required under the safeguards specifications. Applies to the US health delivery and insurance industries
Joint Commission: Environment of Care Standards (2005) The Joint Commission sets standards for healthcare organization and issues accreditation to organizations that meet those standards. They dictate that all hospitals must have an emergency management program so that patient care can be continued effectively in the event of a disaster.  This regulatory requirement is mandatory. Applies to healthcare delivery organizations

Homeland Defense's Pandemic Preparedness Handbook (2007)

 This handbook has been prepared primarily to assist those working in the public health sector and especially those involved in pandemic preparedness planning to ensure appropriate measures are being taken to plan for combating potential pandemics.  This handbook is voluntary. Applies to corporate and governmental emergency response and public health planners
FDA 21 CFR Part 11 (1999) FDA regulations outline criteria for accepting electronic records, for documenting and validating authorized change processes to systems, and require backup power and backup software for key systems.  This regulatory requirement is mandatory. Applies to the life sciences and pharmaceutical industry
Joint Commission IM.2.30 (2008) The Joint Commission’s Standard IM.2.30 aims to ensure the continuity of information is maintained in hospitals.  The standard mandates that a business continuity/disaster recovery plan is developed and maintained that identifies the most critical information needs for patient care, treatment, and services and the impacts if the systems were not available.  The plan should also identify alternative means for processing and providing recovery of data. Applies to healthcare delivery organizations
 
© 2007-2010 Avalution Consulting LLC | Site Map | Contact Us | Terms of Use