Disaster Planning--论文代写范文精选

51due论文代写网精选代写范文：“Disaster Planning”这篇论文讲述的是灾难规划和病人数据安全1灾害规划和病人数据安全对任何灾难的适当的反应是确保计划已经到位，确保该组织的所有成员了解应对灾难和规则的作用跟随如果灾难发生。

Running head: Disaster Planning and Patient Data Security 1 Disaster Planning and Patient Data Security The appropriate response to any disaster is to ensure that a plan is already in place that ensures all members of the organization understand their role in response to the disaster and the rules to follow if a disaster takes place. The rules should be set forth by Management and should describe the responsibility from the top-down, including each department, unit, and person. The Management strategy in a disaster should be easy to apply and understand as it should be based on daily procedures and routines that are already in place. In the case of a major hurricane destroying patient information, the first step in responding to this situation would be to adequately train the staff on the policies and procedures to follow to ensure that damage is minimized and patient data is secured and protected (Ruter, 2006). Then the organization must implement the Management strategy so that when a disaster takes place, the organization can put into place the policies and procedures that will best protect the patient data and expose it to the smallest amount of risk. HIPAA will play a major role in the training of employees as the importance of ensuring that even data appearing to be destroyed must be protected is made known.

The organization should conduct a thorough review of the records storage area to ensure that records will be contained even if they are damaged or destroyed. In an ideal scenario, the organization would not have any physical records on the premises. A pre-emptive measure to a disaster such as a flood would be to scan all patient documentation into a document storage system that can be accessed through the network. This would avoid from the physical records of patients being spread around the disaster area where a clear violation of HIPAA could occur. Many organizations do not save any physical records for this reason and the organization could benefit by following this practice during a disaster. Any HIPAA violation could further complicate the ability of the organization to recover from the disaster. Ensuring that patient data is not lost is an important factor in responding effectively to a disaster. Maintaining the security and privacy of patient data in a disaster is not only important from a compliance standpoint, but also from an operational perspective. Safeguarding patient information is important to ensuring that the healthcare organization can continue to provide services to patients. The potential business impact of a major data loss or security breach can be devastating and should create urgency within the organization to have a backup plan in place. Many organizations use the basic backup strategy of copying and storing data at the end of each business day. This is not the most effective way for the organization to backup its data. “A more reasonable strategy for practices without significant IT staff would be to use an outside data security vendor that offers remote back-up services. In the simplest form of remote back-up vendors take snapshots at various points over the course of the day of your data. Continuous back-up (data is sent off site as it is stored on the local system) is also available and provides the highest level of security” (Carter, 2008) The next consideration is business continuity. After the disaster, the organization should have staff that is trained on the steps to continue business operations. A training response team should be periodically trained on recovery procedures. Even certain staff members that aren’t on the training response team should be trained so that there are individuals available in case a disaster hits. “After a disaster strikes, the disaster response team begins to perform its various tasks that relate to the assessment, restart, and recovery of the critical IT systems that support critical business processes” (Gregory & Rothstein, 2008). Communication will also be a critical function of the disaster recovery team. As the situation unfolds and there will be many decisions that must be made regarding the best procedures to move forward. The organization will have to communicate to employees , customers, management, and suppliers.

The plan for how the organization will communicate the security situation regarding sensitive patient data should already be planned out. The organization should consider different possible scenarios and be able to communicate the current situation effectively so that all interested parties are informed of the events taking place and the organization’s plan for recovery. Preparation will be vital in ensuring that patient data is handled properly and operations are maintained. “Many medical practices will encounter a disaster that may be a natural disaster, an accident, or an intentional act of violence. Unfortunately, few practices are prepared for such a disaster” (Baum & McDaniel, 2008). To avoid from being one of the practices unprepared for this disaster, the organization should have put into place a Management plan that accounted for as many of the variables as possible related to the potential loss of sensitive data and interruption in operations. At some point, patients will be asking to ensure that their medical records have not been compromised and are also safely stored for future use. The organization will be able to communicate to them that all of the necessary measures were already taken and the data is secure as long as a plan was in place and employees were trained before any disaster occurred. Planning will be vital if the organization expects to recover from any loss of private data and interruption to operations.

The first step in any plan will be to adequately train the staff in case of any disaster. When dealing with patient data, HIPAA must always be considered as any compliance violations can compound the already negative situation created by the hurricane. The organization should also have in place a data backup system and a document scanning and storage system preferably. A training response team should be in place that understands the protocol if a disaster occurs and provides effective communication to all parties affected by the disaster. After that, the organization should ensure that operations are able to continue by replacing damaged equipment and by utilizing a third party data storage company to continue using current patient data to provide quality care. Disasters happen to many organizations and they happen unexpectedly. Through effective disaster management and putting in place practices that will safeguard patient data, the organization will have the best opportunity to continue operations. References Ruter, A. (2006). Disaster medicine- performance indicators, information support and documentation. Linköping University Medical Dissertations, 1, 13-30. Carter, J. H. (2008). Electronic Health Records, Second Edition(2nd ed.). Philadelpia: American College Of Physicians. Gregory, P., & Rothstein, P. J. (2008). IT Disaster Recovery Planning For Dummies (For Dummies (Computer/Tech)). New York: For Dummies. Baum, N., & McDaniel, J. W. (2008). Disaster Planning For The Clinical Practice (First ed.). Boston: Jones & Bartlett Publishers.

51Due网站原创范文除特殊说明外一切图文著作权归51Due所有；未经51Due官方授权谢绝任何用途转载或刊发于媒体。如发生侵犯著作权现象，51Due保留一切法律追诉权。

更多论文代写范文欢迎访问我们主页 www.51due.com 当然有论文代写需求可以和我们24小时在线客服 QQ:800020041 联系交流。-C