While healthcare practitioners tend to be competent providers of health-related services, they do struggle with improving operations, serving more patents, and ultimately generating more income. The Health Insurance Portability and Accountability Act (HIPAA) has complicated this effort, requiring any business that maintains patient records to implement a broad array of patient privacy and disaster recovery measures. The result is increased costs and more complex practice management needs – impacting areas where healthcare providers are already weak.
Particularly intimidating is the aspect of HIPAA compliance that requires healthcare providers to implement a disaster recovery program and demonstrate records security simultaneously. As the Obama administration has indicated, creating electronic medical records is a major initiative to decrease cost and increase convenience for both the patient and doctor.
Smaller practices, clinics and remote office locations are especially vulnerable to the expense of implementing both patient privacy and disaster recovery measures. Scanned x-rays, prescriptions and documents demand massive amounts of data storage and quickly become impractical to push over standard internet connections. Fortunately, HIPAA compliance does not have to be expensive.
Disaster proof hardware is one part computer storage hardware and one part safe. By being both an active data storage device as well as providing protection against fire, water, building collapse and theft, disaster proof hardware can act as a “black box” for any critical data. Using disaster proof hardware technology, healthcare providers have another tool at their disposal to comply with both the security and disaster recovery requirements of HIPAA with minimal intrusion.
For healthcare providers especially, the most important consideration in attaining HIPAA compliance is protecting the privacy and recoverability of patient data. Patient data is vital to ensuring the continuity of care in the wake of physical damage to the facility (e.g. fire, flooding, and structural damage). Complex disaster recovery practices are unnecessary; the primary goal is to protect data and render it recoverable. Disaster proof hardware can be a solution that helps practices comply with HIPAA by protecting and securing their data in a simple way. Disaster proof hardware offers the features necessary to comply with HIPAA without disrupting the practice – or its finances.
Healthcare providers should focus on a small set of specific disaster threats. While nuclear war or terror attacks might be devastating disaster threats, they have a low probability of occurring compared to a broken pipe, electrical fire or spilled coffee. To any business, the smaller disasters are much more likely to occur and they still can cause irreparable harm. Fires and floods are much more common; storms are not rare. A fire, even a contained blaze, can render decades of patient records useless - especially when followed by hundreds of gallons of water to put out the fire. A flood can prevent continuity of care for an extended period of time and also ruin vast amounts of paper and electronic data - think about the New Orleans Hospital basement filled with both patient records AND water! As with any business, an event such as a fire or flood can be devastating – typically leading to the permanent closure of the business.
HIPAA further requires that patient data remain private, requiring physical access control to prevent impropriety. Practitioners can secure disaster proof hardware to a floor or lock it in a secure server room, preventing theft and the subsequent misuse of private patient data. Additionally, the risk, cost and employee training associated with moving data offsite is eliminated. Physical security is an implicit HIPAA requirement – which disaster proof hardware can readily address when combined with other common key/lock security solutions.
Most important, some disaster proof hardware is quite simple to use. Installing disaster proof hardware is a plug and play operation from the computers USB port in some cases. Some disaster proof hardware can be placed on the local area network to allow sharing between users. Copying files to disaster proof hardware can entail simple drag-and-drop uses with familiar Windows design themes or be automated with continuous data protection backup software. Practitioners can focus on medicine; they do not have to become technology experts.
HIPAA has had a pronounced impact on the healthcare industry, all practices to divert their attention from patient care to implementing a protective barrier around private patient data. The cost and complexity of compliance do not have to be high. Using disaster proof hardware, smaller practices can implement patient privacy measures with only a modest expenditure while facilitating the continuity of care and practice operations in the wake of a disaster.
About The Author
Robb Moore, P.E., M.E., is the CEO and founder of ioSafe, a leading manufacturer of disaster-proof hardware and fireproof, waterproof data storage devices. Moore has a 20-year track record of developing revolutionary products in aerospace, consumer products, medical devices and computer products for Fortune 500 companies including Maxtor, Sun, Johnson & Johnson, Lockheed, Porter Cable and Applied Materials. Moore received a bachelor’s degree in mechanical engineering from the University of California, Santa Barbara, and he is a registered California Professional Engineer. In addition, he has served as the president of the Association of Contingency Planners in Sacramento. He is also a general aviation pilot, published author and primary inventor for multiple US patents.