And compliance DR Health Are you ready for all -
Every business should have a disaster recovery plan. But for many businesses, the DR plans are either outdated, nonexistent, or fail to provide a complete solution that allows them to operate at full capacity in disaster. The latter is particularly true at the moment for a number of clients in the health sector.
Many vendors are scrambling to meet HIPAA compliance guidelines and receive federal incentives under the American Recovery and Reinvestment Act. Too often, however, we see hospitals and private practices implementing DR provides that the compliance guidelines of the meeting, but forget the critical interdependencies within their systems that will allow them to continue working after a disaster.
Compliance guidelines to receive these incentives simply indicate that in the event of a disaster, you must be able to effectively get your information on the patient's electronic health (ePHI) in your information system hospital (HIS). What hospitals fail to take into account, however, is how this information is involved in the process throughout their systems and locations.
Let's say someone goes to the radiology department for X-rays. After X-rays, the information is loaded in the radiology PACS. Then, an event occurs that picks up all of the hospital network. According to the HIPAA guidelines, the HIS system is recovered with Ephi files. But the patient x-ray information can not be linked. Thus, although the hospital respects the rules of conformity and the HIS system is on, it is still not able to effectively treat the patient because information is missing. The staff moves to the next patient, but they are not able to provide treatment because the laboratory is also unable to provide test results in the SIS.
This domino effect can extend into the network data center and infrastructure concerns come into play at remote sites. Failure to recognize the importance of these critical interdependencies locks hospital in limbo until all systems return again and can communicate with the HIS.
When consilium1 is called to assist a health care provider, we take a holistic approach that starts with assessment and analysis to help the supplier not only ensure compliance, but also improve the overall performance and the security of its systems and how they work together. This comprehensive approach allows us to identify problems and scenarios that the supplier might otherwise overlook, and to help implement a disaster recovery plan that considers all systems, or a piece of the puzzle.
In addition, as we assess the needs of a supplier, we also conduct an impact assessment on business (BIA) to help us understand how a disaster would affect the company financially. Then we take a step further and make cost effective recommendations for inclusion in the company's planning.
For example, a large hospital is considering making an equity investment in a generator to power its radiology department where an ice storm or other natural disaster takes power. On paper, the investment made sense because the money generated by the radiology unit cover the cost of the generator. What hospital did not consider is that in an ice storm, everybody will do it for their rendezvous X-ray. So in addition to having to buy the generator and then pay operating costs, revenues of the hospital through the unit would be greatly reduced, it might not be the best way to handle the situation. It is at this level of analysis that separates us from our competitors and demonstrates our commitment to providing disaster recovery solutions thoughtful and complete.
To help our customers get the holistic view needed for disaster recovery, we developed a visual approach. By a logical plan in the hands of the health care provider during a disaster, a visual dashboard allows different organizing groups to work together and get updates instantly progressing. Allow them to see the systems at a glance and follow a simple task list and schedule helps them get their systems up and being much faster performance than conventional checklists.
We are really trying to help our clients see the big picture. Disaster recovery is not just about compliance, it is about business. It is about the process. It is working towards a solution to adversity. And in the health sector, it is patient. When we can help our clients think holistically and become true masters of the disaster, which is when we think we have done our job
Profile: Michael Montagliano
chief technologist and director of risk management practice, consilium1
Location: Rochester, NY
Web website www.consilium1.com
accent Company: specialized consulting and information technology services; working with clients in the insurance, financial, legal, healthcare, and government sectors
What people would be surprised to know about me: I spent 20 years on the road traveling the world as a rock and roll hero
least favorite part :. Six hours airport delays
0 comments:
Post a Comment