By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Health Works CollectiveHealth Works CollectiveHealth Works Collective
  • Health
    • Mental Health
  • Policy and Law
    • Global Healthcare
    • Medical Ethics
  • Medical Innovations
  • News
  • Wellness
  • Tech
Search
© 2023 HealthWorks Collective. All Rights Reserved.
Reading: Secure Health Information Exchange: Preparing for a Disaster
Share
Notification Show More
Font ResizerAa
Health Works CollectiveHealth Works Collective
Font ResizerAa
Search
Follow US
  • About
  • Contact
  • Privacy
© 2023 HealthWorks Collective. All Rights Reserved.
Health Works Collective > eHealth > Secure Health Information Exchange: Preparing for a Disaster
eHealth

Secure Health Information Exchange: Preparing for a Disaster

onlinetech
onlinetech
Share
5 Min Read
HIPAA Hosting Requirements: Disaster Recovery & Offsite Backup
SHARE

The ONC (Office of the National Coordinator for Health) recently blogged about disaster preparedness and health information exchange (HIE), citing the recent Hurricane Isaac as a reason for concern about accessing and locating health records in another state. In the event of a natural disaster, many people are displaced in neighboring states and may need access to their health records.

The ONC (Office of the National Coordinator for Health) recently blogged about disaster preparedness and health information exchange (HIE), citing the recent Hurricane Isaac as a reason for concern about accessing and locating health records in another state. In the event of a natural disaster, many people are displaced in neighboring states and may need access to their health records.

To answer the question, are we ready? the ONC created a consortium with representatives from several Southeast states; the Southeast Regional HIT-HIE Collaboration (SERCH). Their recommendations for HIE between different states in the event of a disaster are as follows:

  • Review the state’s disaster response policies and laws. Connect with the state agency that is responsible for Emergency Support Function #8 (ESF) (Public Health and Medical Services) before a disaster strikes. ESF allows for coordinated federal assistance to supplement medical resources in an emergency.
  • One way to establish a waiver of liability for the release of records in the declaration of an emergency is to enact the Mutual Aid Memorandum of Understanding (MOU), a type of contract.
  • In the event of a disaster, this also allows the default of state privacy and security laws to the federal Health Insurance Portability and Accountability Act (HIPAA). This is helpful if one state has more stringent patient privacy and security laws than another. It ensures that if a patient is relocated away from the disaster site, they can still receive care and not be held up by state laws.
  • Consider using the Data Use and Reciprocal Support Agreement (DURSA)  to address patient privacy, security and data-sharing concerns. DURSA is a trust agreement between entities, organizations and federal agencies that choose to exchange electronic health information based on a set of national standards, services and policies. This ensures everyone is on the same page with security, and is useful in the event of a disaster when people are displaced.
  • Assess HIE resources and other available health data-sharing entities, and consider a phased approach when establishing interstate HIE:
  1. Phase 1 includes leveraging existing systems of storing and transmitting ePHI (electronic protected health information).
  2. Phase 2 includes implementing interstate directories to provide data across services in a disaster.
  3. Phase 3 includes leveraging a fully functioning state HIE that allows for integrated patient look-up and physician authentication services.
HIPAA Hosting Requirements: Disaster Recovery & Offsite Backup

HIPAA Hosting Requirements: Disaster Recovery & Offsite Backup

While preparing for HIE in the event of a disaster is key to providing quality care, preserving and ensuring the availability of patient records is a healthcare organization’s responsibility. The HIPAA Contingency Plan standard described in section 164.308(a)(7) mandates the use of a data backup plan, disaster recovery plan, emergency mode operation plan, testing and revision procedures, and application and data criticality analysis.

More Read

Rural Telehealth Cliff Averted
FDA Offers Guidance on Social Media Etiquette for Medical Device Manufacturers
Privacy, Anonymity and Net Neutrality On the Internet – Excellent Stanford University Lecture (Video)
Daycare Telemedicine Pilot
What Can The New iPad Do For Healthcare?

Protecting healthcare data and ensuring its availability means putting procedures in place to mitigate disasters, and having a solid plan in-hand to activate when a disaster occurs. The infrastructure to do this is defined by two perspectives:

  1. Disaster Prevention – Putting all the tools in place to minimize the probability of an outage in the data center infrastructure, server hardware, software and network connectivity.
  2. Disaster Recovery – Assuring that the applications and data can be recovered and restored in a reasonable timeframe to continue running the business and making patient data available if a disaster occurs in the primary data center.

The use of HIE systems, including EHR (electronic health record) and EMR (electronic medical record) systems, requires data to be hosted in a secure, HIPAA compliant environment. To find out what components are necessary for a HIPAA compliant data center, including a full diagram and descriptions, read our HIPAA Compliant Hosting white paper.

References:
DURSA from the National eHealth Collaborative
Disaster Preparedness and Health Information Exchange
Emergency Support Function #8 – Public Health and Medical Services Annex (PDF)
Southeast Regional HIT-HIE Collaboration (SERCH) Final Report: Health Information Exchange in Disaster Preparedness and Response (PDF)

TAGGED:disaster preparedness
Share This Article
Facebook Copy Link Print
Share

Stay Connected

1.5kFollowersLike
4.5kFollowersFollow
2.8kFollowersPin
136kSubscribersSubscribe

Latest News

dental care
Importance of Good Dental Care for Health and Confidence
Dental health Specialties
October 2, 2025
AI in Healthcare
AI in Healthcare: Technology is Transforming the Global Landscape
Global Healthcare Policy & Law Technology
October 1, 2025
Choosing the Right Swimwear for Health and Safety
News
September 30, 2025
sports concussions
Concussion In Sports: How Common They Are And What You Need To Know
Infographics
September 28, 2025

You Might also Like

patient data
eHealthMedical Records

Consumer Generated Data: Your “Data Exhaust”

July 17, 2014

Sutter Health HIPAA Breach: Lessons Learned

November 21, 2011

Equipping EMS Workers: Trying to Create an ER on Wheels

August 25, 2012

Social Media Summit at Mayo Clinic: Final Day Exclusive Report

October 20, 2011
Subscribe
Subscribe to our newsletter to get our newest articles instantly!
Follow US
© 2008-2025 HealthWorks Collective. All Rights Reserved.
  • About
  • Contact
  • Privacy
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?