By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Health Works CollectiveHealth Works CollectiveHealth Works Collective
  • Health
    • Mental Health
  • Policy and Law
    • Global Healthcare
    • Medical Ethics
  • Medical Innovations
  • News
  • Wellness
  • Tech
Search
© 2023 HealthWorks Collective. All Rights Reserved.
Reading: Secure Health Information Exchange: Preparing for a Disaster
Share
Notification Show More
Font ResizerAa
Health Works CollectiveHealth Works Collective
Font ResizerAa
Search
Follow US
  • About
  • Contact
  • Privacy
© 2023 HealthWorks Collective. All Rights Reserved.
Health Works Collective > eHealth > Secure Health Information Exchange: Preparing for a Disaster
eHealth

Secure Health Information Exchange: Preparing for a Disaster

onlinetech
onlinetech
Share
5 Min Read
HIPAA Hosting Requirements: Disaster Recovery & Offsite Backup
SHARE

The ONC (Office of the National Coordinator for Health) recently blogged about disaster preparedness and health information exchange (HIE), citing the recent Hurricane Isaac as a reason for concern about accessing and locating health records in another state. In the event of a natural disaster, many people are displaced in neighboring states and may need access to their health records.

The ONC (Office of the National Coordinator for Health) recently blogged about disaster preparedness and health information exchange (HIE), citing the recent Hurricane Isaac as a reason for concern about accessing and locating health records in another state. In the event of a natural disaster, many people are displaced in neighboring states and may need access to their health records.

To answer the question, are we ready? the ONC created a consortium with representatives from several Southeast states; the Southeast Regional HIT-HIE Collaboration (SERCH). Their recommendations for HIE between different states in the event of a disaster are as follows:

  • Review the state’s disaster response policies and laws. Connect with the state agency that is responsible for Emergency Support Function #8 (ESF) (Public Health and Medical Services) before a disaster strikes. ESF allows for coordinated federal assistance to supplement medical resources in an emergency.
  • One way to establish a waiver of liability for the release of records in the declaration of an emergency is to enact the Mutual Aid Memorandum of Understanding (MOU), a type of contract.
  • In the event of a disaster, this also allows the default of state privacy and security laws to the federal Health Insurance Portability and Accountability Act (HIPAA). This is helpful if one state has more stringent patient privacy and security laws than another. It ensures that if a patient is relocated away from the disaster site, they can still receive care and not be held up by state laws.
  • Consider using the Data Use and Reciprocal Support Agreement (DURSA)  to address patient privacy, security and data-sharing concerns. DURSA is a trust agreement between entities, organizations and federal agencies that choose to exchange electronic health information based on a set of national standards, services and policies. This ensures everyone is on the same page with security, and is useful in the event of a disaster when people are displaced.
  • Assess HIE resources and other available health data-sharing entities, and consider a phased approach when establishing interstate HIE:
  1. Phase 1 includes leveraging existing systems of storing and transmitting ePHI (electronic protected health information).
  2. Phase 2 includes implementing interstate directories to provide data across services in a disaster.
  3. Phase 3 includes leveraging a fully functioning state HIE that allows for integrated patient look-up and physician authentication services.
HIPAA Hosting Requirements: Disaster Recovery & Offsite Backup

HIPAA Hosting Requirements: Disaster Recovery & Offsite Backup

While preparing for HIE in the event of a disaster is key to providing quality care, preserving and ensuring the availability of patient records is a healthcare organization’s responsibility. The HIPAA Contingency Plan standard described in section 164.308(a)(7) mandates the use of a data backup plan, disaster recovery plan, emergency mode operation plan, testing and revision procedures, and application and data criticality analysis.

More Read

The PCMH and Home Care Data: An Interview with Melissa McCormack
4 Practical Reasons You Need an Efficient EMS ePCR Software
Challenges Evaluating mHealth’s Success
There’s an App for That: Using Mobile Technology to Improve Healthcare and Lower Costs
How To Use SMS To Increase Customer Satisfaction In Healthcare

Protecting healthcare data and ensuring its availability means putting procedures in place to mitigate disasters, and having a solid plan in-hand to activate when a disaster occurs. The infrastructure to do this is defined by two perspectives:

  1. Disaster Prevention – Putting all the tools in place to minimize the probability of an outage in the data center infrastructure, server hardware, software and network connectivity.
  2. Disaster Recovery – Assuring that the applications and data can be recovered and restored in a reasonable timeframe to continue running the business and making patient data available if a disaster occurs in the primary data center.

The use of HIE systems, including EHR (electronic health record) and EMR (electronic medical record) systems, requires data to be hosted in a secure, HIPAA compliant environment. To find out what components are necessary for a HIPAA compliant data center, including a full diagram and descriptions, read our HIPAA Compliant Hosting white paper.

References:
DURSA from the National eHealth Collaborative
Disaster Preparedness and Health Information Exchange
Emergency Support Function #8 – Public Health and Medical Services Annex (PDF)
Southeast Regional HIT-HIE Collaboration (SERCH) Final Report: Health Information Exchange in Disaster Preparedness and Response (PDF)

TAGGED:disaster preparedness
Share This Article
Facebook Copy Link Print
Share

Stay Connected

1.5kFollowersLike
4.5kFollowersFollow
2.8kFollowersPin
136kSubscribersSubscribe

Latest News

Epidemiological Health Benefits
Personal and Epidemiological Health Benefits of Blood Pressure Management
Health
October 13, 2025
Traumatic Brain Injuries
Understanding Traumatic Brain Injuries: What Families Need to Know
Policy & Law
October 10, 2025
Remote Monitoring touchpoints
Remote Monitoring Touchpoints Patients Will Actually Follow
Technology
October 9, 2025
dental care
Importance of Good Dental Care for Health and Confidence
Dental health Specialties
October 2, 2025

You Might also Like

Consumer Directed Health to Social Media…’Consumerism’ Has Become the Undeniable Force in Healthcare

January 20, 2012
patient portal
eHealthMedical Records

First Principle of Patient Engagement and Patient Portals: Be “Relevant” From the Patient’s Perspective

July 27, 2013

Patient Engagement and Health IT: Disillusionment Sets In, Poll Shows

February 12, 2015

Social Business Intelligence for Healthcare

May 25, 2013
Subscribe
Subscribe to our newsletter to get our newest articles instantly!
Follow US
© 2008-2025 HealthWorks Collective. All Rights Reserved.
  • About
  • Contact
  • Privacy
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?