![Page 1: Disaster Recovery and Business Continuity Planning for ... · Hardware failure Software inconsistencies Unintentional / unplanned failures (that is, accidental, such as the breakage](https://reader030.vdocuments.net/reader030/viewer/2022040907/5e7e29ba41c4626d3744cf27/html5/thumbnails/1.jpg)
866-276-8309
Disaster Recovery and Business Continuity Planning for Information Systems
![Page 2: Disaster Recovery and Business Continuity Planning for ... · Hardware failure Software inconsistencies Unintentional / unplanned failures (that is, accidental, such as the breakage](https://reader030.vdocuments.net/reader030/viewer/2022040907/5e7e29ba41c4626d3744cf27/html5/thumbnails/2.jpg)
DIY TOOLKITDIY assessment, training,customized policies & proceduresand much more …
CONSULTINGProfessional servicesto help you with your Compliance needs
WHO WE ARE …
We assist organizations in developing and implementing practices to secure sensitive
data and comply with regulatory requirements.
1
MANAGED SERVICESManaged compliance and security services to focus on your key business outcome.
![Page 3: Disaster Recovery and Business Continuity Planning for ... · Hardware failure Software inconsistencies Unintentional / unplanned failures (that is, accidental, such as the breakage](https://reader030.vdocuments.net/reader030/viewer/2022040907/5e7e29ba41c4626d3744cf27/html5/thumbnails/3.jpg)
DISCLAIMERConsult your attorney
2
ALL WEBINARS ARE RECORDED AND AVAILABLE AS AN “ON DEMAND” SUBSCRIPTION
This webinar has been provided for educational and informational purposes only and is not intended and should not be construed to constitute legal advice.
Please consult your attorneys in connection with any fact-specific situation under federal law and the applicable state or local laws that may impose additional obligations on you and your company.
![Page 4: Disaster Recovery and Business Continuity Planning for ... · Hardware failure Software inconsistencies Unintentional / unplanned failures (that is, accidental, such as the breakage](https://reader030.vdocuments.net/reader030/viewer/2022040907/5e7e29ba41c4626d3744cf27/html5/thumbnails/4.jpg)
Kaila’s Background
3
• Security and Compliance
• Cyber Security
• Risk Assessment
• Rotarian
• Member of Information Systems Security Association (ISSA) & Information Systems Audit and Control Association (ISACA).
• Interests : Yoga, Meditation & Ayurvedic lifestyle
Kaila PatelCyber Security Compliance Analyst
![Page 5: Disaster Recovery and Business Continuity Planning for ... · Hardware failure Software inconsistencies Unintentional / unplanned failures (that is, accidental, such as the breakage](https://reader030.vdocuments.net/reader030/viewer/2022040907/5e7e29ba41c4626d3744cf27/html5/thumbnails/5.jpg)
1 BACKGROUND
2 WHY BC/DR IS IMPORTANT
3 IMPORTANT STEPS IN BC/DR
4 BACKUP & RESTORE SOLUTION
6 NEXT STEPS
AGENDA
5 TABLE TOP EXERCISES
Always available via email to answer any questions
7 Q&A
![Page 6: Disaster Recovery and Business Continuity Planning for ... · Hardware failure Software inconsistencies Unintentional / unplanned failures (that is, accidental, such as the breakage](https://reader030.vdocuments.net/reader030/viewer/2022040907/5e7e29ba41c4626d3744cf27/html5/thumbnails/6.jpg)
BACKGROUND
5
Business continuity planning and Disaster recovery planning for information systems are the most crucial elements of a business that solely relies on technology but are often ignored. Businesses must make a well-structured plan and document for disaster recovery and business continuation, even before a natural calamity or ransomware occurs. Disasters can be short or may last for a long time, but when an organization is ready for any adversity, it thrives hard and survives.
“Data is the new oil” especially ePHI data for Health Care Industry
![Page 7: Disaster Recovery and Business Continuity Planning for ... · Hardware failure Software inconsistencies Unintentional / unplanned failures (that is, accidental, such as the breakage](https://reader030.vdocuments.net/reader030/viewer/2022040907/5e7e29ba41c4626d3744cf27/html5/thumbnails/7.jpg)
WHY BC / DR IS IMPORTANT
Health Care providers Electronic Protected Health Information
❑ Store
❑ Process
❑ Produce
❑ Transfer /Receive
![Page 8: Disaster Recovery and Business Continuity Planning for ... · Hardware failure Software inconsistencies Unintentional / unplanned failures (that is, accidental, such as the breakage](https://reader030.vdocuments.net/reader030/viewer/2022040907/5e7e29ba41c4626d3744cf27/html5/thumbnails/8.jpg)
WHY BC / DR IS IMPORTANT ….contd
7
❑ Ransomware attacks
❑ Phishing attacks
❑ Remote Desktop Protocol Vulnerabilities
❑ Weak Authentication
❑ Current and former workforce members
❑ Natural Disasters
Disaster Readiness - How often should you test your Disaster Recovery Plans?
![Page 9: Disaster Recovery and Business Continuity Planning for ... · Hardware failure Software inconsistencies Unintentional / unplanned failures (that is, accidental, such as the breakage](https://reader030.vdocuments.net/reader030/viewer/2022040907/5e7e29ba41c4626d3744cf27/html5/thumbnails/9.jpg)
WHY BC / DR IS IMPORTANT….. contd
8
❑ Access Controls / Logical and Physical access control
❑ An act of terrorism
❑ Hardware failure
❑ Software inconsistencies
❑ Unintentional / unplanned failures (that is, accidental, such as
the breakage of a man-made dam)
❑ HIPAA Compliance requirements
Disaster Readiness - How often should you test your Disaster Recovery Plans?
![Page 10: Disaster Recovery and Business Continuity Planning for ... · Hardware failure Software inconsistencies Unintentional / unplanned failures (that is, accidental, such as the breakage](https://reader030.vdocuments.net/reader030/viewer/2022040907/5e7e29ba41c4626d3744cf27/html5/thumbnails/10.jpg)
![Page 11: Disaster Recovery and Business Continuity Planning for ... · Hardware failure Software inconsistencies Unintentional / unplanned failures (that is, accidental, such as the breakage](https://reader030.vdocuments.net/reader030/viewer/2022040907/5e7e29ba41c4626d3744cf27/html5/thumbnails/11.jpg)
IMPORTANT STEPS IN BC/DR
Develop BYOD policy to allow use of personal devices to access patient data
❑ Inventorying
❑ Conducting a Business Impact Analysis
❑ Prioritizing
❑ Planning
❑ Testing
❑ Documenting
Business Impact Analysis (BIA): To reveal any possible weaknesses, a single point of failure
![Page 12: Disaster Recovery and Business Continuity Planning for ... · Hardware failure Software inconsistencies Unintentional / unplanned failures (that is, accidental, such as the breakage](https://reader030.vdocuments.net/reader030/viewer/2022040907/5e7e29ba41c4626d3744cf27/html5/thumbnails/12.jpg)
BACKUP & RESTORE SOLUTION
Develop BYOD policy to allow use of personal devices to access patient data
❑ Design Backup solution
❑ Design Restore Solution
❑ RPO (Recovery Point Objective)
❑ RTO (Recovery Time Objective)
3 – 2 – 1 approach to backup – “Belt, Button and Suspenders”
![Page 13: Disaster Recovery and Business Continuity Planning for ... · Hardware failure Software inconsistencies Unintentional / unplanned failures (that is, accidental, such as the breakage](https://reader030.vdocuments.net/reader030/viewer/2022040907/5e7e29ba41c4626d3744cf27/html5/thumbnails/13.jpg)
BACKUP & RESTORE SOLUTION…contdDesign Backup solution
• Develop and design a backup solution that meets the defined RPO and RTO
• Consider risks of relying solely on one solution. • Know where your data resides (ref architecture diagram on slide 9)• Separate backup copies of the Operating System files from the
application and data.• 3 copies of critical data
• On 2 different devices / media, one onsite for fast restore• One location specifically offsite protecting from site loss• A 3rd disk solution (USB drive for small amount of data or an emergency recovery
disk) in case there is no internet access, This solution can be accessed immediately.
3 – 2 – 1 approach to backup – “Belt, Button and Suspenders”
![Page 14: Disaster Recovery and Business Continuity Planning for ... · Hardware failure Software inconsistencies Unintentional / unplanned failures (that is, accidental, such as the breakage](https://reader030.vdocuments.net/reader030/viewer/2022040907/5e7e29ba41c4626d3744cf27/html5/thumbnails/14.jpg)
BACKUP & RESTORE SOLUTION…contd
Develop BYOD policy to allow use of personal devices to access patient data
❑ Design Restore Solution
❑ Test restoring of the data periodically
❑ At a minimum – restore a single database or application
❑ Conduct an end to end test after restoring of the database and
application.
3 – 2 – 1 approach to backup – “Belt, Button and Suspenders”
![Page 15: Disaster Recovery and Business Continuity Planning for ... · Hardware failure Software inconsistencies Unintentional / unplanned failures (that is, accidental, such as the breakage](https://reader030.vdocuments.net/reader030/viewer/2022040907/5e7e29ba41c4626d3744cf27/html5/thumbnails/15.jpg)
BACKUP & RESTORE SOLUTION…contd
Develop BYOD policy to allow use of personal devices to access patient data
❑ RPO (Recovery Point Objective)
❑Refers to the amount of data at risk, that potentially could
be lost
❑ RTO (Recovery Time Objective)
❑Is a metric used to calculate time for Recovery
3 – 2 – 1 approach to backup – “Belt, Button and Suspenders”
![Page 16: Disaster Recovery and Business Continuity Planning for ... · Hardware failure Software inconsistencies Unintentional / unplanned failures (that is, accidental, such as the breakage](https://reader030.vdocuments.net/reader030/viewer/2022040907/5e7e29ba41c4626d3744cf27/html5/thumbnails/16.jpg)
TABLE TOP EXERCISES
Develop BYOD policy to allow use of personal devices to access patient data
Who needs to seat at the Table and why?
❑ Key Roles and Responsibilities
❑ Thorough coordinated efforts
❑ Assemble knowledgeable group / SMEs
Walk through of finding out “How Prepared are your DR / BC plans?”
![Page 17: Disaster Recovery and Business Continuity Planning for ... · Hardware failure Software inconsistencies Unintentional / unplanned failures (that is, accidental, such as the breakage](https://reader030.vdocuments.net/reader030/viewer/2022040907/5e7e29ba41c4626d3744cf27/html5/thumbnails/17.jpg)
TABLE TOP EXERCISES ….contd
Develop BYOD policy to allow use of personal devices to access patient data
Topics for Table Top Exercises
❑ Identify short / long term access to critical production operations
❑ Mission critical application
❑ Resource / cross training
End Goal is to document a fully populated Disaster Recovery Plan and conduct a dry run of the DR /BC plans
![Page 18: Disaster Recovery and Business Continuity Planning for ... · Hardware failure Software inconsistencies Unintentional / unplanned failures (that is, accidental, such as the breakage](https://reader030.vdocuments.net/reader030/viewer/2022040907/5e7e29ba41c4626d3744cf27/html5/thumbnails/18.jpg)
17
NEXT STEPS
Contact databrackets for free no-obligation evaluation on your Business Continuity & Disaster Recovery for Information Systems assessment needs
866-276 8309 or [email protected]
![Page 19: Disaster Recovery and Business Continuity Planning for ... · Hardware failure Software inconsistencies Unintentional / unplanned failures (that is, accidental, such as the breakage](https://reader030.vdocuments.net/reader030/viewer/2022040907/5e7e29ba41c4626d3744cf27/html5/thumbnails/19.jpg)
18
UPCOMING EVENTS
❑MIPS/MACRA Security Risk Assessment Requirements for 2019 Attestation – 12/5
Register now >> databrackets.com/webinars
![Page 20: Disaster Recovery and Business Continuity Planning for ... · Hardware failure Software inconsistencies Unintentional / unplanned failures (that is, accidental, such as the breakage](https://reader030.vdocuments.net/reader030/viewer/2022040907/5e7e29ba41c4626d3744cf27/html5/thumbnails/20.jpg)
CALL US
866-276 8309SERVICE
150, Cornerstone Dr. Cary, NC
SOCIALIZE
FacebookTwitter
FIND US
Twitter: @databrackets Facebook: databrackets19
![Page 21: Disaster Recovery and Business Continuity Planning for ... · Hardware failure Software inconsistencies Unintentional / unplanned failures (that is, accidental, such as the breakage](https://reader030.vdocuments.net/reader030/viewer/2022040907/5e7e29ba41c4626d3744cf27/html5/thumbnails/21.jpg)
20
Please don’t hesitate to ask
Questions
![Page 22: Disaster Recovery and Business Continuity Planning for ... · Hardware failure Software inconsistencies Unintentional / unplanned failures (that is, accidental, such as the breakage](https://reader030.vdocuments.net/reader030/viewer/2022040907/5e7e29ba41c4626d3744cf27/html5/thumbnails/22.jpg)
21
for your attention!
Thank You
![Page 23: Disaster Recovery and Business Continuity Planning for ... · Hardware failure Software inconsistencies Unintentional / unplanned failures (that is, accidental, such as the breakage](https://reader030.vdocuments.net/reader030/viewer/2022040907/5e7e29ba41c4626d3744cf27/html5/thumbnails/23.jpg)
Thank you for joining us today
23 October, 2019
22
To purchase reprints of this document, please email [email protected].