Optum360 coding books logo
    Contact Us   (7 a.m.–7 p.m. CST)
  Home > Coding Central Articles > Coding Central Articles  
Coding Central
Coding Central Home
Inside Track to ICD-10
Coding Central Articles
Code This!
Case Studies
Chargemaster Corner

Articles for:
January 25, 2018

Four Tests Added to List of CLIA Waived Tests

In early January, the Centers for Medicare and Medicaid Services (CMS) announced new waived tests... Learn More

New and Revised Vaccine Codes Added to 2018 CPT Code Book

The American Medical Association (AMA) added and revised several vaccine CPT codes for its 201... Learn More

OIG Recommends Measures for Curbing Opioid Misuse and Fraud

Office of Inspector General testimony before the House Committee on Ways and Means in January ... Learn More

View Article Archive

To subscribe, paste this link into your preferred feedreader, or click on one of the buttons below:

Medical Coding News Archives

Disaster Recovery Plan–Are You Ready?

December 14, 2012:

In the aftermath of superstorm Sandy, many providers on the Eastern Seaboard were forced to test their disaster recovery plans that are required by the Health Insurance Portability and Accountability Act. In the face of such a natural disaster, fire, or other significant issue, would your organization be ready to deal with the consequences?

The HIPAA security standards require “documented, formal practices to manage the selection and execution of security measures to protect data and to manage the conduct of personnel in relation to the protection of data.” As part of these practices, there are administrative, physical, and technical safeguards, some with required implementation specifications and some with addressable implementation specifications. The addressable specifications can be approached and altered as needed, based on the needs of the particular organization.

Within the administrative safeguards is a standard regarding contingency planning, and included is a required implementation specification for a disaster recovery plan. The regulations require that each HIPAA-covered entity establish a disaster recovery plan that will allow the provider organization to restore any data loss. The organization is probably in good shape for data recovery because another implementation specification requires a data back-up plan. Recovery of lost data is a small portion of coping with disaster, however—there are many other elements an organization will have to handle.


  • Can any possible breach in security due to power outages, etc., be verified? Are the same security measures in place on back-up systems as on primary systems?
  • An organization should be sure to continue to manage the same level of security with “back-up” data and move to new servers, just as with primary data.

Replacement of equipment:

  • An organization must establish plans for replacing any equipment that may be damaged or destroyed.
  • A plan should be in place for reassigning equipment to staff, as well as reassigning user IDs and passwords.

Power outage:

  • An organization should make plans for dealing with a power outage, as well, and syncing with the emergency mode operation plan, also required under the HIPAA security regulations.

As an organization can never be sure when a disaster will strike, being prepared is vital to being able to care for patients at this crucial time. For more information on HIPAA security rule compliance, see Optum’s HIPAA Tool Kit.


Sign in to
Your Account
Forgot your username?
Forgot your password?
Don't have an account?
It's easy to create one.
Promo code

Have a promotional source code? Enter it here:

What is this?