More IT Jobs in Health Care – Business Interruption Planning

Information Management Magazine and Insurance Networking News both report that there was significant growth in the Health Care field in the number of IT jobs available.  Much of this is due to the requirement that all medical records (EHR) are required to be mechanized and new compliance requirements for the Affordable Health Care Act (aka Obama-care).

It is estimated that the Health Care IT spending will increase by up to 25% in the next two years.  Spending last year for Health Care software was was close to $7 billion and is expected to grow by over $1 Billion in the next year.  Much of that spending will be in the “small practice” physician and “small hospitals”.  The question is how protected will they be from business interruptions and security attacks.

Do have any comments on this?

 

Will your disaster recovery provider be in business when you need them?

Disaster Recovery plans that depend on outsourcers face significant additional risk

What if your were in Florida and the Hurricane season was in full swing and your provider decided to go out of business. Would you have the time to move to a new provider and test your solution before you need to execute your plan?

For example, earlier in the year Google decided to close its Message Continuity service. Google gave most clients a reasonable timescale to find an alternative supplier. This allowed existing Message Continuity contracts to run until their contacts expired. What if that was the communication solution you had selected for communicating with your staff? Would you be able to implement a new one on time.

Business Continuity - Disasters Happen

Another example was the news that Doyenz, the US-based supplier of rCloud, a service which offers disaster recovery for physical and virtual servers, had decided to pull the plug on its UK operations. Clients were given not weeks or months but days to respond and to find a new supplier.

CIOs and IT managers all need to consider all of the possibilities and have alternative solutions in place and tested.

FEMA Conference videos

FEMA conference videos which discuss tools and services available in the disaster and business continuity processes.

Help us edit our site and our blog

We are looking for people who can help us find typo’s and poor grammar on our sites. We are offering incentives like major discounts on our products or free copies of selected products.

Sites include:

www.e-janco.com
www.ejobdescription.com
www.it-toolkits.com

Life cycle for business continuity and security breaches are the same

When a security breach or business interruption occur, the life cycle from the start to the end are the same.  First and foremost you must be prepared and have a plan in place.  Included in that plan is a being  able to know that the event or incident has occurred.  Then react to what has happened and get back to normal operations as quickly as possible.

 

Incident Response Team

After everything is back to the way it should be there should always be a post event analysis to find out what worked, what did not, and what could be done better.

Include Social Media in Your Business Continuity Plans

6 Ways to Utilize Social Media Before a Disaster Strikes

by Adam Crowe

When creating a disaster recovery plan include social media.  Simple things like having a predefined hash tag (#companynameBC) will make the recover process easier and provide a quick way to get back in business. In addition utilize sites like youtube.com to have instructions on what and how to do it in the recovery process.

http://www.emergencymgmt.com/disaster/6-Ways-Utilize-Social-Media-Disaster.html

Radiological and Nuclear Disaster Planning

Meeting ISO 27031 Requirements

Meeting ISO 27031 Requirements

ISO 27031

The ISO Standard defines the Information and Communication Technology (ITC) Requirements for Business Continuity (IRBC) program that supports the mandate for an infrastructure that supports business operations when an event or incident with its related disruptions affects the continuity of critical business functions. This includes security of crucial data as well as enterprise operations.

The ISO standard centers around fours areas; Plan, Do, Check, and Act.

Plan Do Check Act Cycle

  • Plan – Establish a Disaster Recovery Business Continuity policy with objectives, metrics, and processes relevant to managing risk and improving the enterprise’s Information and Communication Technology ability and readiness to operate at the level defined within the parameters of the enterprise’s overall disaster recovery and business continuity objectives.
  • Do – Implement and operate the Disaster Recovery and Business Continuity policies, procedures, controls, and processes.
  • Check – Assess and monitor the performance metrics as defined within the Disaster Recovery and Business Continuity policy metrics and communicate the results to the management of the enterprise. This process can be done via an audit, a test of the plan, or an actual execution of the plan via a post event analysis session.
  • Act – Modify the Disaster Recovery and Business Continuity policies, procedures, and metrics based on the “Check” (audit, test, or execution of the plan) in order to improve the Disaster Recovery and Business Continuity Policy.

Order Disaster Plan TemplateDisaster Plan Sample