Skip to content

Building a Disaster Recovery Plan for HIPAA Compliance

If your business needs to follow the Health Insurance Portability and Accountability Act of 1996’s, or HIPAA’s, requirements, then you need to have a disaster recovery plan. Many small companies accidentally conflate the ideas of a business continuity plan and a disaster recovery plan. Keep the two separate and stay in compliance.

What is the difference between business continuity and disaster recovery?

Both of the two plans have similar circumstances and preparation work. They outline the procedures you have in place to keep backup data safe and ready to use in the event of an emergency, and they both have action steps for when they are triggered.

But they also serve different purposes: a business continuity plan outlines how to keep your company moving during an ongoing emergency while a disaster recovery plan outlines how your IT department will bring the backup data securely to the forefront. One is about keeping the network as undamaged as possible while the other is about repairing damaged data stores.

How can you build a robust disaster recovery plan?

Different companies use different strategies. Before you get stuck with too many options and not enough specifics online, follow these steps:

Ask your IT support company

While IT support companies can’t tell you what other businesses in your state and industry are doing, they know what every plan should include. Tap into their advice (and possible templates) so you know your plan is compliant and competitive with other plans.

Go to Health Resources & Services Administration directly

If you don’t know what your plan and cybersecurity requirements are, it’s harder to stay compliant. Even as you use other resources to pull a plan together, find what HIPAA has to say word-for-word.

If you want to get started building out your disaster recovery plan, contact us.

a close up of a radio with the time displayed

Why You Need a UPS in Your Network Equipment

Apart from securing your computer network against breaches, it is advisable to ensure that the network hardware is plugged into a UPS (uninterruptible power supply) system.

the word rules spelled with scrabble tiles

What Are The Three Rules of HIPAA?

The Health Insurance Portability and Accountability Act (HIPAA) lays out three rules for protecting patient health information, namely: The Privacy

wheel house it logo

Let's Start a Conversation

Fill out the form below and a member of our team will contact you within 10 minutes. (Mon-Fri 8am-6pm EST)

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Let's Start a Conversation

Rory from wheel house IT

Call (954) 474-2204, option 2 to speak with a representative.

Send us an email at

Or contact us by form below:

"*" indicates required fields

This field is for validation purposes and should be left unchanged.