Tel: (515) 865-4591
menu
menu
 
 

Business Impact Analysis policy for HIPAA Contingency Plan

Purpose:

The Business Impact Analysis (BIA) Policy document establishes the activities that need to be carried out by each Business Unit, Technology Unit, and Corporate Units (departments) within the organization. 

All departments must utilize this methodology to identify the processes they perform, the required resources to perform those processes, the timeframes in which those processes need to be recovered, any supporting dependencies, resources, facilities, etc, and the potential financial, operational, and legal/regulatory impact for the processes. 

 
Table of Contents

TERMINOLOGY     
ACCOUNTABILITY
COMPLIANCE        
REVISION HISTORY
ENDORSEMENT    

I.  POLICY OVERVIEW 

A. Purpose      
B.  Scope        
C.  Ownership Roles & Responsibilities           
D. Review Process      
E. Reporting Process   
F. Update Frequency and Annual Review        
G. Approval    

II. BIA REQUIREMENTS 

A. BIA Completion     
B.  Business Process Identification       
C.   Business Process Recovery Time Objective           
D.  Financial Impact     
E.  Operational Impact 
F.  Legal and Regulatory Impact          
G.  Manual Work-Around Procedures 
H.  Required Resource

III. BIA RESULTS 

A.  Overall RTO for Department          
B.  Communication      
C.  Retention of BIA Survey    

APPENDIX   

APPENDIX A:  BUSINESS IMPACT ANALYSIS STANDARDS   

To view specific section of this document, please contact us at Bob@training-hipaa.net or call us at (515) 865-4591.
 
HIPAA Certification Flyer

HIPAA Compliance Template Suites

HIPAA Training Comparison