Disaster Recovery Plan (DRP) Template to achieve HIPAA Security Compliance

This main document contains the non-technical activities that need to be completed in support of Disaster Recovery operations.  The following sections contain contact numbers, contact personnel, activation and notification procedures, an overview of recovery teams, vendor contact information, and recovery locations.

The detailed technical recovery procedures for all components are located in the appendix since these recovery plans are modified on a regular basis due to periodic configuration changes of the company’s Technology Environment.  Furthermore, with continual changes to the hardware, network, and operating systems (OS), technical documents such as the detailed individual DR Plans for this environment will be updated on a regular basis to ensure changes in hardware and operating systems are reflected in the technical DR Procedures.

 

Table of Contents for Server Recovery Plan

CONFIDENTIALITY STATEMENT

PLAN MAINTENANCE 

PLAN EXERCISE

PLAN LOCATION

PLAN DISTRIBUTION

MEDIA POLICY

EXECUTIVE SUMMARY

Definition of A Disaster
Disaster Declaration Criteria

QUICK REFERENCE GUIDE

SCOPE & OBJECTIVES

Scope of This Plan
Objectives of This Plan

RECOVERY STRATEGY

Recovery Strategy
Application & System Recovery
Network Recovery
Telecommunications Recovery
Contractual Agreement for Recovery Services

PLAN ASSUMPTIONS & EXPOSURES 

Planning Assumptions
Known Exposures

DISASTER DECLARATION PROCEDURE

Declaration Authority

NOTIFICATION PROCEDURES

Notification & Activation Team

RECOVERY TEAMS

Management Team
Administrative Team
Alternate Site Team
Offsite Storage Team

CONTACT LISTS

Employee Contact Information
Department Notifications
Vendor Notification
Other Emergency Contact Numbers

ALTERNATE LOCATIONS 

Assembly Site
Command Center
Recovery Site Information

OFFSITE STORAGE LOCATION

Offsite Storage Information

PLAN CERTIFICATION

Plan Certification

APPENDIX ITEMS 

I.  Application Technical Recovery
II. Systems Technical Recovery
III. Network Technical Recovery
IV. Telecommunications Technical Recovery
V. Database Technical Recovery
Appendix A – Employee Notification Procedures
Appendix B – Notification Log
Appendix C – Event / Disaster Information
Appendix D – Record Log
Appendix E – Alternate Site Authorization Form
Appendix F – Recovery Status Report
Appendix G – Disaster Recovery Report
Appendix H – Travel Accommodations Request Form
Appendix I – Employee Tracking Form
Appendix J – Assessing Potential Business Impact

 

To view a specific section of this document, please contact us at Bob@training-hipaa.net or call us at (515) 865-4591.