Several weeks ago, I blogged that I hoped Moore Medical Center in Oklahoma had its patient records backed up off-site. I was happy to read this week that they did. Clearly, patient care and availability of records is critical.
But I wouldn’t go as far as Jeff Drummond did and declare that they “didn’t lose their medical records,” because a facility can have full backups of records off site and still be dealing with a HIPAA breach if paper records with PHI have blown away and are in the wild. And that’s a concern that covered entities still need to consider and try to prevent as much as possible. So how do hospitals in areas likely to be hit by tornadoes or hurricanes try to protect paper records or reduce the likelihood of a privacy breach? Has anyone seen a real plan, or is the plan generally to just switch over everything to electronic records with daily backups, as much as possible?