Scott Williams

contingency.jpg

Contingency is the ability to avoid a future event, incident, or circumstance that cannot be predicted without certainty.

Contingency is usually estimated as a percentage, an example may be a capital project that has a 15% contingency for unforeseen expenses.  Understanding how to handle such incidents through risk analysis and incident planning is key to successfully ensuring a project’s success. It can also be translated to information systems remaining online in the midst of critical operations. Applying a risk percentage to a critical information system is next to impossible due to potential lives at stake.

The term Contingency Planning in the medical field ties to such critical processes and is a requirement of HIPAA compliance and it is not based on any hard and fast numbers. It is a component that directly ties to complex continuity planning including business continuity (BC) and disaster recovery (DR) metrics that are difficult to assess independently.

Contingency Planning is a composite process that deals with understanding how to maintain systems by keeping them online in the midst of any event. This keeps systems from delivering information to users that need to get data for key decisions, such as a surgeon performing a critical procedural operation. This information needs to be readily available and is not generally tied to operations in regard to backup and recovery. Frankly a backup system should be the last component of a contingency plan. The forefront of such a plan should consist of a platform that can perform a recovery time and recovery point objective within minutes or even seconds. This includes capabilities with inherent preventive security measures that track and audit information that includes electronic protected health information or ePHI. Contingency planning includes the integrity of such critical data.

Working with a cyber-secure cloud provider offers a transparent, multi-layer solution to securing sensitive information. A cloud provider can ensure HIPAA compliance for ePHI and additionally, provide measures for a solid contingency plan for any vertical, including Payment Card Processors via PCI DSS and financial institutions. 

Ensuring application and transactional continuity is an essential and integral asset to a company’s disaster recovery plan, making it worthwhile to partner with a strong cloud service provider. A cyber-secure HIPAA compliant cloud provider will leverage systems that can get you online within minutes in multiple bi-coastal locations, including on-premise-to-cloud and cloud-to-cloud solutions with applications maintained and synced. This includes added assurance on multiple levels to include backup and recovery and rollback up to 14 days, within minutes in the event that systems were compromised and data integrity was lost at a prior date.

With Ransomware and data breaches climbing in the healthcare industry, it is crucial to maintain a partner that understands contingency planning, and is capable of navigating the complexity of keeping systems online in local and remote regions, with data integrity at the forefront.

Let WHOA.com help you with your contingency planning the right way.

Threats to Cloud Cyber Security