The javascript used on this site for creative design effects is not supported by your browser. Please note that this will not affect access to the content on this web site.
Skip Navigation
H H S Department of Health and Human Services
U.S. Department of Health and Human Services
Health Information Technology

A-Z Index  |  Questions? 

  • Print this
  • Email this
Ensure Privacy & Security

Develop Disaster Recovery Plan

The HIPAA Security Rule contains specific protections that all providers must employ to protect the people, information, technology, and facilities used to deliver care. Action plans should be based on risks identified in your risk analysis and typically include:  

  • Administrative, physical, and technical safeguards
  • Policies and procedures
  • Organizational standards

Security is not a one-time project, but rather an ongoing challenge to tackle as your organization and technologies change.


View these resources in the HIPAA Security Series  to develop a sound plan: