Disaster Recovery Journal

A few weeks ago we had a blog post about the business continuity plan (BCP) and what this really means for your organization. By thinking about the definition of the term and inherent actions within it, you can better understand what BCP really means for you and the longevity of your organization.

In this week's blog post, we'll take a deeper look at the disaster recovery plan (DRP). Of course, don't forget to visit the DRJ Glossary to get a very solid grounding in the basic terms and terminology associated with BCP and DRP.

By Sameer Sule

I am sure that you have heard words like contingency planning and disaster recovery planning. Basically they refer to your preparedness in dealing with unforeseen disasters, whether they are natural disasters or common work place disruptions like power failure, computer/server crashes, internet outage etc. You probably also know all the business reasons, as well as the federal privacy and security requirements that make having a  Contingency Plan a prudent investment. 
As a healthcare provider, your primary goal is providing the highest quality of care for your patients. So, how does a contingency plan benefit your patients? If I was your patient, would knowing the fact that you have a backup and disaster recovery (BDR) solution in place, change my perception of you as a good healthcare provider? Absolutely! It would definitely improve my perception about you and your practice. 
First, I would feel secure in the knowledge that my medical/dental records are safely backed up and available in the case of an emergency. I would be confident that my data wouldn’t be lost even if there is a disaster at my healthcare providers’ office. Just imagine how upset parents would be when they find out that their child’s healthcare provider just lost all their child’s records in a disaster. Imagine not having a copy of their young child’s records at home and not being able to get access to them. Imagine the hassle they may have to go through to prove that their child received the vaccines, for entrance into a school. It would be devastating and would certainly keep me from wanting to return to that medical practice in the future. This could have social, financial, and legal implications for the provider. There are huge losses at stake when care is not taken to ensure protected health information is stored and secure. 
Providing quality care doesn’t just mean being the best doctor or dentist or therapist, it also means exercising the same care and effort in ensuring that patient data is secure, is regularly backed up and can be easily restored without errors after a disaster. Implementing a contingency plan or a BDR solution is well worth the investment and will go a long way in providing continuity of patient care at all times.  It will give you the peace of mind knowing that you can continue your regular workflow even after an unforeseen disruption. More importantly it will increase your patients confidence in your practice and will reinforce their belief that you care about them. The last thing I would want to deal with when I need medical care is finding out that my health records are not available. Having a contingency plan in place is another step towards providing the highest quality of patient care. It is a win-win scenario for both you and your patients.

They are both essential elements of business continuity, and they sound quite similar. But their purpose is quite different.

What is RTO?

I've been in this business for a tad more than 15 years.

I'm pretty good at what I do and I think, when I consider threats to an organization, I identify most most of them.

But sometimes things either get "missed" or given less attention than they deserve.

Continues at http://johnglennmbci.blogspot.com/2012/01/erm-bc-coop-value-of-sharing.html

Since you’re a visitor to the DRJ blog and website, it is generally understood that you’re here to learn more about the business continuity plan (BCP) and disaster recovery plan (DRP). The easiest way to get the basics on these two critical aspects to the longevity of any company or organization is to read the DRJ Glossary.

The DRJ Glossary provides a solid grounding on the key terms associated with BCP and DRP. For the purposes of this blog post, it is useful to include the definitions of each here:

By Sameer Sule

I have always emphasized the need for all businesses to make disaster recovery(DR) a priority and to have a written disaster recovery plan. Even though most business owners are aware of the need for disaster recovery planning, limitations of time, money and resources can put the actual DR implementation on the back burner. Small businesses may feel that they do not have the expertise in house to work on DR planning. They may also feel that the cost of Backup and Disaster Recovery (BDR) solutions is prohibitively expensive and is something that only larger businesses can afford. This is not the case anymore.  BDR technology has come a long way in recent years. The advent of cloud computing has not only enabled faster and accurate recovery of applications and data, but has also made it affordable for small business to deploy a BDR solution.   

Crisis Communications. Hmm, a pretty heavy term. This phrase makes me think of managing messaging, open communication lines, and being ready for the unexpected. What is interesting is that there are two types of crisis communications:

• the kind used by public relations agencies to protect the image of a famous/well-known person or organization.
• the kind of communications used when a disaster or threat becomes a reality.

At first glance it would appear that these two types of crisis communications are quite far apart. But actually, the techniques and methods used to protect and manage a public image are very similar to those practices used by a company that is experiencing a flood or service outage.

In an article headed "TEPCO shareholders to sue utility's directors for 5.5 tril. yen",  42 shareholders of Tokyo Electric Power Co. may sue the directors on their own for 5.5 trillion yen.

The stockholders contend that TEPCO calculated in 2008 that a tsunami of 15.7 meters could hit the nuclear power plant if a magnitude-8.3 quake occurred off Fukushima Prefecture, the board members failed to take countermeasures such as raising the height of tsunami barriers protecting the plant.

The tsunami that damaged the Fukushima was the result of a 9.0 earthquake.

The stockholders said that if they prevail, they will use the funds to compensate victims of the crisis.

While the stockholders' action may have to play out in court - did the board have any reason to suspect a stronger earthquake possible in the region? - the lesson for risk management practitioners is simple:
Article continues at http://johnglennmbci.blogspot.com/2012/01/erm-bc-coop

It’s that time of year again.

A new year, with new challenges to be met. So it’s the time of year when many organisations decide to reorganise or restructure the business, in order to meet those new challenges. Which is all well and good, but it could mean that the business continuity strategies, solutions and plans you had in place last year might not now fit the bill.

An out of date business continuity plan is, at best, of little use. And, at worst, it may even be dangerous if it gives a false sense of security. In many ways, an out of date plan is worse than no plan at all.

So it’s also the time of year for taking stock and making some resolutions, to ensure that changes to the business are reflected in the business continuity plans. As part of this, why not resolve to…

* Review previous business impact or risk assessment data (or, if you’ve never actually done a business impact analysis or risk assessment, to do one now)

* Carry out a plan health check or audit

* Do some training and awareness

* Conduct some exercises and tests

A new year brings new challenges and new opportunities. Why not take this opportunity to ensure that your business continuity plans are up to scratch?

Happy New Year.

.
My email just delivered notifications that a version of the avian influenza - bird flu - is making the rounds.

In separate emails , I read that

*  A Chinese bus driver who tested positive for the H5N1 bird flu virus died Saturday in a city bordering Hong Kong, health officials said, in the country's first reported case of the disease in humans in 18 months.

*  The Ministry of Health and Population of Egypt has notified WHO of a case of human infection with avian influenza A (H5N1) virus.‪ The case is a 29-year-old male from Dakahlia Governorate. He developed symptoms on 8 December 2011 and was admitted to hospital on 15 December 2011, where he received oseltamivir treatment. He was in critical condition and died on 19 December 2011.
It's time to dust off those Pandemic Plans so carefully crafted in 2008 and start the update process.

If the organization really is risk conscious, it won't have a Pandemic Plan.

Blasphemy? Heresy?

Not really.

Continues at http://johnglennmbci.blogspot.com/2012/01/erm-bc-coop-dust-off-pandemic-plans.html