5 Must-Have Provisions in a Data Recovery Contract
When computers or other equipment used to store health data suffer flood, fire, or storm damage, an electronic data restoration company can often save the day. But to ensure they do so in a way that's compliant with privacy laws, the American Health Information Management Association says contracts should ensure the company:
- Does not use or disclose information and uses safeguards to prevent use or disclosure of the information.
- Reports any inappropriate use or disclosure of the information of which it becomes aware.
- Ensures that subcontractors or agents with access to the information agree to the same terms.
- Indemnifies the healthcare facility from loss due to unauthorized disclosure.
- Returns the information at the termination of the contract or provision of a certificate of its destruction and assurance that the contractor retains no copies.
The contract should also detail what methods will be used to recover the data and how long it will take to return the information and/or equipment. And don't forget a termination clause that goes into effect if the business partner violates any material term of the contract.
Read more about health information disaster planning on AHIMA's web site.
- Patient Harm Data to Remain on Medicare's Hospital Compare Site
- CMS Seeks to 'Rapidly Reduce' Medicare Spending with $1B in Grants
- Hard-Nosed About Physician Teamwork
- Quiet ORs Better for Patient Safety
- Building a Better Healthcare Board
- Case Study: Advance Care Conversations
- Tavenner Confirmed as CMS Administrator
- CMS Releases Hospital Pricing Data
- Access to EHR Notes Lauded by Patients, Providers
- Leapfrog Hospital Safety Scores 'Depressing'