Filopto Help Manual

Zoom Window Out
Larger Text | Smaller Text
Hide Page Header
Show Expanding Text
Printable Version
Save Permalink URL

Navigation: Quick Start Guide > Managing My Practice

Business Disaster Planning

Disaster

Business Disaster Planning

Most businesses will never experience a disaster like a fire, a flood, a tornado or a computer malfunction. However, we have all heard of somebody which has experienced first hand a disaster. The only cure to a disaster is a good "DISASTER PLAN" and taking the steps to be able to survive a disaster. Many books and experts are available to help organizations plan properly and survive a disaster. Take the time to prepare and implement your own disaster preparedness plan for your business.

Filopto is extremely resilient and if you do everyday some basic procedures such as an off-site backups you will be able to survive a disaster to your business. Without the Filopto data there is very little that can be done to put you back in business quickly. Therefore we strongly urge you to treat your Filopto data just like any other important document of your business and that you routinely back up the critical Filopto files and safeguard them off site with your other important documents.

Please carefully read and implement a sound backup policy for your business and test it regularly to insure that it is still working.

IMPORTANT:

The US HIPAA Regulations as well as certain Canadian PHI Acts require Physicians to have a documented Computer Infrastructure and recovery plan, which is followed by the organization and regularly reviewed per the HIPAA or PHI Act regulations, and it must be available for review during an audit.

HIPAA Penalties (All penalties are current as of December 2009)

Individuals who do not adhere to HIPAA policies and procedures can be fined regardless of whether or not they knowingly violated the act. The minimum penalty for a HIPAA violation where the individual did not know he violated HIPAA is $100 per violation. The annual maximum for the minimum penalty amount is $25,000 for repeat violations. Individuals who violate HIPAA can be fined up to $50,000 per violation with an annual maximum of $1.5 million if the violation was severe, regardless of how or why the violation occurred. The Secretary of the Department of Health and Human Services is not permitted to impose civil penalties on individuals who violate HIPAA but correct the violation within 30 days, unless the violation occurred due to willful neglect.

Some HIPAA violations occur due to a reasonable cause. If the individual is not found to have been willfully neglectful, but the violation occurred knowingly, the minimum civil penalty is $1,000 per violation with an annual maximum of $100,000 for additional violations. An example of a violation due to a reasonable cause would be a medical professional accessing a patient's medical information without the patient's consent to release that information.

Corrected HIPAA violations that occur due to willful neglect will cost medical personnel a minimum of $10,000 per violation. The annual maximum for such offenses is $250,000. The maximum penalties of up to $50,000 per violation with an annual maximum of $1.5 million still apply. Examples of violations due to willful neglect are breaches in medical records due to a medical facility having an unsecured server room where electronic medical records are stored or employees having passwords written in plain sight.

Individuals who knowingly disclose health information and patient records may be charged criminally and imprisoned for up to one year with a fine of up to $50,000. If the violation was committed under false pretenses, individuals can face up to five years in prison and a fine of up to $100,000. If a HIPAA offense is committed with the intent to sell or use the patient's health information maliciously or for personal or financial gain, the individual can face 10 years' imprisonment and fines of up to $250,000.