Flooding: Are You Prepared?
Here in Texas, the Gulf Coast is about to take a direct hit from a hurricane that is expected to dump up to 30 inches of rain in some locations and up to 10 inches across large areas. That kind of rain will definitely cause serious flooding. It's a little late for the Texas coastal bend area and the large inland areas that will be hit the hardest to take planning steps for disaster recovery. They're in emergency evacuation mode already, protecting life and reducing property damage. What we can learn from these tremendous forces of nature is that disaster recovery needs to be part of all businesses' Standard Operating Procedures - including our own. What does this mean?
- Make sure the backups of your critical data are current - and can be restored.
- Make sure your important equipment - servers, workstations, laptops, medical equipment, etc. needed to perform regular work - is protected or stored above flood level.
- Have a plan for communicating with co-workers and employees, including a list of phone numbers or a text group set up on your phone in advance.
- Have a plan and the phone numbers for communicating with authorities - e.g. 911, police, fire department, EMS.
- Have a plan outlining how to recover the core equipment and personnel necessary to bring your business and services back online.
The preferred approach is to create a Disaster Recovery (DR) plan. These can easily be 50 page documents, so it will take a lot of time and knowledge to create the plan. I would not suggest buying a template - these are typically instructions for creating a plan, not an actual plan.
To help you get started, here's an outline from our own Disaster Recovery Plan.
We include a DR plan with our HIPAA compliance package. It's required by the Federal government, so we help our clients by providing a ready to use DR plan. You still have to fill in your business' specific information, but it will reduce your initial creation time by about 70%.
Join our free monthly newsletter to stay up-to-date on HIPAA and cybersecurity.