I’ve been seriously looking at a way to manage the HIPAA documentation for my clinic. I think that a wiki is going to be the way to go. I wonder if anyone else has thought of this idea.

It seems like the logical method. It would definitely have to be secured and password protected. However, the ability to have it accessible by the entire clinic and to be editable by anyone is great. Plus, it is great because you can dynamically add new pages on the fly. In fact, I plan on using it for all of our documented policies and procedures.

I found a really good article detailing the various wikis. I think that I’m going to try out the one that powers Wikipedia, Media Wiki. Anyone else have thoughts on how to do this?

About the author

John Lynn

John Lynn

John Lynn is the Founder of the HealthcareScene.com, a network of leading Healthcare IT resources. The flagship blog, Healthcare IT Today, contains over 13,000 articles with over half of the articles written by John. These EMR and Healthcare IT related articles have been viewed over 20 million times.

John manages Healthcare IT Central, the leading career Health IT job board. He also organizes the first of its kind conference and community focused on healthcare marketing, Healthcare and IT Marketing Conference, and a healthcare IT conference, EXPO.health, focused on practical healthcare IT innovation. John is an advisor to multiple healthcare IT companies. John is highly involved in social media, and in addition to his blogs can be found on Twitter: @techguy.


  • Have a look at this article.

    Data Backup Plan
    The data backup plan is a required implementation specification defined within the Contingency Plan standard in the Administrative Safeguards section of the HIPAA Security Rule.
    The objective of the data backup plan is to establish and implement procedures to create and maintain retrievable exact copies of electronic protected health information. The data backup plan is a documented and routinely updated plan to create and maintain, for a specific period of time, retrievable exact copies of information. Successful data backup and restores are sometimes dependent on business processes and “batch” activities.
    Disaster Recovery Plan
    The disaster recovery plan is a required implementation specification defined within the Contingency Plan standard in the Administrative Safeguards section of the HIPAA Security Rule.
    The objective of a disaster recovery plan is to establish (and implement as needed) procedures to restore any loss of data. A disaster recovery plan is the part of an overall contingency plan that contains a process enabling an enterprise to restore any loss of data in the event of fire, vandalism, natural disaster, or system failure.
    The disaster recovery plan applies to major, usually catastrophic, events that deny access to the normal facility for an extended period. A disaster recovery plan refers to an IT focused plan designed to restore operability of the target system, application, or computer facility at an alternate site after an emergency.
    The disaster recovery plan defines the resources, actions, and data required to reinstate critical business processes that have been damaged because of a disaster. An inventory of all critical data and vital systems must be created as well as documentation of detailed procedures to facilitate the recovery of capabilities at an alternate site.

    Source: http://training-hipaa.net/compliance/Security_Contingency_Planning.htm

  • I’m perplexed at Kathy being a target when on the list of top people to go after, I doubt she’d be in the first 50 pages (not discrediting her work, she’s brilliant, and gentle, but not the first I’d think would have to deal with this

Click here to post a comment