This policy is listed for reference only and should be reviewed with your lawyer before implementing them into daily practice. We are not lawyers and are not providing any legal advice. View our legal disclaimer.

Security Management Process: Emergency Preparedness

Reference: §164.308 (a)(1)(ii)(A)
Last Updated: July 5, 2023


The purpose of the Emergency Preparedness Policy is:

  • To determine which locations are vulnerable to hazards and in what ways;
  • To identify which hazards may operations, and how;
  • To determine which operational aspects should be modified to decrease vulnerability; and,
  • To identify which hazards should be considered for emergency prevention and preparedness.


Procedure: In order to assess and prioritize tasks regarding this policy we will:

  • Perform a basic assessment regarding potential natural threats;
  • Develop a series of policies and procedures that shall cover:
    • Response and recovery strategies to be implemented during and after emergencies;
    • Responsibility for these strategies;
    • The management structure required for an emergency; and,
    • The resource and information management requirements.
  • Develop and implement training program. Training program shall cover potential emergencies, delegation of authority and basic tasks to accomplish.
  • Maintain a written record of the assessment for 6 years.
  • Submit the risk assessment findings and the risk management plan to the appropriate parties within 30 days of concluding their assessment.
  • Repeat basic assessment yearly and update/review policies based on findings at least once a year or more frequently if needed.
Simplify Your Compliance with
Software and Guided Coaching
Let your patients and clients know that you take HIPAA seriously with the HIPAA Seal of Compliance for your website, storefront, and marketing materials.

Get instant access to HIPAA Compliance News and Updates

You'll get your first checklist as soon as you sign up!

overlapping hands

Our Mission

To safeguard medical data by providing secure, reliable, and fully HIPAA-compliant hosting solutions, enabling healthcare professionals to focus on their primary mission of providing care.
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram