XYZ is a fictitious healthcare company founded in 2002, headquartered in New York City, NY. XYZ has 10,000 providers in their network serving around 15 million people across 26 states in the U.S. It is crucial and critical to maintain the system availability across the network, so that customers/patients would get necessary services on time.
Data is important for running a business, and it is vulnerable to many threats that can lead to data leaks and data loss. These include physical device damage, human threats, technical threats and natural disasters. We need to protect against many of these, but any exposure could put data in jeopardy, making it important that you have a plan to help you overcome any disasters or data losses.
Disaster can affect your business in many ways from accessing the information and systems blocking to operate like regional power outages, cyber-attacks, employee mistakes and hardware failure. Every company has IT risks that can destroy your business. To prevent such risks and failures we need a Disaster Recovery Plan.
This outline describes the plans purpose, objectives, assumptions and strategies on which the plan is based. Purpose of the plan is to recover our organization critical IT applications and workflows reducing the risk of disruption of operations or loss of information following a significance disruption or disaster. Restore organizations IT environment to minimize or mitigate disruptions to business functions. Identify essential support personnel, facilities, equipment, and hardware, Documents enough detailed recovery tasks, facilitate decision-making for exhibition of the plan subsequent conduct of operations, Comply with regulatory directives.
This plan addresses the recovery of critical IT applications and workflows needed by organization to maintain business, including applications like Data Fabric Manager, Exchange
Payment Portal Organization Website and Online Quoting.
The Technical Recovery Plan assumes hardware to support these IT applications and workflows are operations and available, data and voice communications may be disrupted application data is backed up on a regular basis and is available and current, knowledgeable staff is available and can report to the alternate site(s) to perform required tasks documented in the plan key personnel may be unavailable for extended periods, key stakeholders have access to a current copy of this plan an adequate supply of critical forms, equipment, supplies and vital records that are identified in this plan or stored off-site (hard copy or electronic copy), either at an alternate facility or off-site storage as noted above or are available from other sources, management has identified reasonable alternative recovery sites and facilities to be used in the event of a disaster, alternate site may be required if the production environment is in inoperable or at risk, the disaster will occur at the worst possible time successful recovery depends upon completing and maintaining an up-to-date plan ensuring assigned personnel are familiar with this plan and are prepared to execute the recovery tasks, performing comprehensive tests of the plan modifying based on test results, performing adequate cross-training reduce a single point of failure on key personnel, ensuring availability of vital records and adequate backup materials.
New York has a history of natural disaster like hurricanes and security breaches. As a Disaster Recovery Plan, data can be stored in off-site data centers. Outside of locally managed equipment, all disaster recovery hardware is located at our company data center facility, disaster recovery testing must be done annually in a specific month and must be completed no later than that month end. Any organization will have the sensitive information i.e. patient information and any reports related the organization. When any security breach occurs through outside sources the security team will maintain a group of people that take care of the situation and disaster team will maintain the proper plan, security guidelines, business overview and give proper overview to the team.
2
ramyalingala
DRP_Organization_Outline.docx
0
