Healthcare – HIPAA Security for IIoT Power & Environmental Systems
The HIPAA security compliance standards require Full Implementation of Protection Measures for your IIoT systems including your backup power and environmental systems.
Backup Power is a necessity to allow the protection of and access to critical medical records in the event of a power back out or other power event. This requirement is described in HIPAA Security “Section 164.308(a)(7)(ii)(C) Establish (and implement as needed) procedures to enable continuation of critical business processes for protection of the security of electronic protected health information while operating in emergency mode. When a covered entity is operating in emergency mode due to a technical failure or power outage, security processes to protect EPHI must be maintained.”
Medical records must be protected from more than just cyber or physical threats. HIPAA Security standards require that they must also be protected from destruction in the event of a natural or environmental event. This is specifically provided for in HIPAA Section 164.304 “Physical safeguards are physical measures, policies, and procedures to protect a covered entity’s electronic information systems and related buildings and equipment, from natural and environmental hazards…”