Nucon2013 hipaa data compliance

  • 320 views
Uploaded on

 

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
320
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
4
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. GILLWARE DATA RECOVERY AND ONLINE BACKUP HIPAA Requirements http://gillware.com 2013
  • 2. HIPAA REQUIREMENTS Introduction DO YOU REALLY KNOW… http://gillware.com
  • 3. HIPAA REQUIREMENTS Introduction DO YOU REALLY KNOW… WHAT YOU THINK YOU KNOW … http://gillware.com
  • 4. HIPAA REQUIREMENTS Introduction DO YOU REALLY KNOW… WHAT YOU THINK YOU KNOW … ABOUT HIPAA DATA COMPLIANCE http://gillware.com
  • 5. HIPAA REQUIREMENTS HIPAA Data Compliance - What you need to know Here is what you need to know about HIPAA‟s Backup Requirements http://gillware.com
  • 6. HIPAA REQUIREMENTS Rules Who Needs to Comply with HIPAA? 1) Covered Entities (organization that directly handles PHI or personal health records), such as health care providers, health plans, and health care clearinghouses. 2) Business Associates (a person or organization that creates, receives, maintains, or transmits PHI on behalf of a covered entity) 3) Subcontractors of Business Associates (any person or organization to whom a business associate delegates a function, activity, or service to) http://gillware.com
  • 7. HIPAA REQUIREMENTS Rules HHS has referred to this Final Rule that implements a number of provisions of the HITECH ACT as the “most sweeping changes to the HIPAA privacy and security rules since they were first implemented.” These mandatory regulations all require extensive changes to the way that covered entity's conduct business http://gillware.com
  • 8. HIPAA REQUIREMENTS Rules The HIPAA Final Rule took effect on March 23, 2013 and full compliance was expected by September 23, 2013. http://gillware.com
  • 9. HIPAA REQUIREMENTS Rules Two rules protect the privacy and security of individuals' personal health information (PHI) http://gillware.com
  • 10. HIPAA REQUIREMENTS Rules These are called the Privacy Rule and the Security Rule http://gillware.com
  • 11. HIPAA REQUIREMENTS Rules // The Privacy Rule The Privacy Rule regulates personal health information (PHI) It is located in Subpart E of the HIPAA Administrative Simplification http://www.hhs.gov/ocr/privacy/hipaa/administrative/combin ed/hipaa-simplification-201303.pdf http://gillware.com
  • 12. HIPAA REQUIREMENTS Rules // The Security Rule The Security Rule describes best practices organizations must adopt to protect the confidentiality, integrity and availability of electronic protected health information (ePHI) http://gillware.com
  • 13. HIPAA REQUIREMENTS Rules // The Security Rule ePHI is any PHI that is created, received, maintained, or transmitted electronically, such as through the internet or on CD, magnetic tape, etc. http://gillware.com
  • 14. HIPAA REQUIREMENTS Rules // The Security Rule The Security Rule is based on the fundamental concepts of flexibility, scalability and technology neutrality http://gillware.com
  • 15. HIPAA REQUIREMENTS Rules // The Security Rule No specific requirements for types of technology to implement are identified http://gillware.com
  • 16. HIPAA REQUIREMENTS Rules // The Security Rule The Security Rule is clear that reasonable and appropriate security measures must be implemented http://gillware.com
  • 17. HIPAA REQUIREMENTS Rules // The Security Rule But those determinations are established by each covered entity http://gillware.com
  • 18. HIPAA REQUIREMENTS Rules // The Security Rule The Security Rule contains three types of standards: administrative, physical and technical safeguards They can be located at: http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/adminsafeguards.pdf http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/physsafeguards.pdf http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/techsafeguards.pdf http://gillware.com
  • 19. HIPAA REQUIREMENTS Rules // The Security Rule Administrative Safeguards Administrative safeguards include but are not limited to: conducting a formal risk assessment, implementing employee sanctions for violating security policies, regularly auditing information system logs, assigning a security officer, controlling access to ePHI, conducting security training, establishing a password policy, and establishing a Disaster Recovery and Business Continuity Plan http://gillware.com
  • 20. HIPAA REQUIREMENTS The Security Rule // Administrative Safeguards Audit Controls Most information systems provide some level of audit controls with a reporting method, such as audit reports http://gillware.com
  • 21. HIPAA REQUIREMENTS The Security Rule // Administrative Safeguards The Security Rule does not identify ePHI that must be gathered by the audit controls or how often the audit reports should be reviewed http://gillware.com
  • 22. HIPAA REQUIREMENTS The Security Rule // Administrative Safeguards A covered entity must consider its risk analysis and organizational factors, such as current technical infrastructure and hardware and software security capabilities, to determine reasonable and appropriate audit controls http://gillware.com
  • 23. HIPAA REQUIREMENTS The Security Rule // Administrative Safeguards Covered entities must determine what audit controls are reasonable and appropriate to implement to record and examine systems containing ePHI http://gillware.com
  • 24. HIPAA REQUIREMENTS The Security Rule Physical Safeguards Physical safeguards are physical measures, policies, and procedures to protect a covered entity‟s electronic information systems and related buildings and equipment from natural and environmental hazards, and unauthorized intrusion http://gillware.com
  • 25. HIPAA REQUIREMENTS The Security Rule // Physical Safeguards Physical safeguards include but are not limited to: retaining offsite computer backups, preventing unauthorized access to the facility and workstations, and properly disposing of hardware and electronic media containing ePHI. http://gillware.com
  • 26. HIPAA REQUIREMENTS The Security Rule Technical Safeguards Technical safeguards include but are not limited to: assigning a unique identifier to employees working with ePHI, implementing automatic log-off controls on systems accessing ePHI, encrypting ePHI, and ensuring the integrity of the ePHI. http://gillware.com
  • 27. HIPAA REQUIREMENTS The Security Rule // Technical Safeguards Encryption Most Organizations must encrypt their ePHI http://gillware.com
  • 28. HIPAA REQUIREMENTS The Security Rule // Technical Safeguards ePHI is encrypted by means of an algorithm (i.e., type of procedure or formula) http://gillware.com
  • 29. HIPAA REQUIREMENTS The Security Rule // Technical Safeguards There are many different encryption methods and technologies to protect ePHI from being accessed and viewed by unauthorized users http://gillware.com
  • 30. HIPAA REQUIREMENTS The Security Rule // Technical Safeguards Covered entities must determine what ePHI should be encrypted and decrypted to prevent access by persons or software programs that have not been granted access rights http://gillware.com
  • 31. HIPAA REQUIREMENTS The Security Rule // Technical Safeguards And they have to decide what encryption and decryption mechanisms are reasonable and appropriate to implement http://gillware.com
  • 32. HIPAA REQUIREMENTS The Security Rule // Technical Safeguards The purpose of this standard is to establish and implement policies and procedures to prevent ePHI from being compromised, regardless of the source http://gillware.com
  • 33. HIPAA REQUIREMENTS The Security Rule // Technical Safeguards Integrity In order to determine which electronic mechanisms to implement, a covered entity must consider the various risks to the integrity of the ePHI http://gillware.com
  • 34. HIPAA REQUIREMENTS The Security Rule // Technical Safeguards Once risks are identified to the integrity of the ePHI, the covered entity must identify security measures to mitigate those risks http://gillware.com
  • 35. HIPAA REQUIREMENTS The Security Rule // Technical Safeguards Information systems must determine which automatic checks for ePHI integrity, such as check sum verification or digital signatures, will be used http://gillware.com
  • 36. HIPAA REQUIREMENTS The Security Rule // Technical Safeguards Covered entities must also consider what electronic mechanisms to protect the integrity of their data will be used http://gillware.com
  • 37. HIPAA REQUIREMENTS The Security Rule // Technical Safeguards Transmission Covered entities must guard against unauthorized access to ePHI that is being transmitted over an electronic communications network http://gillware.com
  • 38. HIPAA REQUIREMENTS The Security Rule // Technical Safeguards In order to determine the technical security measures to implement to comply with this standard, organization must review the current methods use to transmit ePHI http://gillware.com
  • 39. HIPAA REQUIREMENTS The Security Rule // Technical Safeguards Once the methods of transmission are reviewed, identify the available and appropriate means to protect ePHI as it is transmitted, select appropriate solutions, and document its decisions http://gillware.com
  • 40. HIPAA REQUIREMENTS The Security Rule // Technical Safeguards Clearly, the impact of HIPAA can be felt by nearly every aspect of IT operations, including messaging, storage, virtualization and even networking, so long as electronic PHI (ePHI) records are stored within or transferred over them http://gillware.com
  • 41. HIPAA REQUIREMENTS Business Associate Agreement (BAA) Covered entities must not only ensure that they are following these rules, but must also maintain that business associates meet these stringent requirements. Covered entities must have business associates sign a Business Associate Agreement (BAA). http://gillware.com
  • 42. HIPAA REQUIREMENTS Business Associate Agreement (BAA) Business Associate Contracts ensure business associates will implement the HIPAA safeguards to protect ePHI they receive or maintain on behalf of the covered entity http://gillware.com
  • 43. HIPAA REQUIREMENTS Business Associate Agreement (BAA) These agreements require business associates to report all security incidents and allow contract termination if any violations occur http://gillware.com
  • 44. HIPAA REQUIREMENTS Business Associate Agreement (BAA) Contractors and vendors of the business associate must also sign a BAA created by the business associate if there is any potential of the contractor/vendor accessing ePHI http://gillware.com
  • 45. HIPAA REQUIREMENTS Penalties and Fines Penalties for noncompliance The consequences for noncompliance with HIPAA regulations can be substantial http://gillware.com
  • 46. HIPAA REQUIREMENTS Penalties and Fines The criminal penalties for violating the HIPAA privacy standards can be found in 42 USC 1320d-6 (HIPAA Sec. 1177) The civil penalties could result in up to $1.5 million per violation http://gillware.com
  • 47. HIPAA REQUIREMENTS Data Loss Protecting Against ePHI Data Loss It is important to protect critical data and allow it to be restored quickly in the event of any data loss, whether small or large http://gillware.com
  • 48. HIPAA REQUIREMENTS Data Loss Causes Data loss can result from the following • Hard disk subsystem failure • Power failure (resulting in corrupted data) • Systems software failure • Accidental or malicious deletion or modification of data • Natural disasters • Theft or sabotage http://gillware.com
  • 49. HIPAA REQUIREMENTS Covered Entity Responsibility A covered entity must be able to recover quickly from any outage or disaster http://gillware.com
  • 50. HIPAA REQUIREMENTS Selecting a Backup Partner When selecting a backup partner, covered entities should consider all types of failures http://gillware.com
  • 51. HIPAA REQUIREMENTS Selecting a Backup Partner Consider the following questions http://gillware.com
  • 52. HIPAA REQUIREMENTS Selecting a Backup Partner What are possible failure scenarios http://gillware.com
  • 53. HIPAA REQUIREMENTS Selecting a Backup Partner What is the critical data and where is it located http://gillware.com
  • 54. HIPAA REQUIREMENTS Selecting a Backup Partner How often are backups required http://gillware.com
  • 55. HIPAA REQUIREMENTS Selecting a Backup Partner When should full backups be done, as opposed to incremental or differential backups http://gillware.com
  • 56. HIPAA REQUIREMENTS Selecting a Backup Partner What backup media will be used http://gillware.com
  • 57. HIPAA REQUIREMENTS Selecting a Backup Partner Will backups be performed online or offline http://gillware.com
  • 58. HIPAA REQUIREMENTS Selecting a Backup Partner Will backups be started manually, or automatically according to a schedule http://gillware.com
  • 59. HIPAA REQUIREMENTS Selecting a Backup Partner What will be used to test for valid backups http://gillware.com
  • 60. HIPAA REQUIREMENTS Selecting a Backup Partner Determine how to anticipate and avoid disasters, decide which parts of the environment should be backed up and how often http://gillware.com
  • 61. HIPAA REQUIREMENTS Selecting a Backup Partner Choose the appropriate type of backup http://gillware.com
  • 62. HIPAA REQUIREMENTS Backup Types There are three main types of backup • Normal • Incremental • Differential http://gillware.com
  • 63. HIPAA REQUIREMENTS Backup Types // Normal A normal (or full) backup copies all selected files and marks each file as having been backed up (in other words, the archive attribute is cleared) With normal backups, only the most recent copy of the backup file or tape is needed to restore all of the files http://gillware.com
  • 64. HIPAA REQUIREMENTS Backup Types // Incremental An incremental backup backs up only those files that have been created or changed since the last normal or incremental backup It marks files as having been backed up (in other words, the archive attribute is cleared) http://gillware.com
  • 65. HIPAA REQUIREMENTS Backup Types // Normal and Incremental If a combination of normal and incremental backups is used, the last normal backup set and all incremental backup sets are needed to restore all ePHI http://gillware.com
  • 66. HIPAA REQUIREMENTS Backup Types // Differential A differential backup copies only those files that have been created or changed since the last normal or incremental backup It does not mark files as having been backed up (in other words, the archive attribute is not cleared) http://gillware.com
  • 67. HIPAA REQUIREMENTS Backup Types // Normal and Differential If a combination of normal and differential backups is used, the files or tapes from both the last normal backup and the last differential backup are needed to restore all ePHI http://gillware.com
  • 68. HIPAA REQUIREMENTS Backup Storage Medium In addition to determining what type of backup to perform and when to perform it, covered entities should evaluate the types of storage media available, and select appropriately http://gillware.com
  • 69. HIPAA REQUIREMENTS Choosing a Backup Storage Medium When choosing a storage medium, consider the following factors • The amount of ePHI to be backed up • The backup window • The environment (Physical / Logical) • The distance between the systems being backed up and the storage device • Covered entity‟s budget http://gillware.com
  • 70. HIPAA REQUIREMENTS Backup Solution When developing a backup solution, covered entities should follow these recommendations http://gillware.com
  • 71. HIPAA REQUIREMENTS Backup Solution Recommendations Involve the correct personnel and use the appropriate resources when developing and testing backup and restore strategies http://gillware.com
  • 72. HIPAA REQUIREMENTS Backup Solution Recommendations Create a ePHI protection organization chart that includes responsibilities and contact information for each person http://gillware.com
  • 73. HIPAA REQUIREMENTS Backup Solution Recommendations Perform an initial full backup of every record that needs protection http://gillware.com
  • 74. HIPAA REQUIREMENTS Backup Solution Recommendations Back up system state for every server http://gillware.com
  • 75. HIPAA REQUIREMENTS Backup Solution Recommendations Perform trial restorations of ePHI periodically to verify that the files are being backed up correctly http://gillware.com
  • 76. HIPAA REQUIREMENTS Backup Solution Recommendations Ensure that the backup media, systems, and servers are physically and logically secured http://gillware.com
  • 77. HIPAA REQUIREMENTS Backup Solution Recommendations Develop and implement a disaster recovery test plan to ensure the integrity of the organization‟s backup ePHI http://gillware.com
  • 78. HIPAA REQUIREMENTS Backup Solution Recommendations Consider backing up only what is necessary, scheduling backups carefully, and choosing the appropriate type of backup to perform http://gillware.com
  • 79. HIPAA REQUIREMENTS Backup Solution Goals A backup strategy should focus on the following goals http://gillware.com
  • 80. HIPAA REQUIREMENTS Backup Solution Goals The ePHI to be restored should be easy to find http://gillware.com
  • 81. HIPAA REQUIREMENTS Backup Solution Goals The restoration should be as quick as possible http://gillware.com
  • 82. HIPAA REQUIREMENTS Backup Solution Goals The backup strategy and solution must be HIPAA compliant http://gillware.com
  • 83. HIPAA REQUIREMENTS Backup Solution Goals The HIPAA Contingency Plan standard requires a data backup plan http://gillware.com
  • 84. HIPAA REQUIREMENTS Backup Solution Goals Part of proving due diligence is Business Associates are responsible for ensuring ePHI is not destroyed or lost in the event of a disaster http://gillware.com
  • 85. HIPAA REQUIREMENTS Backup Solution Goals Offsite data backups are imperative and offsite disaster recovery is strongly recommended http://gillware.com
  • 86. HIPAA REQUIREMENTS Disaster Planning Protecting healthcare data, and ensuring its availability means putting procedures in place to mitigate disasters, and having a plan when disasters happen http://gillware.com
  • 87. HIPAA REQUIREMENTS Disaster Planning This infrastructure has 2 components • Disaster Prevention • Redundant Networking Infrastructure http://gillware.com
  • 88. HIPAA REQUIREMENTS Disaster Planning Minimize the probability of an outage in the data infrastructure, server hardware, software and network connectivity http://gillware.com
  • 89. HIPAA REQUIREMENTS Disaster Recovery Disaster Recovery Making sure applications and data can be recovered and restored in a reasonable timeframe to make patient data available if a disaster occurs http://gillware.com
  • 90. HIPAA REQUIREMENTS Enhanced Security Two Factor Authentication To protect against weak or stolen passwords, implement two factor authentication. This requires multiple forms of identification for a login such as a device and a username/password combination http://gillware.com
  • 91. HIPAA REQUIREMENTS SSL SSL Certificate (Web Apps) To secure PHI data in a web based application, a SSL (Secure Socket Layer) certificate is a must http://gillware.com
  • 92. HIPAA REQUIREMENTS SSL The SSL certificate is used by software that encrypts all data moving between two or more end points http://gillware.com
  • 93. HIPAA REQUIREMENTS FIM File Integrity Monitoring (FIM) File Integrity Monitoring refers to ensuring the integrity of the files on a server http://gillware.com
  • 94. HIPAA REQUIREMENTS FIM The basic technique is the comparison of the current file to the known, safe baseline http://gillware.com
  • 95. HIPAA REQUIREMENTS UTM Unified Threat Management (UTM) Unified Threat Management is specifically built to monitor all network traffic for the transmission of sensitive data and potentially block any network traffic that does not fit within the allowable configuration http://gillware.com
  • 96. HIPAA REQUIREMENTS Encryption Encryption When transmitting PHI, encrypted data should be sent over an encrypted connection for ultimate security http://gillware.com
  • 97. HIPAA REQUIREMENTS Data at rest Data at rest constitutes data stored on servers or backup systems while not in use http://gillware.com
  • 98. HIPAA REQUIREMENTS Data at rest This data needs to be encrypted in case of theft or unauthorized access http://gillware.com
  • 99. HIPAA REQUIREMENTS Disaster Prevention Disaster Prevention The Data Backup and Disaster Recovery Specifications are about ensuring availability and security of Protected Health Information (PHI) http://gillware.com
  • 100. HIPAA REQUIREMENTS Disaster Prevention // Exact Copy Backup Covered entities must securely back up retrievable exact copies of electronic protected health information http://gillware.com
  • 101. HIPAA REQUIREMENTS Disaster Prevention // Recoverable Data Data must be recoverable http://gillware.com
  • 102. HIPAA REQUIREMENTS Disaster Prevention // Offsite Data Data must be offsite as required by the HIPAA Security Final Rule http://gillware.com
  • 103. HIPAA REQUIREMENTS Disaster Prevention // Frequent Backup Covered entities must back up their data frequently http://gillware.com
  • 104. HIPAA REQUIREMENTS Disaster Prevention // Recovery Mode Safeguards Safeguards must continue in recovery mode http://gillware.com
  • 105. HIPAA REQUIREMENTS Disaster Prevention // Emergency Mode Requirements The same set of security requirements that applies under normal business operations must also apply during emergency mode http://gillware.com
  • 106. HIPAA REQUIREMENTS Disaster Prevention // Emergency Mode Requirements Data being transmitted must be encrypted http://gillware.com
  • 107. HIPAA REQUIREMENTS Data Backup and Recovery Plan Written procedures related to a data backup and recovery plan http://gillware.com
  • 108. HIPAA REQUIREMENTS Data Backup and Recovery Plan // Test and Revise Implement procedures for periodic testing and revision of contingency plans http://gillware.com
  • 109. HIPAA REQUIREMENTS Data Backup and Recovery Plan // Disasters Disasters can strike in many different ways • • • • • Natural Disasters Terrorist Attacks Computer Based Disasters Viruses, worms, or malicious code Critical equipment failure http://gillware.com
  • 110. HIPAA REQUIREMENTS Data Backup and Recovery Plan // Detailed Plans Having detailed plans and architectures in place to recover critical data from a disaster such as these is required http://gillware.com
  • 111. HIPAA REQUIREMENTS Data Backup and Recovery Plan // Prevent and Minimize As disasters range in type, size, and scope, it is critical to recognize key areas to prevent or minimize their impact http://gillware.com
  • 112. HIPAA REQUIREMENTS Data Backup and Recovery Plan // Disaster Recovery Design The first step to achieving a disaster recovery design is to effectively plan for what needs to be protected http://gillware.com
  • 113. HIPAA REQUIREMENTS Data Backup and Recovery Plan // Disaster Recovery Design Develop a plan to restore services and data as quickly as possible in event of a disaster http://gillware.com
  • 114. HIPAA REQUIREMENTS Data Backup and Recovery Plan // Disaster Recovery Design Identify the Critical Needs http://gillware.com
  • 115. HIPAA REQUIREMENTS Data Backup and Recovery Plan // Disaster Recovery Design Look at larger concepts first i.e., redundancy for power and equipment, backups of data, and potential alternative sites http://gillware.com
  • 116. HIPAA REQUIREMENTS Data Backup and Recovery Plan // Disaster Recovery Design Identify Redundancy and Failover Potential http://gillware.com
  • 117. HIPAA REQUIREMENTS Data Backup and Recovery Plan // Disaster Recovery Design The focus here is to maintain access to key systems and data due to power and/or equipment failure http://gillware.com
  • 118. HIPAA REQUIREMENTS Data Backup and Recovery Plan // Disaster Recovery Design Identify Backups and Backup Locations http://gillware.com
  • 119. HIPAA REQUIREMENTS Data Backup and Recovery Plan // Disaster Recovery Design Each covered entity will have data in varying amounts that need to be backed up http://gillware.com
  • 120. HIPAA REQUIREMENTS Data Backup and Recovery Plan // Disaster Recovery Design Test http://gillware.com
  • 121. HIPAA REQUIREMENTS Data Backup and Recovery Plan // Disaster Recovery Design Test again http://gillware.com
  • 122. HIPAA REQUIREMENTS Data Backup and Recovery Plan // Testing Disaster recovery plans should be tested for effectiveness http://gillware.com
  • 123. HIPAA REQUIREMENTS Data Backup and Recovery Plan // Detail Detail Detail is crucial to making sure that any disaster recovery plan is effective, can restore access to data, and allow an organization to continue to function http://gillware.com
  • 124. HIPAA REQUIREMENTS Data Backup and Recovery Plan Selecting a backup partner http://gillware.com
  • 125. HIPAA REQUIREMENTS Data Backup and Recovery Plan // Selecting a Backup Partner Does the system have its own backup to ensure data is secure http://gillware.com
  • 126. HIPAA REQUIREMENTS Data Backup and Recovery Plan // Selecting a Backup Partner Are their physical servers housed in a secure location In the US or elsewhere http://gillware.com
  • 127. HIPAA REQUIREMENTS Data Backup and Recovery Plan // Selecting a Backup Partner What backup speeds does the data backup partner offer http://gillware.com
  • 128. HIPAA REQUIREMENTS Data Backup and Recovery Plan // Selecting a Backup Partner Is the potential partner themselves HIPAA compliant http://gillware.com
  • 129. HIPAA REQUIREMENTS Data Backup and Recovery Plan // Selecting a Backup Partner Do they do recovery testing of backups and offer Annual Certification of backups required by HIPAA http://gillware.com
  • 130. HIPAA REQUIREMENTS Data Backup and Recovery Plan // Selecting a Backup Partner Is their service a „Managed Service‟ http://gillware.com
  • 131. HIPAA REQUIREMENTS Data Backup and Recovery Plan // Selecting a Backup Partner How will the data be encrypted http://gillware.com
  • 132. HIPAA REQUIREMENTS Data Backup and Recovery Plan // Selecting a Backup Partner What is the Recovery Time Objective (RTO) http://gillware.com
  • 133. HIPAA REQUIREMENTS Data Backup and Recovery Plan // Selecting a Backup Partner Are there going to be multiple revisions of all data to protect from virus and corrupted data sets http://gillware.com
  • 134. HIPAA REQUIREMENTS Data Backup and Recovery Plan // Selecting a Backup Partner What is the cost per gigabyte of data stored. Are you being charged for a compressed or uncompressed gigabyte of data http://gillware.com
  • 135. WHO IS Gillware?  Professional data recovery lab founded in 2003  We perform more than 15,000 in-lab recoveries annually  We have over 1,500 Partners nationwide Questions? Contact Ryan Pflanz at 877-624-7206 x8793 http://gillware.com
  • 136. THANK YOU FOR YOUR TIME