HIPAA_Data_Recovery_SOP

• HIPAA_Data_Recovery_Form
• HIPAA_Data_Recovery_SOP

HIPAA_Data_Recovery_Form

HIPAA Data Recovery Request & Chain of Custody Form

Instructions: Complete all sections. Store completed forms for 6 years per HIPAA retention.

Section 1: Request Details
- Request ID: _______________________________________
- Request Date/Time: _______________________________________
- Requestor Name/Title/Department: _______________________________________
- Contact Info (email/phone): _______________________________________
- Business Justification (clinical/operational impact): _______________________________________
  ________________________________________________________________

Section 2: Data/System Identification
- System/Application Name: _______________________________________
- Environment (Prod/Test/Dev): _______________________________________
- Data Type(s) (ePHI, PII, other): _______________________________________
- Data Owner: _______________________________________
- Location (server/VM/endpoint/cloud service): _______________________________________
- Asset Tag / Hostname: _______________________________________

Section 3: Recovery Parameters
- Incident/Change Reference #: _______________________________________
- Desired Restore Point (timestamp/snapshot): _______________________________________
- RTO Target (hours): _______________________________________
- RPO Target (minutes/hours): _______________________________________
- Scope (entire system / database / folder / files): _______________________________________
- Dependencies (DB, services, keys, networking): _______________________________________

Section 4: Authorization
- Security/Privacy Officer Approval (name/sign/date): _______________________________________
- System Owner Approval (name/sign/date): _______________________________________

Section 5: Recovery Execution (to be completed by IT)
- Assigned Engineer: _______________________________________
- Start Date/Time: _______________________________________
- Source Media (backup set ID, snapshot ID): _______________________________________
- Hash/Integrity Verification (method/result): _______________________________________
- Steps Performed (summary):
  ________________________________________________________________
  ________________________________________________________________
  ________________________________________________________________
- End Date/Time: _______________________________________
- Outcome (success/partial/failed): _______________________________________
- Data Validation Results (owner sign-off): _______________________________________

Section 6: Post-Recovery Actions
- Incident Record Updated (yes/no): _______________________________________
- Gaps/Issues Identified: _______________________________________
  ________________________________________________________________
- Corrective Actions/Follow-ups: _______________________________________
  ________________________________________________________________
- Runbooks Updated (yes/no/date): _______________________________________

Chain of Custody (if physical media used)
- Media ID: _______________________________________
- Description: _______________________________________
- Custodian Transfer Log (name, date/time, from/to, signature):
  | Date/Time       | From          | To            | Signature      | Notes                              |
  |_________________|_______________|_______________|________________|___________________|
  |                 |               |               |                |                   |
  |                 |               |               |                |                   |
  |                 |               |               |                |                   |

HIPAA_Data_Recovery_SOP

HIPAA Data Recovery SOP (Printable Checklist)

Purpose: Ensure compliant, timely restoration of ePHI systems (HIPAA 45 CFR §164.308(a)(7)).

Section A: Triage & Authorization
[ ] Validate incident/change request and business impact.
[ ] Confirm data classification and owner; obtain approvals.

Section B: Identify Scope & Restore Point
[ ] Confirm system, dataset, dependencies, and desired timestamp.
[ ] Select backup/snapshot meeting RPO; verify media availability.

Section C: Prepare Environment
[ ] Isolate affected systems if incident-related (malware/ransomware).
[ ] Gather credentials/keys; ensure network and target capacity.

Section D: Execute Recovery
[ ] Follow runbook for system/db/file restore.
[ ] Track actions, timestamps, backup IDs.

Section E: Integrity Validation
[ ] Verify file/system integrity (hashes, DB consistency, app checks).
[ ] Obtain owner validation/sign-off.

Section F: Return to Service
[ ] Reconnect to production networks; monitor performance and logs.
[ ] Validate access controls and audit logging.

Section G: Documentation & Lessons Learned
[ ] Complete Data Recovery Form and attach artifacts (hashes, logs).
[ ] Update runbooks; record corrective actions and test plans.

Sign-Off
- Performed By (print/sign/date): ______________________________________________
- Owner Validation (print/sign/date): __________________________________________
- Security/Privacy Review (print/sign/date): ___________________________________

Records: Retain forms, logs, approvals for 6 years.