Health Information Technology (HIT) Risk-Based Regulatory Framework for Informatics: Disaster Recovery and Business Continuity Plan

Business continuity and disaster recovery plan is the act of proactively working out a way to prevent, if possible, and manage the consequences of a disaster, limiting it to the extent that a business can afford. This research aims at identifying the reality of the usage of business continuity and disaster recovery plan of the information technology department at Al-Farabi College. A modified model for achieving the research purpose was used; this model is a modified mixture between the suggested steps/components in disaster recovery and business continuity. Comprehensive survey technique was used and two questionnaires were distributed to all head of sections of information technology department. Findings showed that ( %54.8) of college departments faced a disaster in their computer systems and most of disasters were caused by infrastructure threats, and the software was the most affected part. Data compiled from respondents that (76.3 %) information technology department had the plan, but actually they did not follow all the necessary of its procedures and components. Also, results showed that plan development procedures were the weakest component. The researchers recommended the information technology department heads to give more concern to the different components of the plan based on research findings.