The following paper is a literature review that shall focus on disaster. Numerous studies have shown that disasters disrupt the smooth running of things. The first part of this paper shall focus on business continuity steps, risk management and risk assessment that support data security and confidentiality during a disaster. The second part of the paper shall be an education outline for consumers and the public on access to, security, privacy and maintenance of PHRs (Public Health Records), legalities and requirements before, during and during a disaster.
Risk assessment
Pipkin (2000) points out that a risk assessment should not focus on the creation of large amounts of information, but rather it should help to identify sensible measures to control the threats on data security and confidentiality that may brought on by a disaster. A risk assessment should include steps that will help to save the security and confidentiality of data.
According to Cherdantseva and Hilton (2013) one of the most essential facets that should be included in the risk assessment is correctly making out possible threats to the security and confidentiality of data. This should include looking around the data storage system and thinking about possible threats that were not identified before a threat occurred. Venter and Eloff (2003) say that the risk assessment should think about the activities and processes that are involved in manipulation of the data because these two facets give leeway to the compromising of data security and confidentiality. Pipkin (2000) states that the risk assessment should include reliable outside people because they cannot easily overlook the threats that are facing the security and confidentiality of data in a workplace that they are not actively involved. Risk management Pipkin (2000) says that risk management is the prioritization, assessment and identification of threats followed up