The death of an infant at an Illinois hospital made national news in June 2011. Genesis Burkett passed away due to a series of errors tied to human use of the hospital's EHR systems. (The infant was born prematurely to parents who had been trying to conceive for years, and had thrived after months in neonatal intensive care until he was killed by a massive sodium chloride overdose. (You can read more about the case in the Chicago Tribune at http://tinyurl.com/8xtdqrp.)
One of the three foundational security requirements is availability-the ability to access data when you really need it. Data accessibility is considered sound security practice and is a requirement per the HIPAA Security Rule (45 CFR 164.306[a][1]). If a data storage device fails, you can lose access to your patients' or health plan members' PHI. This could adversely affect patient care and service to health plan members.