When the tsunami hit the coast of Japan last year I began to seriously think about Disaster Recovery for people in the healthcare industry. I had the same feeling when Katrina decimated Louisiana and Mississippi. Extreme cases like this bring us to examine what we have to lose when an event like this comes upon us.
What’s even more compelling is that it does not even have to be a large storm or earthquake to bring us to our knees. Common occurrences like fires and cyclical weather conditions are enough to impact businesses that rely on information technology and bring them to a standstill.
Many of our customers with medical offices are vulnerable to this scenario. Iron Comet wants to ensure that our physician practices have a plan to combat such events. Offices that currently use Medisoft Clinical, Lytec, and Practice Partner EMRs must take steps to protect their patient information and office records.
Two kinds of disasters
There are generally two categories that are accepted in the case of disasters. The first is a temporary disruption in a business’ ability to access their server/network infrastructure. This might be the result of an extended power outage that shuts the servers down, or possibly a flood or ice that makes travel to the office impossible while disrupting the network communication and remote access to their data. This would leave the employees without access to the network, data and applications. The second involves destruction of a practices’ server/network infrastructure. It might be the result of a fire, explosion, flood or earthquake. The medical offices’ servers and network are permanently destroyed.
The importance of starting a Disaster Recovery plan begins with figuring out a way to access critical data in the event that your servers/network are either temporarily or permanently inaccessible. Good planning backup services for data replication and utilizing alternate locations to run duplicate infrastructure.
In a disaster one of the worst outcomes is that the medical office staff may not have the ability to communicate with each other. If there is a widespread power outage and you rely on email to communicate, your email server may be down and this will not be an option. When the power is out, internet and phones are also out. Cell phones may also be susceptible as evidenced after a recent earthquake on the East Coast. Millions of people were unable to make calls for an extended period of time.
First things first though. One rule applies if the doctor’s office is inaccessible: send all patients to the emergency room. The doctor can treat patients anywhere with a black bag full of emergency supplies, but restoring the practices business functions after a disaster can be quite challenging.
Rules for Backups
By using a recent backup copy of your data, your computers can be “recovered” or restored to the point in time when the last backup was made. Here are some suggestions concerning backups:
- Make backups frequently. Once or twice a day should be efficient.
- Replace media periodically. Retire old disks and tapes and create a new set.
Disks and tapes do not last forever.
- Restore the system occasionally. Formally test the backups by restoring the entire
system or test file. If the restore process does not work during testing, you’ll be able to troubleshoot the problem. If you wait until a disaster, it may be too late and you won’t be able to adequately recover the system.
- Document the backup and recovery process. Your recovery plan document
should include a section entitled “How to Backup and Recover our Data.”
This should include simple instructions for such items as:
· find the backups
· launch and use the backup and recovery software
· verify that the system is running properly
· Add/synchronize the restored data with the backlogged data collected while the system was down.
One of the benefits to letting your vendor host your software and data is that the vendor makes sure your data is backed up. If you have a computer disaster, you buy a new computer, install the “client” software, connect to Iron Vault, and start working. Your data is still there because it was safe and sound on the vendor’s server.
Let Iron Comet help you with your Disaster Recovery plan. We will give you step by step instructions for activating your recovery plan. We will also verify that HIPPA and regulatory security standards are being met. A good prevention strategy starts with risk assessment.
Iron Comet Consulting is a Platinum certified Mckesson reseller based in Stockbridge, Georgia. We are a full service medical IT and billing company.
Website – http://www.ironcomet.com/
Phone – (770) 506-4383