Managed Service Providers’ Secrets for Disaster Recovery in Healthcare
February 17, 2017
Disaster recovery is a means to recover data quickly and efficiently in the case of a disaster or other event that causes data loss. Data is not only important to the hospitals or clinics holding the data, but it is important to the clients that trusted the data in your hands.
According to HIPAA regulations, to be compliant a clinic or hospital must have a disaster recovery plan in place. If you are in the cloud, then your managed service provider should also have a disaster recovery plan in place. If you are not already in the cloud, then make sure to ask if your cloud provider is HIPAA-compliant and if they have an active data recovery plan in place for your data.
Departmentalize Your Data
Although we like to think that all data is the most important data, it is not. Determine what data is the most necessary according to the department it resides in. Patient data and HR data is very important because it includes addresses and social security numbers. Other patient data that reflects medications and procedures is also important. Secretarial, doctor’s calendars, and day-to-day operations data may cause a bit of a hassle, but it is not in the same category.
Define what data is the most important and create a prioritization list. Add each department’s data to the list and distribute a priority level to each. This way your managed service provider will know which data is top priority, and they can define a well thought out strategy for your specific needs.
Make the Plan All-Encompassing
There are different levels of disasters that can happen to your institution. You need to prepare for the worst case scenario and the best case scenario. Best case scenarios are usually caused by human error, a mistake, or some other inconvenience.
A mid-level crisis might come from hackers. They may have frozen your ability to perform certain functions, but the data itself is still safe. A high level disaster could be a natural disaster that has destroyed your network, office building, or wiped all of your data clean. Your disaster plan should include all levels of emergencies.
Plan for Loss of Time
Once the system goes down, and the data is lost, there is a recovery period. Plan for it. Have a contingency plan in place in case everything is wiped out.
Your managed service provider can have applications and data reinstalled onto your computers in just hours (sometimes). If the computers are destroyed, then the provider can still have everything installed onto computers at another location. It is all part of the planning effort. This is another reason to have a solid disaster plan in place.
The recovery phase can help ensure that your institution is back up and running in no time. Get more information on this topic – download the white paper: Small Business Networking
The entire plan should be tested on a regular basis. Once a year should be good enough if minimal changes to your infrastructure have occurred. It is imperative to contact your managed service provider and test the validity of the disaster plan. An untested plan could just add to an already very bad situation.
Subscribe now and stay up to date with News, Tips, Events, Cybersecurity, Cloud and Data Compliance.