● Roundup: Disaster Recovery
tions and bring-your-own-device (BYOD) policies, 45 percent of respondents said their organization’s policies for employee-owned devices were less strict than those for employer-owned devices, and 15 percent noted they did not have policies for employee-owned devices. For more information on CDW’s Data Loss Straw Poll, visit www.cdw.com/datalosspoll.
Brian J. Escott, P.E., director, project management, Emerson Network Power’s ASCO Business
Examine power back-up plans before disaster strikes Technology adoption often requires a re-evaluation of business continuity systems to ensure uninterrupted service. We continue to see healthcare facilities that are up to code but could not maintain service during extended power outages. In such an event, just about every hospital system becomes business critical. Exploring what-if scenarios, such as a breaker failing to open or a generator failing to start, can improve contin- gency planning, while testing and monitoring reduces the chances systems won’t perform as expected. Remote monitoring provides the visibility to enable a more proactive approach to system main- tenance and can be used by facility teams to test systems during off hours. Going above the NFPA/Joint Commission minimums in contingency planning will help ensure you’re ready for anything. Many hospital data centers consume more power than may
have been projected just two years ago, with the infl ux of patient and imaging data. Back-up power must be scalable to keep pace with growth, while maintaining protection to all essential systems. Knowing what facility applications are aligned to which back-up power system helps you prioritize if you must shed loads dur- ing a prolonged outage. And back-up power systems protecting business-critical systems should employ some degree of redundancy so that the failure of one back-up unit does not bring down the protected system. Finally, usage of cloud-based services for data storage and ap- plication delivery means that their business continuity plans are your business continuity plans. Ensure that you have partnered with a provider that has the high-availability infrastructure that you require.
incident can strike at any time, whether it is caused by a natural disaster, human error or malicious attack. And when that disaster occurs, healthcare organizations need to be prepared. If not, they can be stuck wasting hours of time conducting complex manual recovery processes. Just a few hours of downtime can put patients’ health and safety at risk, decrease the healthcare organization’s productivity, cost the organization approximately $640,000 per hour and damage its reputation. T is is why healthcare organizations are turning to technologies such as continuous data protection, replication, de-duplication and automated disaster recovery solutions to build IT resiliency and diminish downtime. Continuous data-protection technologies allow companies to take snapshots of data within the data center, back up this data more often and replicate it to off site data centers, cutting data loss to almost none. Automated DR combined with continuous data protection removes and mechanizes the detailed and time-consuming manual recovery process. Automated DR solutions also allow healthcare organizations to test their recovery processes before issues occur. T is testing capability allows health- care IT professionals to sleep soundly at night, knowing their data is protected and that it can be recovered with the click of a button.
David Kidd, director of quality assurance and compliance, Peak 10
Utilizing the cloud for DR, compliance The HIPAA Security Rule requires that healthcare companies establish and implement DR plans to restore lost data in the event of a disaster. Many companies are now turning to the cloud as a fl exible, cost-eff ective way to implement DR plans while remaining compliant with federal regulations. T ere are numerous benefi ts to using the cloud for DR.
Ralph Wynn, FalconStor Software
The solution is automated DR A healthcare organization’s data and IT services are the back- bone of the organization. For example, most doctors use laptops for electronic fi les; imagine the chaos that would ensue if that data was not accessible. T erefore, healthcare IT professionals need to ensure that their organizations have continuous, uninterrupted access to data, IT services and applications. DR is important to healthcare IT professionals because an
8 May 2013
Depending on the technology employed in the cloud solu- tion, it is possible for companies to receive near real-time data protection, versus a scheduled replication that happens a few times a day. T is can result in less data loss in the event of a failure. It is also possible to replicate customers’ cloud servers, no matter where they are housed, and ensure rapid recovery times in the event of a disaster. Choosing the right cloud partner is essential to success- fully implementing a DR plan. T e provider should be able to customize recovery point objectives and recovery time objectives to ensure that failovers can be initiated within minutes, and that companies can select the point in time at which a test or failover occurs. T is essentially means that data can be restored to a past date or time, just prior to the disaster. It is also helpful for the cloud provider to have disaster
recovery specialists available 24 hours a day, 365 days a year, to help execute testing and actual recovery processes. Most important is to work with a provider that is HIPAA compliant. Compliance helps to mitigate many of the secu- rity concerns that healthcare companies have where cloud computing is concerned.
HEALTH MANAGEMENT TECHNOLOGY www.healthmgttech.com