Backup plans for EHR failures need regular testing
■ Regardless of whether the system is local or cloud-based, physician practices should have a plan that includes off-site storage of data.
Any practice using an electronic health records system must assume that the software, or the equipment it operates on, at some point will suffer a glitch or be at risk of damage in a natural disaster. That’s why experts say it’s important that practices take steps to ensure data backup is being done properly, even if the task is handled by outside parties. The practice also should know how it can restore its data in the event of a system failure.
A practice’s backup plan should include not just the ability to retrieve data, but also the time it takes to retrieve it, said Bob Dupuis, director of managed services at Arcadia Solutions, a health care consulting firm in Burlington, Mass. Because machines can malfunction as easily as software, a backup plan and testing should include the hardware on which the data are run or stored.
There are many strategies of backing up data that can be done in-house, in the cloud or a combination of both. A backup plan often comes as part of the EHR package, especially those that are cloud-based, but the backup plans can extend beyond what the vendor offers if a practice contracts with a third party for that service. Experts say practices that have systems hosted by a server inside the practice should have a backup plan that includes off-site storage of data either in a physical location or in the cloud.
The riskiest plan would be to keep all the data and the backups in the same location, said Robert King, founder and president of EntelliProj Consulting, a management consulting firm in Maple Shade, N.J.
The goal of a backup plan is to get the most amount of data restored in the least amount of time. Some systems back up data incrementally by saving only changes made to the database on a daily basis, with a full backup occurring once a week or a longer interval. Systems vary in terms of how quickly they can restore the data to the last backup that occurred. Practices should determine the value of a day’s, week’s or month’s worth of data, and the maximum time it could revert to paper without severe consequences. The sophistication of the backup plan can be chosen based on this criteria.
The St. Charles Health System in Bend, Ore., for example, has a sophisticated in-house backup system that runs what is known as a redundant server, which copies all data in real time. Auditors can compare the main data source to the backup for any given date and time, said Chris Waugh, technical specialist for St. Charles. Less sophisticated systems might restore data only to the previous day.
Goals of assessment
When it comes to testing, there are three main things to look for, said Stacy Griggs, vice president and general manager of Cbeyond, a telecommunications and technology company in Atlanta that operates cloud-based backup networks. Those are: Ensure the backup plan works; make sure it works as efficiently as it can; and identify ways the plan can be improved to optimize efficiency.
The testing of a backup plan should start before the practice signs a contract with a vendor, Dupuis said. If the vendor promises it can get practices back online within 10 minutes of an outage with 100% data recovery, it needs to prove it, he said.
Whether the backup includes a redundant system that copies everything that is done in real time, or whether it’s a recording of each day’s worth of data, the practice needs to ensure that the process is capturing everything needed. This can be done by comparing the main data source with the backup source.
The practice can pick a few patient files at random and compare them, or take the patient list from a particular day and compare the backup data of that day with the original, King said. No matter how long a system is offline, the practice will need a plan to continue operating without the presence of its main technology infrastructure. Dupuis said the practice should ensure that all staff members know their roles.
The plan might be to revert to paper. It also could be to transfer operations to redundant systems such as a backup Internet connection, a redundant server or a generator in the event of a power loss.
Run your own drill
A drill to test the continuity plan will give a practice an idea of what steps are missing and whether everyone is meeting their responsibilities. Dupuis said sometimes little things are missed, such as making sure there is fuel to run the generator. A more complex drill will take several hours.
Small practices probably will hire a third party to handle data backups, as they do for most other IT-related activities. Provisions can be added to a contract to help protect a practice, but they should go beyond the vendor taking financial responsibility if something goes wrong. If a practice loses its data, a financial settlement will be little consolation if the information is never recovered.
King said vendors should provide practices with validation that their backup plans work as intended. This could be done by sending each client a copy of an auditor’s report, or results of its own testing. He said that even though many vendors don’t want to talk about failures their systems or clients have experienced, practices should ask them about cases in which they restored data after a failure.
A practice can doubly protect itself by hiring its own third party that will keep a second backup, which can cost up to hundreds of dollars a year depending on the level of backup and security. But before doing so, it should verify the process of getting the data from point A to point B and the equipment necessary to do so. EHR vendors might not be set up to include a third-party backup in that restoration process. The practice’s equipment may be incapable of restoring the backup data in a readable and usable format, Dupuis said.
Validating and testing the recovery plan will prepare practices for the unexpected. Although it may be time-consuming to conduct thorough testing, it’s a necessary step, experts say. After implementation of a backup system, testing should be done regularly to verify the system does what it’s supposed to do. Experts recommend it be done at least quarterly, and any time changes are made to the IT systems.