About a year ago, a frantic doctor called me to discuss what steps he should take. Due to a technical malfunction, his practice had lost all of its medical records. During our conversations it became clear that his seven-doctor practice in rural Colorado had been using an EHR system for the past 10 years, and had purged paper charts a couple of years ago. However, one night their primary server experienced a “melt down” and when the practice tried to restore the system from their backup server they discovered that while the backup server had been successfully backing up the software it was not capturing any patient data. After spending over $75,000 attempting to restore their records from the destroyed server, they finally admitted defeat. As a provider he was devastated by what this meant for his patients, many of whom lost their only medical records as a result of this failure, and as a businessman he was concerned about the legal and monetary consequences of the data loss. While this is an extreme example, in the past year I have talked to over a dozen distraught providers and office managers who suffered “catastrophic” data losses. It is important to remember that one of the critical requirements when running a health IT enabled practice is the effective backup of the personal health data.
Below are some common data backup and recovery strategies:
Types of Backup
- Disk backup (e.g. duplicate server): Backing up your system on a separate sever can reduce the amount of down time a practice may experience when restoring their system from a backup, especially when using a Storage Area Network (SAN). However, the cost of maintaining this type of redundancy may be prohibitive especially if your practice has multiple terabytes of data. Unless the disks/servers are located in a separate geographic location you still risk data loss in the event of a natural disaster/fire/flood.
- Tape backup system: Magnetic tape backup systems are widely used in the industry given their low cost-to-space ratio. If you use a tape based system it is important to keep copies of the backup off-site in case of natural disaster. There are many storage companies such as Iron Mountain that provide tape storage options.
- Online/cloud backup: In this configuration, data is backed up via the Internet and resides on server farms run by the EHR vendor or an online backup company.
- EHR vendor cloud-based backup: Many EHR vendors are offering cloud-based data backup and monitoring services. This can be one of the best options especially for small practice, as EHR vendors can help monitor the system’s performance in addition to maintaining the system. Most vendor backup services also help you restore both the data and software for your practice in the event of a failure.
- Online backup company: An alternate approach is to have your data backed up through a separate online backup service. Even though these companies may not offer the same level of support for your EHR system, they can still be a viable alternative. If you select this option you should make sure that they are HIPPA compliant.
Below are some of the considerations and recommended strategies when developing a data backup and disaster recovery plan for your practice.
- Talk to your EHR vendor: Regardless of which backup strategy(s) you select, ensure they are compatible with your EHR system.
- Test the backup regularly: Ensure sure that you (or your IT staff) are able to restore the system from the backup. I have worked with several practices that believed they were successfully backing up their EHR systems only to discover that the backup was not collecting the information in the note, it was only storing changes in the software. In some cases, updates to the EHR system can modify indexing of the database, potentially causing unforeseen data losses. Practices that have undertaken substantial customizations of their EHR system are at higher risk of data discrepancy due to indexing issues.
- Automatic backups: Make sure that your system is set to back up automatically on a regular basis. When configuring the backup timetable, consider how much data you are comfortable losing (e.g. can you afford to lose 24 hours worth of data or do you need more frequent backups?) Keep in mind that backing up continuously during the work day may reduce your EHR system’s responsiveness. Having the system set to backup after business hours or during lower usage times can resolve performance related issues.
- Duplicate backup systems (redundancy): One type of backup may not be enough. The safest strategies frequently involve using a combination of backup options so that if one backup fails, the other is present.
- Downtime: Even with highly redundant systems it is possible that a practice’s electronic records may be down for several hours before they can be restored. In such cases you may need to revert to paper or other documentation strategies in the interim.
- Interfaces: If your practice uses interfaces to communicate with external entities such as laboratory companies, it is important to set up understand strategies to deal with a “down” interface. Many EHR systems and laboratory systems have queuing systems that keep a record of any tests ordered/and received that were not successfully transmitted in a queue. When the interface is once again operational, the result is delivered. Regardless, be prepared to revert to a fax-based system is interfaces are down and cannot be easily brought up again.
- Static documents: Make sure that scanned documents (PDF) files and image files are backed up as well. Some EHR systems do not automatically back up these documents even if they are attached to the clinical note. If your practice has a PACS system that stores radiology or other image files, you may need a different strategy to maintain this data given the amount of memory these types of files require.
Before you throw up your hands in despair, remember that regardless of the need for backup strategies, electronic record systems are still more reliable than paper based systems.
Please note: if you have an ASP or web-hosted system, the EHR vendor or hosting company is typically responsible for maintaining backups of the data. However, you should establish with them what their specific disaster recovery strategies are and how much downtime is expected with their system. You should also ensure that image and document files attached to the patient’s chart are backed up.
This post is the personal opinion of the author and does not necessarily reflect the official policy or position of the American College of Physicians (ACP). ACP does not endorse a specific EHR brand or product and ACP makes no representations, warranties, or assurances as to the accuracy or completeness of the information provided herein.