Significant events and catastrophes like Hurricane Sandy remind health care organizations that disasters can strike at any time, and disaster recovery planning must be built into operations and workflow. Key elements of planning are creating an offsite data center and other backup protocols.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
What to look for in an offsite data center
An offsite data center should not be located within the same geographic region as the hospital contracting it. A single disaster could wipe out the hospital and the data center all at once. But this isn't the only consideration organizations should make when looking at the location of their data center.
The actual disaster is not going to happen quarterly. It's going to be more chaotic. You need to be prepared.
director of HIM solutions, AHIMA
Julie Dooling, director of HIM solutions at the American Health Information Management Association, said providers should make sure the data center is not located in a flood zone or a region that experiences other kinds of natural disasters on a regular basis.
Additionally, Dooling said hospitals should have clear provisions in their contracts with data centers that spell out what the data center is accountable for in the event of a disaster. Processes for retrieving backed up data should be clear, as should responsibility for data lost due to a disaster at the data center site.
Disaster recovery plans: Keep it simple
Good disaster recovery plans will be concise. During a chaotic emergency in which there is flooding, fires or power outages, staff may not have the time to parse through a long, complicated plan. Clearly delineating responsibility and expectations makes for an effective plan, said Ray Lucchesi, a disaster recovery specialist with Silverton Consulting.
"Procedures should be pretty straightforward and [need] to be fairly explicit because in the midst of a disaster like Sandy you don't have a lot of time to think about what's going on," he said.
Lucchesi added hospitals should test their disaster recovery plans on a yearly basis, or any time a significant piece of technology is added or changed. It is important to make sure recovery protocols work in the present IT environment.
Yet, even when hospitals drill staff and practice putting a recovery plan in action, they still need to be prepared for the unexpected. Dooling said most disasters happen without warning. This is what makes them so difficult to deal with.
"The actual disaster is not going to happen quarterly," she said. "It's going to be more chaotic. You need to be prepared."
In the case of Hurricane Sandy, weather forecasters did give hospitals plenty of warning that they should prepare for adverse conditions. But the size of the storm and the destruction it brought made it impossible for all providers to keep their IT systems operational.