Offsite data centers key part of effective disaster recovery plans

The time to start disaster recovery planning is long before the disaster strikes.

Significant events and catastrophes like Hurricane Sandy remind health care organizations that disasters can strike at any time, and disaster recovery planning must be built into operations and workflow. Key elements of planning are creating an offsite data center and other backup protocols.

What to look for in an offsite data center

An offsite data center should not be located within the same geographic region as the hospital contracting it. A single disaster could wipe out the hospital and the data center all at once. But this isn't the only consideration organizations should make when looking at the location of their data center.

The actual disaster is not going to happen quarterly. It's going to be more chaotic. You need to be prepared.

Julie Dooling,
director of HIM solutions, AHIMA

Julie Dooling, director of HIM solutions at the American Health Information Management Association, said providers should make sure the data center is not located in a flood zone or a region that experiences other kinds of natural disasters on a regular basis.

Additionally, Dooling said hospitals should have clear provisions in their contracts with data centers that spell out what the data center is accountable for in the event of a disaster. Processes for retrieving backed up data should be clear, as should responsibility for data lost due to a disaster at the data center site.

Disaster recovery plans: Keep it simple

Good disaster recovery plans will be concise. During a chaotic emergency in which there is flooding, fires or power outages, staff may not have the time to parse through a long, complicated plan. Clearly delineating responsibility and expectations makes for an effective plan, said Ray Lucchesi, a disaster recovery specialist with Silverton Consulting.

"Procedures should be pretty straightforward and [need] to be fairly explicit because in the midst of a disaster like Sandy you don't have a lot of time to think about what's going on," he said.

Lucchesi added hospitals should test their disaster recovery plans on a yearly basis, or any time a significant piece of technology is added or changed. It is important to make sure recovery protocols work in the present IT environment.

Yet, even when hospitals drill staff and practice putting a recovery plan in action, they still need to be prepared for the unexpected. Dooling said most disasters happen without warning. This is what makes them so difficult to deal with.

"The actual disaster is not going to happen quarterly," she said. "It's going to be more chaotic. You need to be prepared."

In the case of Hurricane Sandy, weather forecasters did give hospitals plenty of warning that they should prepare for adverse conditions. But the size of the storm and the destruction it brought made it impossible for all providers to keep their IT systems operational.

Let us know what you think about the story; email Ed Burns, news writer or contact @EdBurnsTT on Twitter.

This was first published in November 2012

Dig deeper on Electronic health care systems, data centers and servers

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

-ADS BY GOOGLE

SearchCompliance

SearchCIO

SearchCloudComputing

SearchMobileComputing

SearchSecurity

SearchStorage

Close