In an earlier discussion, I covered storage and cloud infrastructures, along with the advantages to providers of participating in cloud storage. This discussion concentrates on a simpler topic: tiered healthcare storage and how it affects provider institutions' backup priorities.
To begin with, tiered storage is a best practice for nearly every organization that has implemented any kind of storage infrastructure. Specifically, tiering provides hardware for online, near-line and offline storage for different kinds of data.
After you decide on tiered storage for backups, an important thing to consider is your institution's backup objective. There are three primary backup objectives and all focus on data recovery. The first is the recovery point objective (RPO), which means that you have a specific objective in mind when you recover data. In this case that objective is to recover data based on where you are now in relation to what you were doing when you lost it. So, if you spent four hours entering data in an application and didn't save it, and you've lost the data, how much of the four hours of data entry do you need to repeat? For RPO backups, you want to take the least amount of time for recovery.
Next is the recovery time objective (RTO); here, you need to understand how much time it will take to get from the point of data loss to recovering the data and getting back to using the restored data.
The final objective is to secure and protect backed-up data that you're storing for the long term.
Each of these objectives requires a different kind of storage medium. Fortunately, each objective has a storage hardware option to meet the challenge. An RPO backup requires an online backup and a high-speed storage system that also provides storage for production applications. These are required because achieving a low RPO time requires synchronous replication, or real-time copying, of stored data. Everything is copied immediately to two places, so if failure occurs in one place, recovery can be implemented by pointing data reads and writes to the backup storage device.
The RTO backup objective is supported by near-line storage devices, which asynchronously copy data to networked storage during times of low computer utilization. Recovery involves copying data back from these storage locations to the original locations. Usually this process involves recovering emails or user home directories. The copying process can take as long as several hours depending on available download speeds and the quantity of stored data.
Data security issues in tiered healthcare storage involve both RPO and RTO, as well as another objective of long-term archiving, satisfying legal requirements. One example of these is the HIPAA regulations that require stored data to be encrypted and compressed through separate processes. Recovery of such data involves reversing encryption and compression, and an additional process for restoration.
There are three levels, or tiers, for maintaining and managing data storage backups in healthcare, all centered on recovery objectives. Online, or tier 1, backups are expensive because they concentrate on minimizing recovery time and maximizing the amount of data recovered. In near-line, or tier 2, backups, the quantity of data could result in a longer recovery time or in lost data. Offline, or tier 3, backups are used for archiving, and involve the separate step of encrypting and compressing the data before it's backed up. Once backed up, this archived data can be recovered, but it will need to be decrypted, decompressed and restored. This process can take days to weeks for large data files, and RPO and RTO objectives will suffer.
About the author:
Jon Gaasedelen is an independent IT consultant with over 20 years' experience in information systems infrastructures. He has an undergraduate degree in economics and a master's degree in health informatics, both from the University of Minnesota. Let us know what you think about the story; email firstname.lastname@example.org or contact @SearchHealthITon Twitter.