Article
In this month's "Tech Talk," Dr. B offers advice on how to back up the valuable information you have sitting on your computer. It's not as complicated or as cost-prohibitive as you think.
Like buying insurance and flossing your teeth, performing regular data backups may not be thrilling fun, but it is good for you and something you should do diligently. Think about how valuable the patient and practice data inside your computer is to you and how painful the loss would be. Now think about all of the different things that could happen to that data. The most common mishap is that a hard drive simply fails. But viruses can also infect your computer, causing it to crash. An employee can unwittingly delete data. Fire, theft, lightning strikes and floods are less common, but also real possibilities.
I get questions all the time about data backup: How often should I backup my data? Which data should I backup? What kind of device or service should I use for data backup? Is my data backup HIPAA-compliant? This article will answer all of those questions and more.
Where to Store Backup Data
The goal of data backup is to enable you to recover as much of your information as possible when data loss occurs. There are two basic types of backup methods: local and remote. Local backup usually refers to the practice of copying data to a removable media, such as a portable hard drive, tape cartridge, or CD, which can be stored separately from the computer—perhaps in another room or at home. Local backup can also mean copying data from one computer to another over an office network. Computer A has Computer B’s critical data and vice versa, so if either computer fails, the other one will have a backup copy of the critical data.
Remote backup involves sending your data to someone else, offsite, to store for you. Many companies offer this service—for a fee, of course. You use an Internet connection to send your files to a remote location where the data is stored on secure computer systems. In general, I recommend both methods for small- and medium-size medical practices. Local backup is perfect for when a hard drive fails and you need to quickly recover the data. Remote backup is a godsend when your local computer/backups have been damaged (eg, natural disasters, theft).
Local Backup Devices
If you haven’t already decided where you want to store your backup copies—external hard disk drive, CD/DVDs, tape drive, or some other storage format—here’s a quick run-down of options for local storage.
As mentioned before, one of the simplest ways to backup data is to use another computer’s hard drive on your office network. But suppose you don’t have a network, what do you do then? Or maybe you’d like to be able to take your data home with you at night. Fortunately, your choices for removable storage are numerous and tend to be very affordable.
One of the most popular options these days is an external hard drive. I’ve had good experiences with the Maxtor OneTouch hard drive, but you will find many different options at your local computer store or retail sites online. Advantages of the portable hard drive include large capacity (meaning you have lots of room to put data), portability that allows you to take the drive anywhere, and speed (meaning it records data quickly). Available in chunks of 80GB to 500GB, prices for these drives generally start at around $75, but can easily reach $300 for larger capacity drives. One of the benefits of many of these drives is they have a “one-touch” button which, when clicked, can run a preconfigured backup program that will automatically backup the specified data.
Tape drives (DAT/DDS) used to be very popular, but have become less favored in recent years. One reason is that the initial investment starts at around $1,000 for the drive and tape storage media. Consider this a recurring expense since tapes have a limited shelf life. Due to tape costs and media rotation hassles, it is common to resort to taping over and over on the same tape, only to discover that the tape has worn out, rendering the backups unusable. I’d avoid these unless you have a dedicated tech person managing the backups.
External disc media (CDs, DVDs) are also very popular due to their low price point and readily available drives. However, you should note that rewritable CDs (CD-R/RW) and DVDs have less storage capacity than tapes and external hard drives, take significantly longer to record data, and more frequently experience errors during the backup--rendering the discs useless. DVDs have a larger storage capacity than CDs, but are still limited for these same reasons. On the plus side, most computers already have CD/DVD drives built into them, and the discs are relatively inexpensive and readily available.
USB flash drives, also known as thumb drives, pen drives, or USB keys, are easier to manage than burning data onto a disc, but also limited to the amount of data they can store compared with a usual external drive. What they lack in data capacity, USB flash drives make up for in portability, ease-of-use, and price—you can easily slip one from your shirt pocket, into your USB drive on the computer, and copy your precious data. Online, prices for USB flash drives currently range from $20 for 512MB to $150 for 8GB, and manufacturers frequently offer deals on older models, as data capacity continues to grow.
The main caveat with all removable storage media is that off-site storage is required for any kind of real security. Convenient storage and expedited retrieval is necessary for emergency situations. In some media, such as CD/DVDs and USB flash drives, storage capacity limitations make automated and unattended backups impractical. And limited shelf life is a definite concern.
How to Backup Your Data Using Removable Media: Software and Scheduling
Once you have decided which removable media is right for you, you need to think about how you will backup your software. In my estimation, it is simply not practical to backup your data multiple times a day. Some people use software that automatically backs up their data continuously throughout the day. But this software can dramatically slow down the responsiveness of your system during your usual tasks. Nothing is more annoying than trying to enter some patient data and having to wait for the system to finishing backing up data.
I believe a simple once-a-night approach is reasonable.
If your removable storage device doesn’t include backup software, you can use an affordable backup program such as EMC Retrospect. Microsoft Windows XP Professional also includes a built-in backup utility. To use this, follow the steps below:
If you've never used the Backup utility, the first screen you will see is the Backup or Restore Wizard welcome window. Click Next and follow the instructions on the wizard.
Online Backup Services
Because external backup storage media (CD/DVDs, tapes, flash drives, external hard drives, etc.) can be easily stolen, support limited data sizes, often utilize no or minimal encryption security, and must be transported to/from off-site storage facilities, they seldom represent adequate data protection solutions for HIPAA compliance.
The latest HIPAA rules require that you not only backup and protect data, but also be able to document the entire process. Your contingency plans must include backup, recovery, and an emergency mode plan. As a result, online backup (remote backup) services represent a fully-automated and secure off-site storage facility for quality data backup operations that are HIPAA compliant.
Advantages of online backup are:
The disadvantages of online data storage are:
Off-site backup services are all over the map in terms of features and pricing. At the extreme high-end, you can get 10GB of space for $320 per month, with features such as 24/7 continuous backup and up to seven years of archival data. At the other end of the spectrum, you can pay much less but have less storage capacity and fewer bells and whistles. Another alternative is to work with your Electronic Health Record (EHR) vendor, if you have one. For example, Amazing Charts EHR customers are offered OffSite Backup of their critical patient and practice EHR data for a flat $250 per year. This encrypted data is then uploaded across a secured encrypted internet connection (the type of connections that banks use for all their electronic transactions) and stored both in a seismically-stable area (Houston, TX), and additionally backed-up to tape drives brought offsite from the offsite location.
What to Backup
I would argue that data backup is an absolute necessity for any kind of patient records, as well as the billing and scheduling information necessary to run a typical medical practice. Beyond that, it’s really up to you to decide how little or how much to backup. For example, you can back-up only critical data or you can make a complete copy of your computer’s entire hard drive and system settings. Here are some file suggestions to get you started:
Conclusion
Get in the habit of regularly backing up your data...or take the risk that your office is completely shut down for an indefinite amount of time if you lose your data. My approach is simple: use an external hard disk drive for once-a-day local backups, which can be automated and scheduled to occur at night, and use a remote backup service to ensure that your EHR data is safe and secure.
Besides serving as MDNG's Physician Editor-in-Chief for the Primary Care edition, Dr. Bertman is a Clinical Assistant Professor of Family Medicine at Brown University and president of AmazingCharts.com, a leading developer of Electronic Health Record (EHR) software. He is in private practice in Hope Valley, RI.