A reliable, secure system for backing up patient data is essential to ensure you are able to keep patient information safe. In this article, we will discuss a few of the most important facts that healthcare providers should know.
The Low-Down on Backups
There are various choices when it comes to how to handle backups of patient data. Full backups make a copy of every file in your system, usually on a pre-established schedule, though you can also manually request a backup. With a copy of every file being made each time full backup runs, it can take up a lot of room when it comes to storage space.
Incremental and differential backups are both strategies that only copy files that have been created or changed since the previous backup. Though these methods may reduce storage needs, they are harder on computer processing resources because every file is compared to the stored copy to see if there are any changes. Both methods are often used in conjunction with a full backup schedule.
Making copies of the files is one thing, but making sure the backup process is secure is another. Various data encryption techniques mean that even if the backed up files are accessed, they are unreadable without an encryption key. In some cases this key in generated by the system and in others by the user.
Some data storage systems distribute backed up files across multiple servers. Often, encryption and storage are handled by the same service, but it is also possible to separate the functions and encrypt the data yourself before having the encrypted files backed up. This makes it less likely that a security breach to have completely catastrophic effects.
Backups and Ransomware: The Last Line of Defense
The best way to recover from a Ransomware attack is to restore your data from a backup. Regular backups and a fast, easy retrieval system are key to getting back on your feet if the worst happens and your patient records are threatened by a ransomware attack. Make sure, though, that you have tested your backup system to make sure the data can be completely retrieved.
Be aware, too, that some ransomware variants also target the backup data. It’s safer to have your data backed up on a protected host, one that is adequately separated from your system. Using a system that ultimately places a copy of your backup onto tape (ideally stored offsite) ensures a ransomware attack can’t get at your patients’ personal records.
Patient Data and Email
Sending unencrypted email containing electronic Protected Health Information (ePHI) is asking for trouble. Ensure all emails are encrypted before they leave your office. It’s also easy to password protect a message. In a similar vein, digital signatures require both sender and recipient to pre-register their digital signatures before information is emailed. Most mainstream email providers offer encryption options, but there are also many advanced alternatives for secure email services out there.
Learn more about HIPAA Compliance, Cyber Security, IT managed Services and more, by getting in touch with Enviromerica today. We can ensure that you receive the best advice for optimizing your healthcare practice.