One of the requirements of a healthcare organization covered by the HIPAA-HITECH security rules is to have a recoverable backup of its EMR system. After a local server crash is not the time to discover that the “automatic” backup system has been failing!
With IDrive Bare Metal Restore backup solution, a covered entity can fulfil these backup requirements:
- Backup needs to be recoverable (CFR 164.308(7)(ii) (B))
- Backup needs to be frequent (CFR 164.308(a)(1))
- There must be offsite backups (CFR 164.308(a)(1))
- Backup recovery needs to be tested (CFR 164.308(7)(ii) (D))
That last bullet point is often neglected because of the time/cost involved. A nice feature of the IDrive BMR system is that it can spin up virtual machines based on the backup settings.
Steps to test Backup:
- IDrive BMR server has been backing up EMR server and Domain Controller server
- Set up a separate standalone network either locally or at an offsite location. A simple router providing DHCP and some LAN ports should suffice. Connect the IDrive BMR server and a clinic laptop or workstation
- Spin up the EMR server on an IDrive virtual machine
- Test the system from workstation or laptop
- Document test results for compliance
The 6TB IDrive BMR Backup solution is priced at $2000 annually.
*concepts from this post were referenced from the Healthcare Business Management Association website, specifically the article by Bob Chaput 3/29/12 “The Truth about HIPAA-HITECH and Data Backup.”