Skip to content

Easily Test Your EMR Backup

  • by

One of the requirements of a healthcare organization covered by the HIPAA-HITECH security rules is to have a recoverable backup of its EMR system.  After a local server crash is not the time to discover that the “automatic” backup system has been failing!

With IDrive Bare Metal Restore backup solution, a covered entity can fulfil these backup requirements:

  • Backup needs to be recoverable (CFR 164.308(7)(ii) (B))
  • Backup needs to be frequent (CFR 164.308(a)(1))
  • There must be offsite backups (CFR 164.308(a)(1))
  • Backup recovery needs to be tested (CFR 164.308(7)(ii) (D))


That last bullet point is often neglected because of the time/cost involved.  A nice feature of the IDrive BMR system is that it can spin up virtual machines based on the backup settings.

Steps to test Backup:

  1. IDrive BMR server has been backing up EMR server and Domain Controller server
  2. Set up a separate standalone network either locally or at an offsite location. A simple router providing DHCP and some LAN ports should suffice.  Connect the IDrive BMR server and a clinic laptop or workstation
  3. Spin up the EMR server on an IDrive virtual machine
  4. Test the system from workstation or laptop
  5. Document test results for compliance


The 6TB IDrive BMR Backup solution is priced at $2000 annually.


*concepts from this post were referenced from the Healthcare Business Management Association website, specifically the article by Bob Chaput 3/29/12 “The Truth about HIPAA-HITECH and Data Backup.”