How Often Should Medical/Dental Offices Backup Data & Why Data Backup is Important

By: Daryl Smith on January 10th, 2019

Print/Save as PDF

How Often Should Medical/Dental Offices Backup Data & Why Data Backup is Important

Data Security  |  Medical  |  Dental

What is the most important part of your practice? Is it your building? Is it the equipment? No, your practice is your patients. And since most patient records are stored electronically these days, your practice is your patients’ electronic data. 

Patient data is the critical and comprehensive medical information that allows you to safely treat your patients. So what happens if there is an extended power outage in your area? A fire or flood in your office? Your network server crashes? What if your computer network is compromised from outside your practice?

In this post, we’ll talk about a few reasons why backing up your electronic health records (EHR) data is so important and how often you should do it:

WHY YOU NEED TO BACK UP YOUR HEALTHCARE DATA

Imagine losing patient records, financial information, payroll figures, etc. and the repercussions both on your reputation and legal fees. Whether a system crashed or a ransomware attack struck, the loss of sensitive data on your healthcare computers or servers can cost you time, money, and headaches. 

More importantly, you could lose the trust of your patients or your financial security as a company. That’s why HIPAA’s final rule requires that electronically protected health information (ePHI) be backed up and stored securely offsite

WHAT FILES DO I NEED TO BACK UP?

At first glance it seems easy— you just make a copy of your healthcare data and files. But that’s only the beginning...

In the case of an emergency where you lose access to your data (think equipment failure, fire, flooding, hurricane, tornado, etc.) you want to make sure that you have everything you need to start seeing patients quickly. 

To properly back up your medical or dental computers and systems, you need to back up the following*:

  • Patient EHR files, including health histories, tests, photographs and radiographic images
  • Administrative files, including payroll records, documents, and spreadsheets
  • Financial information, including patient insurance, patient billing, and accounts payable
  • Operational systems and computer programs
  • Customized settings
  • Any important data or programs that are “stranded” on individual workstations

*Depending on the size and specialty of your practice, you may have other sensitive electronic information to securely back up.

HOW DO I START SECURING MY PRACTICE DATA?  

To get started backing up your healthcare and business files, create a functional copy of all critical data to be stored securely outside of your office. This is just a list of your important resources to let you see the scope of your storage needs.

It’s important to store your EHR data off-site in a secure location, preferably on an off-site server. Disaster can strike at any time and can affect your geographic region. Any healthcare data backup should either be in the cloud or on a separate server at a separate location.

It is not recommended that a staff member take the backup copy home. The backup copy could be lost or worse. If your backup were stolen and the data compromised, recovery could be a nightmare. If the data is not encrypted and is lost, it would be considered a security breach under HIPAA with related consequences. Nor should you store your data backup in the office safe; that would defeat the purpose of creating a backup copy in the first place.

HOW OFTEN SHOULD HEALTHCARE PROVIDERS BACK UP EHR DATA?

The more important the data, the more frequently you will want to run your backup and the more backup copies that you should have at various secure locations. You’ll want to automate the backup process by scheduling regular backups to run at prescribed intervals. If the process is automated, you do not have to rely on yourself or staff to remember to run the backup. 

Recommended best practice is to set your backup to occur daily at midnight, and weekly on Fridays at midnight.

THE IMPORTANCE OF PAPER CONTROL BACKUPS

But here’s the catch. Many practices are performing daily backups wherein they overwrite the previous backups. But what if you needed to go back to a certain point in time for legal or technical reasons? How long are previous backup versions available to you? How does your IT service provider handle that situation?

Although it seems counterintuitive, you should also have a paper protocol for your EHR data. This will allow for the continuation of business while the problem is being fixed. Staff needs to know what forms are necessary and how to fill them out in the event that the computers are down for any reason.

Once you have set up your backup schedule and routine, make sure you test the integrity of the backup data on a regular basis. You should check that the data has actually backed up. It is also good practice to periodically test data backups by restoring from a backup.

SHOULD YOU GET AN IT SERVICE PROVIDER INVOLVED TO HELP?

Long story short— we strongly recommend that you consult your IT provider for their advice and expertise on backup best practices. You want to focus on your patients, and there are so many other details of your practice to manage. Even if you have staff members who are tech-savvy, they are performing other important duties to support your practice. The last thing you want to do is to run the risk of not securing your data properly or backing it up frequently.

If you do decide to involve an IT service provider, ask them the following questions:

  • What are the data recovery plans based on and why?
  • What are their data security measures?
  • How often are the data recovery processes tested?
  • How often will they be backing up your data?
  • What media are they using to back up your data?
  • What happens if you need to go back to a previous data version? Is that possible?

Here are 6 Things to Look for in a Managed IT Service Provider for Your Dental Practice for more ideas about what you should ask candidates.

MORE QUESTIONS ABOUT DENTAL PRACTICE TECHNOLOGY

Don’t put your practice at risk by not having a solid data backup protocol. You owe it to yourself, your patients, and your employees to make sure that this portion of your practice is safe and disaster-proof. 

In our 10 FAQs About Dental Practice Technology ebook, we explore in-depth answers to important questions about dental practice technology. Download your free copy, today.

FAQs about dental practice technology ebook CTA