Choosing a Healthcare Cloud Provider: Data Backup and Monitoring
Choosing the best healthcare cloud provider for your organization involves many factors. In addition to location, storage, facility and service requirements, other important considerations are data backup and monitoring capabilities.
Backing Up Data, Staying in Compliance
Ask potential cloud vendors how often they back up their systems and how long they keep those backups. Is there any flexibility there? Because the backups contain protected health information, it’s imperative that they be encrypted.
HIPAA regulations require that healthcare organizations back up data both on- and off-site, and that they have the ability to restore that data should the need arise. Make sure your vendor can meet those requirements. Investigate how long the restoration process will take if a complete data restore becomes necessary.
Rather than waiting to access your backups until a problem surfaces, however, keep on top of the backups by requesting regular reports of both successes and failures. It’s also a good idea to back up data in stages, or incrementally, which uses less network bandwidth. Data compression is another option to take full advantage of cloud storage space while keeping network traffic low.
Find out if the cloud vendor replicates data for applications that your organization can’t afford to have down for any period of time. Is real-time data replication available? Integration with your digital imaging infrastructure is another plus.
Monitoring the Network, a Full-Time Job
Network monitoring should be a paramount consideration as well. Without proper monitoring, a server could just shut down with no warning — and no knowledge to your organization. Check how often a potential cloud provider monitors its network servers. Ideally, a minimum of six ports should be monitoring the servers, and the cloud provider should regularly gauge key performance metrics. Multiple ports allow for faster communication.
Monitoring should be a full-time job 24/7 — not something sporadic — and it should involve proactive alerts that validate the backups. The monitoring process should not be a one-size-fits-all approach. Customize monitoring practices for your organization’s various applications, workloads and sets of data.