Mar 13, 2017 General By

Imagine hearing from your healthcare provider that your important files, perhaps recent X-rays or even your entire health history record, have been lost or are temporarily irretrievable when you need care. Would the experience make you consider bringing your business elsewhere? What if you needed to complete a transaction at your local bank or ATM and the network was down?

Healthcare and financial service providers, envision dealing with the fallout of a flawed disaster recovery (DR) plan, from an out-of-commission billing system to lost vital information about customers to high-dollar federal compliance penalties.

These scenarios create safety concerns, compliance issues, detrimental costs and plenty of headaches — and they’re all avoidable.

The DR and overall business continuity conversation is a tough one for any business; DR is not a system that any IT professional or CxO wants to have to use.  Plus, even though it may never be needed, it’s not cheap. What’s more costly, however, is not having one. DR is often associated with major natural disasters, such as hurricanes, tornados, ice storms and floods, but many IT disasters are manmade, so the threat is always present.

Healthcare

For the healthcare industry in particular, disaster recovery is an essential and regulated process, but it hasn’t been a top priority for many medical facilities until the past few years[1]. HIPAA has required disaster recovery plans for healthcare organizations since it started in 1996, though its standard for backup and recovery is largely considered minimal. However, with the onslaught of electronic health records (EHR), mandates on picture archiving and communication system (PACS) backup[2], and increased amounts of cyberattacks on health data, DR has become much more top-of-mind for the industry[3].

The 2015 HIMSS Cybersecurity Survey found that two-thirds of the nearly 300 healthcare leaders surveyed reported that their organizations recently suffered a “significant security incident.” The participants revealed that 62 percent of security incidents caused “limited disruption to IT systems,” and 21 percent caused “loss of patient, financial or organizational data.” Despite many improvements to DR and IT continuity among participants’ organizations, most reported “only an average level of confidence in their organizations’ ability to protect their IT infrastructure and data.[4]

With hospitals and many other healthcare facilities requiring 24/7/365 uptime, network failure can be disastrous. Healthcare organizations need a fully-redundant network with reliable off-site data storage and quick failover in place — and the entire DR system should be well-tested.

Financial Services

The same can be said of financial services firms, which also regularly store and process vast amounts of critical data and must meet industry compliance standards.

All organizations that “store, process or transmit cardholder data” must adhere to the Payment Card Industry (PCI) Data Security Standard (DSS), which requires maintaining a secure network that’s regularly tested, as well as compliance with other IT policies[5].

Banks and other financial organizations need to maintain constant uptime to avoid major dips in transactions, trades and/or customer satisfaction. One study reported that every minute of downtime resulting from a DDoS attack costs the average company $22,000[6].

NGN Has You Covered

One option that many healthcare and financial organizations turn to for DR and remote data backup is colocation. NGN operates five fully-equipped colocation facilities in North Georgia that offer the following benefits:

To learn more about NGN’s colocation space, click here.

 

SOURCES:

[1] http://www.healthcareitnews.com/news/disaster-recovery-demands-smart-planning

[2] http://www.datacenterjournal.com/five-health-care-trends-to-watch-for-in-2016/

[3] http://searchhealthit.techtarget.com/feature/Healthcare-disaster-recovery-critical-for-providers

[4] http://www.himss.org/news/himss-survey-finds-two-thirds-healthcare-organizations-experienced-significant-security-incident

[5] https://www.pcisecuritystandards.org/documents/PCI%20SSC%20Quick%20Reference%20Guide.pdf

[6] https://www.theatlantic.com/technology/archive/2016/10/a-lot/505025/