HIPAA Compliant Offsite Backup Solution

Posted on February 7, 2006 I Written By

John Lynn is the Founder of the HealthcareScene.com blog network which currently consists of 10 blogs containing over 8000 articles with John having written over 4000 of the articles himself. These EMR and Healthcare IT related articles have been viewed over 16 million times. John also manages Healthcare IT Central and Healthcare IT Today, the leading career Health IT job board and blog. John is co-founder of InfluentialNetworks.com and Physia.com. John is highly involved in social media, and in addition to his blogs can also be found on Twitter: @techguy and @ehrandhit and LinkedIn.

I use to live and work in Hawaii and so many times I’ve considered working out an arrangment with them to store a backup of my EMR in Hawaii since I could easily transfer it over the internet. What better backup location then Hawaii? In the end the idea pretty much fell apart when I started thinking about the HIPAA hurdles that I would have to deal with to make it work. Since my employer probably doesn’t want to fly me to Hawaii to do security audits how would I really know what is going on there? Also, how would I manage who gained access to their data center. I could put a little server in my own locked cage which is only accessible by a couple people who have signed the Privacy agreement. However, once you start talking cages and security the price tag continues to rise. If anyone reading this would like to work with me on this, I’d be happy to make the trips out to see friends if they want to pay for that kind of backup.

Since my Hawaii idea fell through we just have a fire proof safe in an undisclosed location that is kind of like the old movie Get Smart to gain access(minus the automated doors). As a college health organization we have a few more resources than most doctor’s offices. This is why I was happy to find someone offering a service I’d been looking around for. The service is offered by Creative Software Solutions and they offer a service called Handy Backup Service. I’m not an end user and I have no affilitation to the company so I can’t vouge for that, but it’s nice to see someone offering this type of service. The best part is that they are willing to sign a Business Associates agreement. We all know how important that is for this kind of service.

I really think that the future of offsite backups is with the EMR vendors themselves. If you are an EMR vendor reading this…You should partner with some good, quality, technical people(a few still do exist) that could help you offer this service to your customers. I know that in the event of a disaster the first person I am going to call to restore my EMR is my EMR vendor. They know their EMR system infinitely better than me. Why not take it one step further and give them all the tools(and data) that they need to restore your system in case of a disaster. Not to mention they’ve already signed the Business Associate’s agreement.