HP RDX Video - Could HP RDX Disk based backup be right for your business

Healthcare Industry - RDX for IT and Medical Practices

HIPAA Compliance - Regulated and Highly Secure

As a highly regulated industry, to comply with government regulations, organization policy and legal requirements, healthcare organizations face stringent data backup, restore, archive and disaster recovery requirements. For example, The Health Insurance Portability and Accountability Act (HIPAA) requires strict audit and data accountability; all patient identities and personal medical records must be kept private, protected and digitized. Patient safety requires that records are accurately kept.  It’s of paramount importance that healthcare Radiology images, MRIs, cardiograms, and other electronic patient images indexes and accurately stored and be quickly accessible.  Errors in patient record keeping can lead to potential traumatic patient safety, legal and compliance challenges for healthcare institutions.

HIPAA requirements govern the development of data policy and this policy is used to develop operational procedures to manage the data. Healthcare providers and organizations of all sizes need to carefully define their patient safety and information management strategies.  Healthcare data backup, restore, archive and disaster recovery policies and procedures must be in place based on industry best practices and regulatory compliance.  

One healthcare institution described their datacenter storage environment using SAN storage with a virtualization stack for Tier 1 primary and Tier 2 backup storage.  Patient records are kept on Tier 1 storage for six years (up to 21 years for pediatrics) and eight years on Tier 2 storage. This amounts to volumes of data and massive storage requirements for Tier 1 and 2.

The Tier 3 policy includes backup to optical or tape storage, followed by bar-coding copies which are kept onsite and offsite for archive and disaster recovery. The library of removable storage is managed through a written record of data movement. Using the bar-coding system allowed the organization to quickly retrieve the stored data from the off-site facility and restore the data for internal use or quick recovery for discovery and litigation.

Physical security, authentication, data encryption, auditability are all built into their data management process.

Rogue Systems

An area where this healthcare company had difficulties was in enforcing backup and retention policy among auxiliary systems such as PCs and laptops. Spreadsheets and other files and documents are used on a daily basis and their loss or relying on end-users to manage the data can be a serious business risk for the organization. In addition, doctors and medical staffs travel back and forth from their medical offices to hospitals and data backup and archiving needs to be portable.  Often, medical office practices do not have the healthcare IT staff and infrastructures of large hospitals and healthcare providers that use shared storage systems to centrally manage data.


Capacity, Backup, Retention and Restore

Using the A SAN storage subsystem for backing up and archiving data these departmental systems is expensive for this volume of data and most medical office practices do not have the budget nor IT expertise to implement these systems. RDX systems become an effective solution for tier-3 healthcare IT data archiving or for medical office tier-2 backup and tier-3 use. Enterprise Class RDX removable disk technology provides all the access and performance benefits of online storage with the economic benefits of offline storage for medium and large healthcare providers and hospitals. This enables those organizations to dramatically reduce the cost of storing and protecting the data that is critical for them to retain.  

RDX docks and cartridges are ideal for small to medium medical office practices.  Data can be backed up and archived simply and retained as needed.  Little to no IT expertise is required once the medical office PCs and networks are installed and connected.  Each PC can have a RDX dock and 500GB cartridge attached via a USB cable for $200 per PC.  Every system can be backed up and RDX cartridges may be stored for years of data recoverability.

RDX removable disk technology is infinitely expandable. For healthcare IT organizations, RDX removable disks can be virtualized behind the online disk allowing inactive data to be removed from the system while still appearing online to applications and users. This enables incremental expansion of storage as it is needed.

When data is ready to be moved to Tier 3, multiple copies of the RDX removable disk can automatically be made and the meta-data can be maintained online for easy search and retrieval, even when the data is removed from the system and sent offsite.

Backup times are reduced by up to 50% over other removable enterprise storage media. RDX removable disk technology provides shorter backup windows, faster time to recovery and lower cost of protecting data while fewer resources to manage backups are consumed.  

A complete index of files is kept so that files can be rapidly recovered for discovery, audit or other compliance requirements.  Through index-based searches files can be rapidly retrieved. Legal holds can be placed on files preventing deletion even when the retention period has expired.

Security – Audit, Encryption, Authentication

Stringent data security required by healthcare organizations is supported by RDX removable disk technology. AES-256 encryption is supported for regulations or business policy that requires it. Complete audit trails for every file provides is supported using chain-of-custody reporting. Secure deletes can be executed for data whose retention dates have expired and this overwrites the data on the removable disk to enable DOD 5015.2 compliance. Data can be made non-erasable, non-alterable using RDX removable disk technology with WORM enabled software. Data authenticity can be enforced through content addressable storage with sophisticated hash algorithms.

Curing the Rogue Systems Problem

PCs and laptops, that are outside the network, and used within medical offices can have their data backed-up from the desktop using an RDX docking station and RDX removable disk cartridges. Once installed the RDX device appears as another disk drive to the computer. Using drag and drop technology users can quickly backup single files, folders or entire disks.  Copies of the backup cartridge can be made and then the ruggedized cartridge can be sent to IT to comply with archive and disaster recovery policy.