By Steve Matheson, BridgeHead Software
Before we delve into some of the latest terms in healthcare data backup and recovery, I just wanted to set the scene as to why data management is not just important, but critical, in healthcare. Data is the lifeblood of any healthcare organisation. That is a statement you will hear many of us at BridgeHead say, because we sincerely believe it to be true. Data levels are growing exponentially and that data comes in many forms, from medical images, scanned documents, clinical reports, patient correspondence, the list goes on. Patients expect their data to travel with them as they move between departments and organisations; and clinicians need to access all of the relevant patient data, at the point of care, in order to efficiently and effectively consult, diagnose and treat patients.
So, if data is the lifeblood of a healthcare organisation, having a robust data protection strategy in place, that covers backup and, more importantly, system and data recovery, is critical to the smooth running of a hospital’s operations that, in turn, has a direct impact on the successful provision of patient care.
Like all technology, innovation continues to drive efficiencies – backup and recovery of healthcare systems and data is no exception. As technology evolves, so do the buzzwords and terminology that generally go hand-in-hand. To help, we have compiled a glossary of some of the new, lesser know terms that we see increasingly in the healthcare data protection market.
New Backup & Recovery Terms Healthcare IT Need To Know
1. Protection Service Level Objective (PSLO)
PSLO is the agreement between healthcare IT planners and application owners as to how much time may pass after a storage system outage before a given application must be returned to full operation.
The three main components to PSLO include:
- Recovery Time Objective (RTO), which stipulates the maximum period of time an application will be off-line in the event of an storage outage
- Recovery Point Objective (RPO), which details how much data could, in theory, be lost and, thereby, needs to be re-keyed in the event of an outage
- Retention Objective (RO), which indicates how long data will need to be retained for an application, and how quickly that retained information needs to be recovered.
2. Version Retention Objective (VRO)
VRO is the measurement unit that looks at the number of copies of an application data set or file version that will be preserved, and for how long.
Most healthcare data has specific requirements for retention to support potential litigation, clinical best practices and specific healthcare delivery organisation mandates. And, for some of these, there are timeframes that dictate how quickly that data needs to be retrieved and delivered to the requesting party.
VRO Use cases:
- Silent infrastructure corruptions, e.g. where an organisation’s master file table has slowly corrupted over the course of many months, with that corruption only being discovered much later
- Undiscovered medical record data entry errors, e.g. the deletion of a patient record or file that is discovered many months after it occurs
- Application retirement, e.g. when moving between ERP solutions, patient records need to be accessed from retired systems from a specific date range. This is usually associated with litigation.
3. Site Recovery Objective (SRO)
SRO is a metric based upon the total amount of time it would take to get a site back-up and running.
4. Geographic Redundancy Objective (GRO)
GRO is the measurement unit that looks at the data that needs to be replicated, across sites. For instance, copies of the data may be kept within the current, secondary or tertiary datacentre (i.e. AWS cloud or within the hospital. Recovery can be facilitated across any of these sites. The GRO metric looks at the data that needs to be replicated across sites, how often and how far away that data should be from the primary site.
The level of critical importance given to data can also impact the GRO. For example, the first applications to be replicated should be the most critical to the health organisation and these mission critical applications are often kept geographically close to the primary site, if not in their own datacentre. Once that data has been replicated you can also look at replicating the application to a secondary location, in order to protect yourself against a local disaster.
For more information on patient data recovery, have a look at the disaster recovery and business continuity resources or download our Healthcare Disaster Recovery whitepaper.