I wish I had good news for you, but it's only a matter of time before your healthcare IT systems suffer some type of breakdown. It is not feasible to completely prevent this from happening. The best you can do is to identify and mitigate the biggest risks to prepare for an IT disaster, and know how you will handle it when (not if) it happens.
Here is guidance for preparing your ASC for the five most common IT disasters.
1. Hardware failures/power outages. This category makes up 49 percent of IT malfunctions and potential data loss. Preparation here comprises designing and implementing the right infrastructure:
redundant, hot‐swappable components (power supplies, network interfaces, disk drives);
RAID hard drives (at least RAID 1 or 5, never RAID 0);
uninterrupible power systems (UPS) are not truly uninterruptible, they are batteries, so plan for only 20 to 30 minutes of up‐time (and remember: They dont work if your systems are not plugged into them); and
functioning data backups.
2. User error. Users you and your staff are responsible for 36 percent of IT disasters. Work to mitigate these risks by having the system set up right by experts, limiting users' access (with user‐level security policies), providing user training, implementing corporate computer-use policies and maintaining offline backups (this keeps your production data out of harm's way).
3. Viruses. Don't let the fact that viruses make up just 8 percent of problems lull you into a false sense of security when it comes to protecting yourself against them. Use server-based anti-virus software that's kept current and up-to-date (and budget for this, as it costs money to update annually). Also be sure to use a hardware firewall and anti-spam software to buttress the anti-virus program. Install only safe software, and train users to practice safe surfing (most viruses are enabled/activated by users).
4. Software issues. Four percent of the time, software is to blame. Because of this, be careful of automatic updates for OS software. Do a full backup of all data before doing any major application software updates/patches, and make sure you are aware of any customizations you have made to your software before you do any updates. Finally, keep in mind that HL7 (and other standards like CCHIT) do not mean interoperability between software apps (and if it sounds too technical for you, have an expert install software to help prevent these issues).
5. Natural disaster. Events such as fire, flood and theft cause only about 3 percent of IT nightmares. Consider investing in a fire safe for key paper and electronic files. Keep a set of (rotated) backup tapes off‐site (this creates its own set of issues to deal with, which is another article entirely), and maintain an archive of all software media, license keys and system logins and passwords.
-- Dr. Jenkins (Marion.Jenkins@qsetech.com) is the CEO of QSE Technologies, a premiere IT systems integrator serving the ambulatory healthcare industry for more than five years. Read more about QSE.