The Digitisation of Healthcare
Understanding the direct link between technology and patient care is critical but can be overwhelming. Physicians rely on up-to-date patient information to make educated decisions on the best care. Access to patient data is critical to their care and can sometimes mean the difference between life and death. Electronic Health Records (EHRs) flow from system to system, hospital to hospital, from the point of the patient registration to data gathered in different departments such as labs, radiology, cardiology and more, to discharge. Couple that with financial and insurance data collected, and we begin to see the sheer magnitude of the availability impact on the healthcare industry.
Business Continuity—Keeping the Digital Life Alive
Downtime can have a catastrophic impact on digital life for caregivers, administrators, stakeholders and patients.
In a study published by the Journal of Biometrics, researchers stated that of the patient safety incidents reported to the U.S. Food and Drug Administration, 96 per cent were related to technical issues. Some incidents resulted in futile searches for test results, inability to read test results and duplicate orders for procedures.
On a broad scale, the WannaCry ransomware attack in May 2017 affected 230,000 computers and took down entire pillars of Britain’s National Health Service (NHS). WannaCry is a virus that exploits a known weakness in Microsoft Windows, a platform that is widely used in hospitals across the world. The virus blocks all data on computer systems until a ransom is paid, so every aspect of digital life for caregivers, administrators and patients is affected.
In this case, the virus infected medical devices, caused ambulances to be diverted, and shut down 16 hospitals in the UK. For other hospitals, with computer systems shut down, operations had to be cancelled and emergency services halted. In addition, patient records became inaccessible.
The Evolving Threat Landscape
Cyberthreats to healthcare include hackers, botnet attacks, exfiltration (stealing medical information) and malware such as ransomware. By all accounts, a cyberattack on a healthcare practice is a matter of when, not if. Cyberattacks can shut down healthcare practices and dramatically impact patient care. They can also severely damage the brand and incur steep regulatory penalties.
Securing Availability and Business Continuity in Healthcare
There are critical units in hospitals and care centres that have no allowable downtime. Some surgical procedures depend on real-time data from digital diagnostic equipment. Sadly, there have been cases of patient deaths due to downtime events. According to a recent report, downtime delayed post-surgery treatment that led to a permanent disability for one patient, and death for another patient when images could not be transmitted for diagnosis.
In addition to the tragic loss of life, if a healthcare practice is not able to immediately restore access to data it faces regulatory fines, lost consumer trust and damaged employee morale. The key to surviving and thriving in the new healthcare landscape is a reliable, comprehensive business continuity plan. A keystone of a business continuity plan in this context of digital transformation is availability.
Three Critical Steps
With so much at stake, healthcare organisations must address business continuity, and they must do so quickly and thoughtfully. The three most critical steps to healthcare business continuity are:
1. Ensure continuity and availability
– Optimised backup and recovery strategy: Organisations need fast, reliable, scalable backup and recovery tools designed especially for enterprises. They must be able to quickly restore backups to meet Health Insurance Portability and Accountability Act (HIPAA) and other regulatory requirements. A good guideline for backups is the 3-2-1 rule: Have at least three copies of your data, store the copies on two different media and keep one backup copy offsite.
– Ensure you can quickly recover entire machines to the application level: Verifiable recovery of every file, application and virtual server every time is a must-have.
– Ensure data loss avoidance: Your availability solution should enable you to achieve major improvements in recovery point and recovery time objectives (RTPO) of less than 15 minutes for all applications and data.
2. Achieve digital transformation agility
– Cloud-based workload mobility: To ensure you can quickly recover entire machines, deploy cloud workload mobility to better cope with change and manage data more easily. You also must have the ability to test all applications and upgrades before they go into production. For cloud-based workload mobility leverage Azure or other public clouds for test/dev environments. This provides an easy way to spin up servers and workloads quickly.
– Workload mobility: The complex infrastructure of an enterprise involves physical and virtual machines, as well as private, public or hybrid cloud. To achieve an optimal setup, you need the right data management and availability solution that provides a certain degree of flexibility, to manage and migrate data easily.
3. Enable analytics and visibility
– Visibility and compliance to prevent system failure and downtime incidents: The visibility tool you choose should have real-time monitoring and reporting for any virtual environments in your infrastructure.
– End-to-end visibility for both physical and virtual machines: To be effective, it must also have end-to-end visibility for both physical and virtual machines, in order to prevent possible failures of any type of application or system.
– Creation of incidents based on events that happen in your environment: Finally, it must generate incident reports based on the events that happen in your environment, so you can correct and modify as needed.
In conclusion, meeting the high digital expectations of next-generation patient care can feel like a moving target for healthcare IT. Downtime, data loss and data security breaches put everything that is important to a healthcare practice at risk. Downtime events can even put patient lives in danger. The fact is, no healthcare organisation can afford to be unprepared in the modern healthcare market. To be successful in the new landscape, healthcare practices must be confident in their business continuity strategy. A holistic availability strategy may include deploying cloud workload mobility, increasing visibility and compliance, and optimising backup and recovery strategy.
References available on request.