When Disaster Strikes: Choosing a Strategy for Protecting Patient Data

Protecting patient data is a crucial responsibility in any medical Practice. As a result, unexpected, large-scale data loss is one of the scariest things that can happen, even more so when you aren’t prepared. 

Consider for a moment that you’re running a Practice that has just experienced significant data loss, and ask yourself the following questions:

  • Can you afford to lose your patients’ records?
  • Do you have the time to re-key even one day of patient notes, results, accounts, etc.?
  • How much will this cost the Practice in IT costs and operational downtime?
  • What is the effect that this will have on your ability to provide patient care?

Data loss can happen to anyone at anytime, and is a real risk for medical Practices. Data loss can occur due to human error, hard-drive damage or failure, viruses, malware, natural disasters, or theft, and we’ve seen Best Practice Software customers lose up to eight months of patient data due to weak backup practices. 

For this reason, it’s critical every Practice regularly backups their database to protect patient data. Good backup practices are also important as they should form part of your business continuity and disaster recovery plan. It’s far better to be proactive before you are forced to react to a data loss emergency.

How Can I Be Sure I’m Protecting Patient Data Effectively?

Best Practice Software recommends that you back up your data daily using the backup utility that’s supplied with Bp Premier. You can manually back up your database at any time, but it’s good practice to set up a scheduled backup to run overnight, or during a time of minimal server activity.

What if I use a third party backup utility?’ I hear you ask.

There are a multitude of third party utilities that can provide a backup solution for SQL and Windows OS, however not all features may work without approved access to your databases. Secondly, our Bp Support team members are trained on the supplied utility, and they can utilise this to restore your site more quickly to working order, in the event your IT provider is not contactable, or your third party solution has failed.

Once you’ve backed up your data, how confident are you that your backup is valid and in working order? Having a separate test server would allow you to regularly test your backups to ensure their validity. If you do implement this, please ensure the test server is not connected to your network or internet. This will prevent it from causing any potential conflicts with your live systems and services used by Bp Premier.

Implementing a test server has two main benefits:

  • You can regularly test that your backups are working
  • It provides a fallback should your main server fail

To ensure consistency across your test and live environments, you should always try to keep the Bp Premier installation on your test server current with the version of Bp Premier that you’re running in your live environment. Your test server will also need to have the same version of SQL as your live server. You should aim to perform a test restore of your backed up data at least once per month. This ensures that protecting patient data isn’t being entrusted to a corrupted backup.

Local backups are adequate to recover from small errors. But what if your Practice was completely destroyed due to fire or theft?  The 3-2-1 backup rule should be considered as part of your Practice’s disaster recovery measures.

The 3-2-1 rule is:
Keep at least three separate copies of your data, store two copies of your backups on different storage media, with at least one of those backups located in a secure offsite location.

Automatic Scheduled BackupsManual BackupsScripted Backups
  • Can be scheuled to occur at a time that is convenient for the Practice – e.g. multiple times a day, or outside of business hours
  • It can be backed up locally, or to a network location
  • Can be performed as a compressed or uncompressed backup
  • Previous backups can be deleted as more recent backups are created
  • Notifications can be provided to selected users who use Bp Premier to advise of a failed backup
  • Once started, is unable to be cancelled
  • Can be run at any time of the day
  • Has both compressed and uncompressed options
  • The utility to perform manual backups is provided free with Bp Premier
  • Manual backups are done via a simple process that can be used when impromptu backups are required – e.g. incoming bad weather
  • Manual backups can be cancelled once started
  • SQL backups can be performed through utilising commands in the command prompt
  • Scripted backups can be simple – e.g. backing up a single file from the set
  • Or they can be performed in a more complex way – e.g. complex queries targeting specific datasets
  • Can be executed through the Windows task scheduler
  • Uses the BPSBackup user
  • Uses the Practice’s database password

Things You Should Consider When Backing Up Data

How can I tell if my backup is working?

    • Each time a backup is performed, a record is written to the log file, simply titled log. This file can be found in the C:\ProgramData\Best Practice\Log\directory
    • Check backup location – Is there a new backup file(s)? Is it slightly larger than the previous day?
    • Regularly test restore on a ‘backup server’

Should I run a compressed or uncompressed backup?

Pros Cons
Compressed Backups
  • Creates a single ZIP file containing a file for each Bp Premier database
  • Backing up to one file ensures that the entire backup is in one location, and there is no chance of missing data
  • Much slower to perform than an uncompressed backup
  • Compressed backups require space on the C: drive equal to three times the size of your database
Uncompressed Backups
  • Much quicker to perform than a compressed backup
  • A suitable option if you have limited disk space on your C: drive
  • Creates an individual file for each Bp Premier database, so you need to ensure that all files are stored in the same location if a restore is ever required

How Often Should I Backup My Data?

We recommend backing up your date daily – as a minimum. When asking yourself how frequently you should backup your data, consider how much data you’d be willing to re-enter if a server failed during the day

Further information on backing up your data in Bp Premier is available on our Knowledge Base, which can be accessed from within Bp Premier by selecting Help > Online. Search for ‘Backup and Restore Bp Premier’, or ‘Backup Troubleshooting’, for assistance on backing up and protecting patient data.

Protecting patient data via the methods outlined above can, at first, seem like a lot of work. While it does require some planning, the effort required to keep your Practice data safe pales in comparison to the monumental task of attempting to rebuild a database that has been corrupted, stolen or otherwise disrupted.

As the saying goes – prevention is better than cure.

Share this article: