PulseIT today reported that Melbourne Health Group, a specialist cardiology practice located at Cabrini Health’s hospital at Malvern, was hit by a ransomware attack that encrypted their practice data. It’s not the first time we have seen this lapse in patient data security and it won’t be the last. So how is your practice data backup health?
Do you know the when, what, how, where and who of your practice backup?
When does your backup take place? Is it scheduled regularly enough that you could recover adequately if your datafile was lost?
What data is included? Does your backup include multiple copies of your practice data?
How is it collected? Do you have to run it manually? Does it warn you if it doesn’t proceed successfully?
How far back does it go? If you lost yesterday’s datafile, could you go back to an earlier copy?
Where is it stored? Is your only backup copy located on your network, where it is vulnerable to cyber-attack? Is it in the cloud – and if so, does its storage comply with the Australian Privacy laws?
Who is responsible for monitoring it? Many IT set and forget. Many practices assume the backup is working and only when disaster strikes do they realise their error.
Your backup is YOUR responsibility, but there is help available to ensure you have good processes in place to keep things safe and running smoothly. It is all part of having a good disaster recovery plan in your Practice Manual.
For a practice health check to improve your patient data security, contact Practice Management Plus for guidance and implementation support.