A guide to information backup in general practice

Case studies

A group of Melbourne-based general practices have sought to achieve an optimal backup procedure across their businesses. The optimal process may seem overwhelming and excessive; however, while having had some unexpected system downtime, none of the practices have ever lost any significant data.

Each practice has taken the ‘defense in depth’ approach to backup. This multi-layered and extremely thorough backup process provided extra assurance that business-critical information is secure and easily recovered in the event of a disaster or system failure.

When using the ‘defense in depth’ approach, the mission-critical primary physical server database (clinical and financial) is initially synchronised to a secondary onsite physical server every 15 minutes, and checked daily. Additionally, the backup is synchronised over the internet to a cloud-hosted storage site overnight. This occurs automatically.

Data is backed up daily to a NAS and a USB hard drive (which is rotated), and is then stored offsite.

All of the practices also backup their entire server system daily using third-party software in case a ‘baremetal restore’ is required. Archived backups dating back at least three years are kept offsite and stored in a dedicated archive server. If a backup is not completed successfully, failure notification email messages are automatically sent to the IT team and practice manager. The entire process is documented and reviewed periodically.

These thorough backup protocols have been incorporated across the practices to help guarantee there is enough redundancy to ensure the entire database can be restored and the practices can return to normal working order in the event the system completely fails. The ultimate objective of the backup strategy is to ensure business continuity by keeping unplanned downtime to less than 15 minutes.


A practice in New South Wales suffered a devastating failure a few years ago when a power outage occurred during the night and the uninterrupted power supply (UPS) did not correctly shut down the servers. The UPS instead ran until it was exhausted and the servers were suddenly without any power. This caused corruption in the database.

When IT support tried to restore the data from the previous night’s backup, from the backup the night prior to that, and so on, it was discovered that those three most recent backups were unusable. No one in the practice was aware the backups were unusable as they had not been tested for readability

The practice consequently lost three days’ of patient and business data, which proved to be disruptive and expensive for months afterwards.

The loss of data resulted in patients arriving for previously booked appointments that were no longer recorded in the practice systems due to the faulty backups. GPs in the practice had to rely on patients to provide information on what had occurred during visits on the days where the clinical information system data was missing. While there is no firm figure of the total cost resulting from the loss of data, for a practice with 12 full-time equivalent (FTE) GPs, the expense is likely to have run into the tens of thousands of dollars.

A medical centre that had been operating the same clinical information system for five years, recently encountered some serious issues.

A power outage in the surrounding area left the medical centre’s hardware to rely on its battery backup system to help ‘softly’ shut down its systems in the correct manner and sequence in order to avoid hardware damage and data corruption. Unfortunately, in the same way data backups need to be tested for validity, the battery backup had not been tested and failed when it was needed for the first time, leaving the server unprotected when power to the suburb was cut.

The consequences of not shutting down or restarting a computer safely can be catastrophic, especially when databases are not safely stopped and the hardware was not powered down. As a result of the power outage, the medical centre discovered it had not performed any backups of patient data, or of the server itself. The failure of the server hard drives and the subsequent data corruption due to the sudden power outage left the medical centre unable to recover any electronic patient files. This loss of data was a major disruption as the medical centre had been in operation for 15 years and converted to electronic records five years earlier.

This event attracts CPD points and can be self recorded

Did you know you can now log your CPD with a click of a button?

Create Quick log