A guide to information backup in general practice

Data recovery

The time taken to restore data is an important factor in creating a backup plan. In the case of critical systems, for example, you might need to get back online quickly and thus might need to alter your backup plan.

Frequent testing and validation of data readability will assist with a more timely data recovery and reassure your practice that its backup and recovery system is working.

It is important to regularly test that your backup has worked and to test the integrity of your backup data once it has been restored. This ensures the backup has been successful and the restored data is accurate, correct, complete and preserved for future use.

Ensure that your backup software performs these tests and restores to 100% accuracy by validating the restored data against what is held in the live system.

It is essential to consult an IT professional about your specific requirements when looking at different types of backups for your practice. Potential questions:

  • Who is responsible for ensuring the backup happens?
  • How often should we backup our data?
  • Where is the data being held offsite and is it being held securely?
  • What information do we need to back up?
  • Discuss the IT professional’s role in your practice’s business continuity plan?
  • How quickly can our practice recover in the event of a disaster?
  • Is our practice backing up all the data it requires?
  • How do we perform routine checks to validate that our backup data is complete and correct?
  • How do we regularly test the restoring of our backup data?
  • What type of security is used to protect our practice backups?

Your practice must have an effective system for managing patient information, as well as ensuring the security of your patient health information, in order to meet general practice accreditation requirements and comply with the RACGP’s Standards for general practices (5th edition) (Criterion C6. Information security). This includes ensuring practice computers:

  • are only accessible, via individual password access, to people in the practice team with appropriate levels of authorisation
  • feature screensavers or other automated privacy protection devices that have been enabled in order to prevent unauthorised access
  • are protected by regularly updated antivirus software
  • that are connected to the internet are protected by appropriate hardware/software firewalls.

Refer to the RACGP’s Information security in general practice for extensive information relating to computer security in general practice.

Bare-metal restore

A process in which files in multiple locations update each other – copying changes back and forth – whether it be real-time local or offsite. There are many different file synchronisation software packages.

This event attracts CPD points and can be self recorded

Did you know you can now log your CPD with a click of a button?

Create Quick log

Advertising