Disaster Recovery Plans Lacking at a Majority of Hospitals: Report

Data storage vendor BridgeHead Software has released a report showing that only 26 percent of health IT executives surveyed have a tested disaster recovery plan in place at their organizations.

Health care organizations are not taking the steps they need to avoid data storage disasters, according to a new report by BridgeHead Software, a storage and management vendor.

For this survey, called the "BridgeHead Software International Healthcare Data Management Survey," the company interviewed 158 health care executives mostly in the United States and United Kingdom about their data-management plans. BridgeHead released the results of its survey on June 28.

Among priorities for health care IT leaders surveyed, 54.6 percent cited disaster recovery, followed by 53.7 percent for server virtualization and 49.2 percent for digitizing paper records.

Although 65 percent of health care executives reported that their data volumes had increased in the past year, only 26 percent had established a "robust, tried-and-tested" data recovery plan, BridgeHead reported.

This data growth was a key factor in IT budget increases for hospitals, according to the report.

In addition, 64 percent of organizations had a disaster recovery plan, but 38 percent hadn't tested it, the company said.

Data disasters could include a data breach, a natural disaster like a hurricane or a hardware failure.

"The one possibility that seems to worry health IT professionals more than any other is that important patient information can be irretrievably lost or damaged, whether because of negligence, a malicious hacking attack, a system outage or a disaster," the report stated.

For health care IT leaders, the biggest challenge is managing radiology images, such as X-rays, Magnetic Resonance Images and ultrasounds stored in picture archiving and communication systems (PACS), Jim Beagle, CEO of BridgeHead Software, told eWEEK.

Of the health care organizations surveyed, 32 percent planned to move to a new PACS within the next five years, BridgeHead reported. For 51.4 percent of health care IT leaders, a vendor-neutral platform will be a requirement for PACS systems.

After PACS images, electronic health records (EHRs) and scans of proof of identity documents also contributed to the data surge, the report revealed.

Data-management technologies lead to interoperability of data systems, reduce IT costs and increase IT efficiency, according to BridgeHead.

Other storage challenges for the health care industry are managing the data sets in ophthalmology and digital pathology, said Beagle. These silos of unstructured data are difficult for health care organizations to manage, noted John McCann, director of marketing for BridgeHead.

"They're moving from silos of departmental data and from disparate data sources, and as they continue to grow significantly larger, the IT professionals can take control of the responsibility for business continuity and disaster recovery for all applications and not just PACs," said Beagle.

Of the respondents, 45 percent of facilities planned to implement a major storage upgrade of 1 terabyte or more in the next year, according to the report.

Among those executives interviewed, 34.3 percent were IT directors, 33.6 percent were senior IT executives, 5.7 percent were PACS administrators and 3.6 percent were backup and storage executives.

Because backup and recovery takes more than 24 hours, hospital IT departments sometimes decide not to back up their systems on a regular basis, a practice that can be a recipe for unrecoverable disaster, said Beagle.

Of health IT leaders surveyed, they preferred private clouds over public clouds and were unlikely to adopt public clouds, according to BridgeHead. The health care industry generally has been slow to adopt cloud-based applications, according to a 2011 CDW report.

Despite the lack of growth in public cloud adoption by health care organizations, facilities need to be far enough apart in case a natural disaster like Hurricane Katrina destroys a hospital facility, said Beagle.

"You need to ensure that your physical location is at least 7 or 8 miles apart so that a natural disaster is unlikely to hit both of your physical data locations," said Beagle.

Better yet, a cloud bunker should be hundreds of miles away, said McCann.

An ideal disaster-prevention plan would involve a hybrid plan, with one copy of the data on-premise and the other in the cloud, said Beagle.