Healthcare Information Security

Cybersecurity News

Improve Healthcare Data Security with a Strong Backup Strategy

Organizations need to incorporate data management and cloud computing into their backup strategy for more comprehensive healthcare data security.

strong backup strategy necessary for healthcare data security

Source: Thinkstock

By Bill Kleyman

- In working with healthcare organizations, there are constantly two topics that are brought up: healthcare data security and resiliency. Of course, there are other conversations around user experience, cloud, and so on. However, a major outage or a massive security breach can certainly be the costliest challenges for healthcare.

When it comes to experiencing an outage or a disaster, only 27 percent of companies received a passing grade for disaster readiness, according to a 2014 survey by the Disaster Recovery Preparedness Council.

Furthermore, Ponemon Institute and Emerson Network Power recently released the results of the latest Cost of Data Center Outages study. Previously published in 2010 and 2013, the purpose of this third study was to continue to analyze the cost behavior of unplanned data center outages. According to the new study, the average cost of a data center outage has steadily increased from $505,502 in 2010 to $740,357 today. With maximum downtime costs for 2016 topping out at $2,409,991.

Now, let’s look at a data and security breaches. A recent survey sponsored by IBM Security and conducted by Ponemon Institute shows that the average cost of a data breach is $3.62 million globally, which is a 10 percent decline from the 2016 survey. However, healthcare data breaches cost organizations $380 per record. That is more than 2.5 times the global average across industries at $141 per record.

So, what is all of this costing the healthcare world? An annual study on healthcare data security revealed that data breaches in healthcare are costing the industry $6.2 billion, and remain consistently high in terms of volume, frequency, impact, and cost. These costs have yet to decline since 2010, despite a slight increase in awareness and spending on security technology.

READ MORE: 3 Key Steps for Stronger Data Security in Healthcare

With this in mind, let’s try to take care of a few challenges with one overall solution: a good backup strategy.

Over the last couple of years, new solutions from a variety of vendors offer some great backup options when it comes to healthcare. Heavily virtualized environments can leverage technologies like Veeam. Or, you can work with new solutions from Rurik or Cohesity for advanced data management and instant availability to key applications.

Similarly, you can optimize your entire backup and storage strategy by adopting all-flash arrays like those from Pure and make restoring data much easier.

These are all great options which, based on your use-case, can help you become a lot more resilient. To that extent, it’s important o understand why a good backup strategy is important for both data management and security.

It allows you to follow the 3-2-1 backup rule

I’ve written about this rule in the past. Basically, this means that you have at least three different copies of your backup, stored on two different types of media, and at least one backup must be offsite. Remember, just because your backup is working doesn’t mean you can restore efficiently. Legacy backup and tape systems can take a long time to recover. Some healthcare organizations are now leveraging encrypted all-flash arrays for super-fast backup and recovery. Not only does this allow you to recover quickly, you can also effectively secure your data. This can really help out in the event of a ransomware attack.

Don’t just backup – do data management

READ MORE: Creating a Culture of Data Privacy, Security in Healthcare

Is the data being compressed? Is the storage platform properly doing your backups and retentions? Do you have deduplication enabled? Are you doing snapshotting? How are you categorizing various backup points and are you doing data management? I mentioned them earlier, but solutions like Cohesity don’t just “backup” your systems. They provide copy data management, end-to-end data protection, and even data analytics. These types of systems help simplify both data management and data protection. Most of all, they help you create a platform that’s capable scaling into the cloud.

The cloud can be your friend

Good backup solutions will absolutely give you healthcare-ready cloud options. This means ensuring encryption of data in-motion and at-rest while replicating or transferring your data into the cloud. Policy-based architectures grant you complete control of the data flow and allow you leverage compliant cloud models for data storage and backup. These are great options to extend your backup infrastructure to allow for both security and resiliency.

If it’s been a while since you’ve gone over your backup strategy, maybe it’s time to do so. Review your best practices and understand where there are gaps. Furthermore, make sure you align your backup strategy with your security architecture.

There’s a slim line between losing data to a breach and losing data to an outage. Neither of them are fun, and a good backup strategy can help with both.


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks

Continue to site...