CREDIT: Orthodontic Products
You might be familiar with using external hard drives as backups for your personal information—photos, contacts, documents, and more. But it can be just as important for orthodontic practices to back up their information and keep it off-site.
Off-site backups provide another layer of security beyond backing up information in a cloud or on a second server at the company’s office. It can provide security in the case of an office being physically compromised by fire, flood, or other disasters, and from the threat of hackers targeting valuable healthcare data.
ShelterBlue, a healthcare technology company based in Georgia, focuses on providing such off-site backup services for orthodontic practices. CEO Chris Knor says that storing data in the cloud isn’t enough security, and off-site backups should be the standard practice.
“The importance of a backup is multifold,” he says. “You should have a local backup, and be backing up every night. The old mantra is: one is none, two is one. And the other is the off-site backup. An office should have redundancy. The business continuation plan would be, God forbid the pipes burst or my place burned to the ground, how do I keep seeing patients tomorrow?”
An off-site backup allows practices to dial in to their servers remotely. In the case of ShelterBlue, that server is in Lexington, Ky.
The company also specializes in what Knor calls “disaster recovery,” going a step further than just duplicating your files in the cloud. The company started about 5 years ago with a focus on doing encryption for orthodontists, a very targeted market. These days, ShelterBlue still focuses on orthodontists but also has dental and surgical clients.
Yes, cloud storage options like Dropbox and Mozy offer a backup for pictures and the like; but what about your data if the worst happens? “How are you going to get your data back?” asks Knor. “If they don’t know healthcare, they can’t and they won’t be able to put your data on a server and let you dial in.”
In many ways, healthcare data is the next frontier in identity theft. When hackers try to steal or are successful in stealing healthcare data, they don’t just get access to financial information but also detailed personal health records. And with the shift to electronic health records in the industry, as opposed to just using old-fashioned paper documents, there’s more personal health information available to hack than ever before.
There’s also a large perception that the healthcare industry is lagging behind when it comes to cybersecurity, as Virus Guides reported earlier this year. All of that combined effectively makes the sector a big target.
“There’s so much more information in healthcare records than if you had just a credit card number,” says Lloyd Woods, chief information officer at ShelterBlue. “You can almost build a profile of a person as opposed to just financial records. And you’re also setting hackers up for years to come.”
Knor added that patient data is “supposedly 10 times more valuable than a credit card.”
Off-site backups can also help to deal with ransomware hacking—attacks in which hackers steal data and prevent medical staff, in the case of healthcare, from accessing it on their own systems until they pay a ransom.
One such ransomware attack in early 2016 targeted a hospital in Los Angeles. Hollywood Presbyterian Medical Center ended up having to pay a $17,000 ransom to the hackers to get a decryption key in order to access its records again, The Washington Post reported.
Using off-site backups can help protect an orthodontic practice from having to fork over money in the case of such attacks.
“If you have a good local backup or off-site backup, you don’t have to pay the ransom,” Knor says.
Aside from ransomware attacks, there have been a slew of data breaches at healthcare providers and other companies within the healthcare industry in recent years. A cyberattack at insurance company Premera Blue Cross made millions of customers’ records vulnerable. Another health insurer, Anthem, was also hit with a data breach.
In case an orthodontic practice does experience a data breach, Woods says, services like those provided by ShelterBlue can take the stress out of accessing data in crisis situations.
“A practice had a snowstorm shut off power at one of their locations,” Woods offers as one example. “In the meantime, they had another location that had full power but the server wasn’t up. All we did was grab their data off the off-site backup. At least with us, it’s not a situation where we just have to ship them a hard drive.”
Knor said that with all the hype around using cloud storage, he still wants people to recognize the importance of a physical storage facility.
“I think ‘server’ has almost become a four-letter word in the industry because people think they need to go to the cloud,” Knor says. “I could literally put a server in my basement and have you dial into it, and you might think it’s the cloud. We’re disaster recovery. Backups are something that’s fairly vanilla for a doctor, but once they realize backups aren’t all the same, and it’s something they have to have, it makes good business sense.” OP
A.J. Zak is a freelance writer for Orthodontic Products. She can be reached firstname.lastname@example.org.