Nov 26, 2014
Health care providers must handle an increasing amount of patient data, with sensitive information from tens of millions of people held on databases up and down the UK and Ireland.
However, as privacy and disaster recovery concerns become more important, is the health care sector adequately prepared to safeguard the information it possesses?
There have been a number of data loss incidents in recent months, as well as problems providing key services due to database problems and breaches. For health care organizations, this is particularly concerning, as they not only face reputational and financial damage, but also risk patients' lives.
This article will examine some of the recent events to hit the industry over the last year, the effects these have had and how comprehensive disaster recovery capabilities can help to minimize the impact of future problems.
IT system failures
There have been several significant IT system issues in health care organizations across the UK and Ireland over the last 12 months, with some crashing on numerous occasions.
Cork University Hospital (CUH) this month admitted it will take months to replace its laboratory IT server, which has failed five times in 2014. The institution's chief executive, Tony McNamara, told HSE South Health Forum delegates that a six-person team was working on a €600,000 server replacement.
The Irish Examiner reported him as claiming this would "obviate future breakdowns" and that the hospital had worked on disaster recovery plans to mitigate the effect of any problems.
However, the failure of the Laboratory Information Management System (LIMS) was so catastrophic that it forced CUH to contact the State Claims Agency in the event the hospital faced liabilities.
Problems with LIMS, which were caused by a corrupt database, meant doctors were not sure whether test results were correct. This significantly raised the risk of potential misdiagnosis and mistreatment.
Furthermore, the system served a number of hospitals in the region, including Mallow Hospital, Bantry Hospital, Kerry General and Mercy University Hospital's blood transfusion unit.
Disaster recovery problems
The problems at CUH are not unique; NHS Greater Glasgow and Clyde (NHSGGC) in Scotland suffered a catastrophic IT network failure in October 2013 that prevented clinical staff from accessing key systems.
As a result, over 700 patient appointments and procedures had to be cancelled, including chemotherapy sessions, operations and outpatient meetings. The system took three days to repair and the NHSGGC admitted that it did still not know exactly what had caused the problem, even after it was fixed.
"The unprecedented IT issue related to our network and the way staff connected to some of our clinical and administrative systems," Robert Calderwood, NHSGGC chief executive, said at the time.
According to Mr Calderwood, staff logged on through Microsoft Active Directory, which is a router system that identifies users and allows access to support systems.
"This was corrupted over the weekend which became apparent when staff logged on to the system on Tuesday after the holiday weekend," he added.
Preparing for database issues
These are just two incidents over the last year that have caused major problems for organizations in the sector, putting patient health at risk and affecting important services.
One way to protect against database issues is to build a sophisticated disaster recovery plan that takes into account all events that could result in IT systems becoming unavailable or corrupted.
For example, standby database technology helps companies recover quickly from such incidents by enabling them to failover to a duplicate copy of the primary system.
This ensures services can continue to run with minimal interruption while issues with the main database are processed. Maintaining standby databases in the cloud can also protect organizations from natural disasters or other instances where physical damage to buildings and IT systems could halt operations.