Nuesoft Website  |  Blog Home  |  Contact Information

In a recent post by John Lynn on the EMR and HIPAA blog, he broached the subject of off-site backup services, and suggested some solutions for medical practices that need a way to back up their patient data.

Nuesoft has nothing but respect for Lynn and the EMR and HIPAA blog, but we can’t help but feel that this post missed the mark a bit. Rather than encouraging medical practices to look for quick and easy fixes to the pesky backup problem, why not remove backups from the health information technology dialogue? Data backups are a by-product of client server technologies of the 1990s. To truly reach the level of widespread health information technology adoption that the government is envisioning, then we need to look toward more modern and viable HIT solutions.

Most EMR solutions installed in medical practices are client server models. While users of some of these client server systems may opt for a backup solution like those described in Lynn’s blog, the vast majority will handle backups themselves. Let’s be realistic – how many doctors have the time or the expertise to adequately replicate data and ensure that it is completely secure (and HIPAA compliant) and fault tolerant? To do so requires a practice’s main server and its database to be replicated via a back up server within the same network, or connected via a wide area network, and then monitored constantly. The answer is, most doctors aren’t equipped or staffed to handle back ups, and the result is that the back ups just won’t get done – or at least not to a level that is adequate or truly secure.

Nuesoft wonders, in this push for broad EHR adoption, why aren’t more people concerned about the fault tolerance issue and discussing it openly? EHRs are truly mission critical applications. Timely access to information by a provider can have life or death consequences. Consider this: there are 161,200 medical practices in the United States. If we assume that a conservative 45 percent of these practices adopt a client server EMR under HITECH, and that a mere 1 percent of those EHR systems go down and leave users without access to patient data, think of the number of practices – and patients — that would be impacted! Providers would be without access to patient charts, and would lack the ability to review drug allergy or interaction information, medical history, or other critical components of the patient record.

This is a frightening – albeit realistic picture of the potential risk that client server models, with their many shortcomings, pose to the health care system. It’s time to stop talking about ways to help physicians compensate for client server technologies, and embrace emerging technology models such as Software as a Service (SaaS), or cloud computing, which are better suited to a mission critical environment. Even in the event that a SaaS program is temporarily unavailable, the data is safe, whereas with a client server scenario the loss is more often than not a permanent loss and the downtimes are much lengthier. The HITECH Act gives us the perfect opportunity to usher in new technologies like SaaS that will expand interoperability and relegate legacy technologies to a thing of the past.