Do you remember the tornado that hit Joplin, Mo. a few years ago? It was one of the deadliest tornados in U.S. history, killing 158 people, injuring 1,150 more, and causing almost $3 billion in damages.
The city’s largest medical center, St. John’s Regional Medical Center (now Mercy Hospital, Joplin), was destroyed and its replacement is scheduled to be completed in 2015. Fortunately, St John’s/Mercy had already transitioned from paper-based patient records to electronic health records (EHR) before the tornado hit, and so doctors and other health care professionals could access those records instantly.
Mercy Hospital invested $60 million into IT, which enabled them to migrate to EHR and have this level of failover protection. Most medical practices, however, do not have remotely this type of budget to digitize their patient health records, let alone set up a secure and recoverable system.
Granted, few medical practices will face anything akin to the Joplin tornado. But all of them need to move to secure, disaster-resistant EHR standards if they haven’t already. Government regulations, most notably HIPAA Section 164.308, require that medical practices, including associates and subcontractors, must comply with guaranteed levels of security in emergency operations planning, disaster recovery, and data backup. Those that aren’t already compliant risk fines and other punishment.
Even if Federal and state regulations weren’t an issue, the need to move from physical to electronic health records is a pressing one for healthcare professionals. The reasons are evident:
- Missing or incomplete patient data could lead to complications or even death of the patient.
- Downtime caused by missing or inaccessible data can cripple the health and viability of a practice.
- Data breaches caused by improperly secured information can lead to lawsuits, which can also threaten the viability of the business.
Given these hurdles, an MSP that can provide healthcare practices a means to migrate, secure, and recover patient records should find itself inundated with potential customers. My dentist friend Dr. B worries about having the resources to comply with stricter regulations, among these other concerns.
As an MSP, what can you do to help healthcare practices avoid a “data tornado?” Here are a couple of quick suggestions:
1. Support specialized Practice Management Software (PMS).
There are specialized PMSs for pediatricians, neurologists, dentists, and pretty much any other medical specialty you can think of. These products vary in the types of licenses, interfaces, and databases used, and you need to be able to support any one of them. You should be able to keep the information stored in these applications secure and in compliance, so that your customers don’t have to moonlight as IT experts.
If you can provide a reliable, easy-to-use PMS for your customers, along secure migration help from an older PMS or from paper records, you should be able to nab additional customers, many of who have no idea where to begin with all this stuff.
2. Provide multiple backups in different locations.
John Motazedi, CEO of Joplin, Mo. MSP SNC Squared, recommends a “belts and suspenders” approach to backup and disaster recovery, where you create at least one onsite backup for quick disaster recovery and two additional offsite backups in case your customer’s place of business is destroyed by, say, a tornado. SNC Squared was able to get Joplin’s Family Health Center up and running with all of its EHR intact within 72 hours after the tornado, despite the tornado completely destroyed its facilities.
If you’d like to get some additional best practices for MSPs, check out StorageCraft’s ebook, Five Prescriptions to Stop Healthcare Disasters, available here.