We recently onboarded a new dentist client that has multiple locations with a server at each location and they are using Dentrix on a Windows server. As part of our onboarding checklist we examine the backup process and look for two points - is the backup sufficient and is it HIPAA compliant.
Dentrix is SQL database driven so to cover yourself and protect your data you should have backup software that is actually making copies of the SQL database and not just the actual file. In this scenario our new client was using two methods, one is a plain vanilla built in windows backup and the other was a CrashPlan backup.
The last thing you want is to find out that this backup wasn’t sufficient when your server crashed and you really need your data. For our backup needs we use CloudBerry which actually has a SQL plugin for an additional cost. It makes a direct copy of the SQL database with multiple versions so we can restore the actual database and not just the actual file.
If you want the maximum protection you should really consider a business continuity solution like Datto. In addition to a cloud backup Datto is a small device that sits at your office and makes a complete image of your server. Taking a complete image assures that you are backing up everything and you will be able to successfully restore it.
In order for your backup to be HIPAA compliant it must be encrypted while at rest and in transit. That means a plain old windows backup to a USB drive is not HIPAA compliant because it’s not encrypted. The Crashplan cloud backup would probably not be HIPAA compliant either because it’s being transmitted unsecurely and unencrypted.
If you are medical practice in New York City or Long Island that needs a HIPAA compliant IT company to help you with your tech needs, please contact us for a free consultation.