On average, every person generates some 1100 terabytes (!) of medical data throughout their lives[1]. And this is only patient information. Don’t forget the data from clinical examinations, the recording of results and the various medical aids and appliances. In other words, a considerable accumulation of privacy-sensitive data which needs to be stored securely (on tape or elsewhere).
Impulse from the European Commission
The recently published EHDA regulation[2] (European Health Data Space) has led to an international standard being introduced by the European Commission for using and sharing medical data electronically. It has produced a single European format for patients’ files, electronic prescriptions, images, laboratory regulations and discharge reports which the member states are obliged to adhere to. This is a positive impulse for digitising healthcare data and for the availability of digital medical data.
Obligation to retain medical data
Obviously, not all data generated in healthcare needs to be retained. There is however an obligation to retain patients’ files for 20 years[3] after the last change. This is so that doctors can offer patients the best possible treatment on the basis of what is in the file. The Dutch Public Records Act moreover states that university hospitals must retain certain documents (such as operation reports and discharge letters) for up to 115 years after the patient’s date of birth.
Confidence in data privacy
Data is privacy sensitive, particularly in healthcare. Research[4] has shown that Dutch people only have moderate confidence in personal data protection. Just over 30% of those questioned have full confidence that healthcare providers store and process medical data securely. The many data leaks in healthcare in recent years have not helped to inspire confidence in information security when it comes to healthcare data.
Data leak at Albert Schweitzer hospital
A recent example is the incident[5] in the Albert Schweitzer hospital which has facilities in Dordrecht, Sliedrecht and Zwijndrecht in the Netherlands, where files containing data on 200,000 patients were accidentally deleted. These files contained notes made by the treating physician, results of examinations and referral notes which were unintentionally overwritten with new files with the same name. The good thing in this case was that the data did not get ‘into the wrong hands’. What it does show is that a good backup and recovery policy is indispensable.
Tape as a solution for healthcare
The right storage medium in combination with a good backup service are the central points of an efficient backup and recovery policy. Healthcare organisations need to have reliable backups available to minimise the risk of losing data. Offline tape storage at an external location is a secure, sustainable and cost-effective solution for privacy-sensitive medical data in healthcare.
What can Backupned do for you?
Backupned can offer you the choice of offline and online data transfer. In the first case, your backup tape is transported to an offline, off-site storage location. Online tape storage involves your backup software package transferring the data by means of a highly secure, high-quality fibre connection to an off-site storage depot. Retention times are determined and set up in advance. Once the data arrives, it is immediately written to data tapes, taken off grid and transferred to the offline, off-site storage location. Backupned can provide a full-service solution for this process and, if you so wish, advise you at every stage.
Healthcare is an area in which you deserve to have an experienced partner who is not only there to provide sustainable, consistent backups, but also to offer straightforward data recovery. If you have any questions about Backupned’s services, feel free to contact us.
[1] FME Position paper Data voor gezondheid (FME, September 2020)
[2] EHDS geeft digitalisering gezondheidsgegevens impuls (Zorgvisie, May 2022)
[3] Hoe lang wordt mijn medisch dossier bewaard? (Rijksoverheid [Central Government])
[4] Vertrouwen in privacy van medische gegevens geschaad (Capterra, June 2021)
[5] Albert Schweitzer-ziekenhuis wiste per ongeluk bestanden van 200.000 patiënten (Tweakers, March 2022)