Business Continuity by Design

March 1, 2007

In recent history, catastrophic disasters have dramatically highlighted the need for business continuity planning. Modern statistics indicate that if an organization is prohibited from accessing mission-critical data for more than 48 hours, it may go out of business within a year.

Disaster recovery focuses primarily on risks, data protection and planning. However, business continuity planning takes this one step farther by designing the means to keep an organization operational during and after an event. While large-scale disasters are fairly rare, most facilities will, at some point, experience localized events such as fires, power outages or flooding. Although data recoverability/protection is a regulatory requirement for healthcare providers, rapid access to that data also is an essential aspect for any healthcare provider. It is not sufficient to replicate data from one site to another—the data needs to be accessible and usable as well.

In recent history, catastrophic disasters have dramatically highlighted the need for business continuity planning. Modern statistics indicate that if an organization is prohibited from accessing mission-critical data for more than 48 hours, it may go out of business within a year.

Disaster recovery focuses primarily on risks, data protection and planning. However, business continuity planning takes this one step farther by designing the means to keep an organization operational during and after an event. While large-scale disasters are fairly rare, most facilities will, at some point, experience localized events such as fires, power outages or flooding. Although data recoverability/protection is a regulatory requirement for healthcare providers, rapid access to that data also is an essential aspect for any healthcare provider. It is not sufficient to replicate data from one site to another—the data needs to be accessible and usable as well.

Many times, emphasis is only placed on backing up systems, taking tapes offsite or locking them in a fire safe. But what happens if you need to restore the data at another facility to get the organization functional? It would take days or even weeks to rebuild systems at another facility and load the data. Building business continuity into the design of the infrastructure prevents a localized event from disrupting the entire organization.

System Design Components
The three main components of a business continuity plan are:

• Duplicate (or near duplicate) hardware infrastructure. Hardware resources need to be available immediately after an outage. Many sites may elect to purchase a smaller-scale version of their existing primary site hardware to maintain operations at an affordable price. This smaller system can function in place of the primary system, but offers a lower level of performance.

Data replication. The only way to protect data is to have it duplicated and stored in more than one location. The format can be tape, disk or content addressable storage. Replication can be achieved either asynchronously or synchronously. Asynchronous replication, typically used when network bandwidth is low, sends batches of data incrementally to other systems at specified time intervals. This method carries a greater risk since the data acquired between the last transfer and the disaster will be lost. Synchronous replication continuously transfers new data from the primary site to other duplicate sites, thereby reducing the risk of data loss.

Instant (or nearly instant) application availability. Application software is just as important to operations as data and hardware, and is often overlooked. If duplicate application software is not available, a site will not be able to resume operations even with redundant data and hardware resources.

Business Continuity in Action
Let’s examine a business continuity plan designed for a large U.S. healthcare provider that conducts radiology imaging services at multiple locations. All imaging studies are transmitted to the main data center, where they are forwarded to radiologists for reading. This provider needed to ensure that imaging studies could be read at another location if the main data center was damaged. Instant application recoverability was a design requirement.

As the architect on the project, I created identical hardware at a remote site and used an innovative software platform that allows the two archival systems to be online at the same time and to synchronize themselves. Since this software platform separates the end-user application from the physical resources making up the underlying architecture, it allowed the application running at both locations to be available at the same time, with the same data and with the same configuration.

Figure 1 shows the workflow at this site. After a study arrives at the primary site archive, the archive ingests it, indexes it, bundles it up and stores it on local RAID. In the process of storing it locally, it contacts the remote archive, opens a communication channel and sends it by utilizing its synchronization middleware. The remote archive stores it locally and updates its local index as well. The remote archive is running all the same services that are being provided locally such as DICOM store, DICOM query and HL7. If the primary system is offline for any reason, application services can be restored by configuring user workstations with the remote archive’s network address. Once the primary system is restored, the synchronization middleware will update it with any new studies or changes it received during the outage. Application availability is only a quick login away from the end user, and the healthcare provider can continue operations if the primary data center goes out of service.

Figure 1
Click
here to see larger image.

 Emerging Technology Facilitates Continuity
While business continuity is certainly possible today, it should become much easier in the future thanks to an emerging technology called GRID computing. GRID computing involves layers that perform specific functions for the overall architecture. Higher layers are user-centric, essentially providing applications or portals to the end user. The secondary layer is the middleware, which acts as the brain to glue the application layer to hardware resources (the third layer). And the final layer is the network that provides connectivity to all resources. While a GRID-based operation does not ensure business continuity, the design of its architecture certainly facilitates it.

Most healthcare providers have operations in multiple locations. Since highly available access to patient medical records is made possible through an end user portal, a medical data GRID architecture such as Kodak’s

CARESTREAM Information Management Solutions is ideally suited to support a distributed system. The application service layer is agnostic of the location of the GRID’s physical resources. This virtualizes the infrastructure from the end user’s data access perspective.

Here’s how the system works. A radiologist needs to retrieve a prior imaging exam for a patient, so he queries the Data Access Point (DAP). He receives back a list of studies that he needs. At that moment, the primary data center is destroyed by an unforeseen event. Instead of pulling the data from the primary data center, the DAP will dynamically pull from the secondary data center, and the user does not even know the primary site was disturbed. GRID solutions are ideal for providers with geographically dispersed sites since end users can continue operating while the damaged site begins to rebuild. This allows both the delivery of patient care and the realization of revenue.

Ancillary benefits of this architecture are its “grow as you go” capabilities. More resources such as servers, RAID and tape libraries can easily be integrated into the resource layer of the overall GRID architecture.

The Stakes Are High
A healthcare facility’s plan for smooth operations and recovery in an emergency can greatly influence its long-term success. In the past, only large institutions attempted to achieve business continuity, since it often required custom software and major upgrades in infrastructure. With the advent of industry standard architectures, healthcare providers of all sizes should be able to enjoy business continuity at a reasonable cost. In the future, GRID architecture will offer an even more scalable and affordable means to ride out the storm.
 

Victor Wainwright is a solution architect for Healthcare Information Systems Professional Services with Kodak’s Health Group. Contact him at victor.wainwright
@kodak.com
.

Sponsored Recommendations

Enhancing Remote Radiology: How Zero Trust Access Revolutionizes Healthcare Connectivity

This content details how a cloud-enabled zero trust architecture ensures high performance, compliance, and scalability, overcoming the limitations of traditional VPN solutions...

Spotlight on Artificial Intelligence

Unlock the potential of AI in our latest series. Discover how AI is revolutionizing clinical decision support, improving workflow efficiency, and transforming medical documentation...

Beyond the VPN: Zero Trust Access for a Healthcare Hybrid Work Environment

This whitepaper explores how a cloud-enabled zero trust architecture ensures secure, least privileged access to applications, meeting regulatory requirements and enhancing user...

Enhancing Remote Radiology: How Zero Trust Access Revolutionizes Healthcare Connectivity

This content details how a cloud-enabled zero trust architecture ensures high performance, compliance, and scalability, overcoming the limitations of traditional VPN solutions...