Data Center

Disaster Recovery as a Service: 5 Things Healthcare Teams Should Ask

The model, also known as DRaaS, is a simple way to ensure business goes on during unexpected events. Here’s what to ask potential providers.

Joel Snyder

Joel Snyder, Ph.D., is a senior IT consultant with 30 years of practice. An internationally recognized expert in the areas of security, messaging and networks, Dr. Snyder is a popular speaker and author and is known for his unbiased and comprehensive tests of security and networking products. His clients include major organizations on six continents.

1. Are you a good match for my IT portfolio?

DRaaS providers vary considerably in their capabilities when it comes to virtualization, hardware and even OS selection. A starting point for any discussion is an inventory of the organization’s applications and hardware and software platforms to make sure a potential provider can work with everything in your stable.

2. Can you meet my recovery targets?

Recovery point objectives (“how much data am I willing to lose?”) and recovery time objectives (“how fast can I be up and running?”) are perhaps the most important parts of your DRaaS conversation. Providers often price their services based on these numbers, so decide what your organization requires and get that on the table early.

DISCOVER: Find out why telehealth solutions are vital in a disaster.

3. How will users get to their applications?

Most back-office healthcare staff can quickly pivot back to remote work. But having clinical and lab applications running in DRaaS is useless if users can’t access them. Consider failure scenarios and whether you need extra bandwidth capacity, faster VPN hardware or even a backup LAN within your building to connect to the DRaaS provider.

4. How are we going to test, and how often?

A good DRaaS provider wants to test a lot, because the more testing you do, the more likely everything will work when it’s really needed. While testing is expensive and resource-intensive, a solid plan from the DRaaS provider is your best assurance that it knows what it’s doing and will be the calm voice of reason when a real disaster strikes.

5. Does the provider match my security requirements?

Healthcare IT teams work hard to properly secure patient data, and that security also has to be maintained end-to-end with DRaaS. Request a SOC 2 report to be sure that any DRaaS provider being considered can align with your own requirements for security and risk mitigation.

frontpoint/Getty Images