HIPAA-compliant back-up device on tap

Back-up appliance vendor Storserver is expected to announce this week one of the first storage devices that conforms to new government privacy rules and regulations for healthcare institutions and hospitals.

COLORADO SPRINGS – Back-up appliance vendor Storserver is expected to announce this week one of the first storage devices that conforms to new government privacy rules and regulations for healthcare institutions and hospitals.

The HIPAA Conforming Storserver Backup Appliance, a combination of hardware, software and services, enables customers to comply with the new Health Insurance Portability and Accountability Act of 1996 guidelines, which go into effect Oct. 16.

Storserver partnered with a HIPAA consultant and training company, PDM Consulting, to develop the back-up appliance, software, training and associated StorserverPDM Services. The Storserver package, which is aimed at large companies, includes the back-up appliance, which consists of disk and tape drives, and software that lets it store data in such a way as to conform with HIPAA privacy, retrieval and security regulations. It also can contain optional consulting services to assist customers in implementing and meeting patient privacy and security guidelines, and HIPAA-specific training, documentation, back-up, archiving and disaster-recovery services.

Patient data is backed up initially to the Storserver disk as changes to data take place, ensuring that data can be restored completely if a failure occurs. That data is later backed up to tape drives contained in Storserver for archival purposes. When data is backed up, a unique ID is assigned to each piece of data, which lets all the information related to a patient be retrieved from disk or tape by his name, account number or other identifier. Storserver uses Tivoli Storage Manager to back up, archive and retrieve data.

The Storserver back-up appliance meets HIPAA mandates for administrative simplification that relates to sending and receiving health information, providing privacy and security of patient data, and electronic signature standards.

The appliance attaches to the network via Gigabit Ethernet connections and to a storage-area network (SAN) via SCSI connections. It will back up data directed to it from SANs, network-attached storage devices or network file servers.

A variety of vendors have storage products designed for HIPAA. Among them are EMC with its Centera system, Xiotech with its SANbuilder for Healthcare bundle and StorageTek’s Healthcare Enablement packages.

The HIPAA Conforming Storserver Backup Appliance starts at $20,000 for two terabytes of disk capacity. Training employees on HIPAA starts at $150 per person and consulting services costs $2,500 per day.