Data Backup: What’s Your Risk Tolerance?

We’ve all heard the horror stories. The corporate executive who lost an important sales presentation. The new bride who lost the video of her big day. The college student who lost his entire thesis and had to start over again from scratch.

Data loss can happen to anyone at any time.

Even those on the cutting edge of technology are at risk. The creators of “Toy Story 2” nearly lost the film mid-production when a Pixar employee accidentally deleted data files and the backups failed. Luckily, a technical director had saved portions of the film on her home computer, and Buzz and Woody were brought back to life.

Data loss is more than just an inconvenient disruption and can throw the entire dental practice into a state of panic as more offices move to electronic records. Imagine arriving at the office to learn that you are unable to pull up the schedule to determine which patients are coming in, what procedures will be performed, how the rooms should be set up, the list goes on.

The Dentists Insurance Company reports one Bay Area dentist lost all of his patient records when his hard drive crashed. When he attempted to restore the data by accessing his backups, he discovered his system hadn’t been backing up for two years.

“Having a backup system for storing information is critical, but it is also critical to check those systems,” said Sheila Davis, assistant vice president of TDIC’s Claims and Risk Management department. “If you don’t perform regular backups, and you don’t check to make sure those backups are functioning, you run the risk of losing everything.”

In the case above, the dentist did lose everything — and then some. Not only did he have to spend thousands of dollars to rebuild his system, he also had to recreate patient files. Because insurance companies require documentation for claim reimbursement, he had to retake patient radiographs. He also had to cross his fingers and hope that his patients were honest enough to pay what they knew they owed, as he had no billing records.

“There was a chance he would have to write off a significant amount of income, should patients refuse to pay their bills,” Davis said. Most people are understanding when it comes to computer glitches, but it’s still a risk.”

Whether from human error, viruses, technical malfunctions, natural disasters or theft, data loss can have a huge impact on any business. In fact, nearly half of all small businesses have experienced some form of data loss according to online backup provider Carbonite.

Luckily, there are ways to avoid complete devastation. Topping the list is making sure your backups are run regularly and accurately.

“Too often, people forget to check their backups,” Davis said. “Backups are a fail-safe. But even fail-safes should be double checked.”

John Christopher, senior manager of marketing communications at DriveSavers Data Recovery, said one of the biggest mistakes small business owners make is failing to monitor the performance of their backup systems.

“Backups are not routinely evaluated for effectiveness,” he said. “Often, data is lost when the administrator of a computer system believes the backup system is functioning when it is not. Then, when the primary system fails, there isn’t a backup. Backup systems must be regularly maintained and files that have been backed up must be regularly reviewed to ensure that scheduled backups are functioning properly and all copied data is corruption-free and useable.”

Cost is one of the major reasons business owners fail to back up their computers. There are upfront costs, such as hardware, and ongoing costs, such as monthly monitoring fees and storage fees. But the costs associated with a data loss are much greater, so it is a small price to pay.

“Dentists with up-to-date backups can be back to work within a few days,” Davis said. “Those without can spend weeks trying to get up and running again.”

Another reason dentists fail to back up their data simply comes down to frequency and continuity. According to a 2019 Backup Awareness Survey conducted by cloud storage provider Backblaze, 97% of businesses back up their data at least once a year. Of those, 86% of businesses perform backups monthly, weekly or daily. However, despite those efforts, 29% of businesses still suffered a data loss event that led to downtime. Why the discrepancy? Half measures don’t provide full protection. Real-time backups make the difference.

“What could be more time consuming than having to rebuild your entire system and reconstructing all of your patient records?” Davis asked.

Most experts recommend real-time backups, also known as continuous backups, in which changes are automatically saved as they are made. That way, should a data loss occur, there will be no gaps in data recovery. Other options include conducting a full backup at a set point in time, such as once a day or once a week.

“The real question is, ‘what’s your risk tolerance?’ How much data are you willing to lose? A week’s worth? A month? A year?” Davis asked.

Another consideration is where to store your backups. Many practice owners use external hard drives, but these can also fail if connected to a network should a virus strike or a malfunction occur.

Many are now opting for cloud-based storage, which allows continuous backup and access to data at any time. It should be noted that there are HIPAA considerations when choosing cloud storage, and dentists should sign a Business Associate Agreement with any cloud service provider. Access ADA HIPAA resources to learn more about how business associates must comply.

“We advise dentists who perform hard backups to disconnect the drive and store it offsite in a secure location. Better yet, we recommend investing in a HIPAA-compliant cloud-based data backup service,” Davis said.

Christopher said it’s best to have multiple backups, stored in multiple locations.

“Keep one backup offsite in case some type of accident or disaster occurs,” he said. “Automate your backup system so there is less likelihood of human error. Regularly check the data on your backup devices to ensure it is useable and to ensure that backups are performing as expected.”

TDIC’s Risk Management Advice Line is a benefit to TDIC policyholders. To schedule a consultation with an experienced risk management analyst, visit tdicinsurance.com/RMconsult or call 800.733.0633. For Risk Management guidance in Idaho, Oregon or Washington, call 800.452.0504.