Cloud storage – is your clinic data safe?

If you are thinking about backing up your clinic data using a cloud storage service or do so already, there are some important considerations that you must take into account.  But first, what is “cloud storage”  In common usage, the term “the cloud” is essentially a metaphor for the Internet. Cloud storage therefore means storing things on the internet.  We’re sure that you’ve heard of Dropbox or Google Drive, well this is exactly the service that these two popular products provide. Even Physiopedia recently moved it’s hosting onto the cloud.

When thinking about backing up and storing your clinic data online, or “in the cloud”, it is important that you are certain that your clinic data is being stored safely, correctly and securely.  Firstly you should use a system that maintains you compliance with the data protection act.   Using on-line storage services for backing up your clinic data can make you vulnerable to data corruptions and leave you open to data theft. As a result, you may not be compliant with the data protection act. We therefore strongly advise that you do not use an on-line storage service such as Dropbox or Google Drive to back-up your clinic data for the following reasons:

  • The Data Protection Act requires that personal data “shall not be transferred to any country outside the EU”. It is important that you ensure your cloud back-up provider does not host their servers outside of the EU so that you remain compliant with the Data Protection Act. Many of the larger cloud back-up providers do host their servers elsewhere.
  • Cloud back-up services are often designed to back-up media data such as music, videos and documents which are usually read only. By backing up data which is constantly updated, you run the risk of missing vital pieces of information and thus causing a database corruption.
  • In the past few years, potential weaknesses have been highlighted with on-line storage services which leave users open to theft, and even intrusions into their privacy. It is essential that you check the Terms of Service for any potential provider to ensure there are no risks with them housing your data.

To ensure that you are backing up your data safely, correctly and securely, we advise the following:

  • If you choose to back up using an external hard-drive and/or memory stick, make sure it can be stored separately from your clinic database.
  • External hard-drives must be designed to hold data which is regularly updated and have full Windows Permissions. Drives such as Network-attached Storage devices can be used provided the hardware is suitable and they are monitored by a professional.
  • The alternative solution is to look at having your data hosted by clinic management software that offers the service, such as TM2. By using other TM2 Hosted service, your data will be backed up safely to our secure servers at a data centre within the UK.

To find out more about backing up clinic data securely and the hosted TM2 service visit their website or give them a call (+44 33 33 442 600), the team there would be very happy to chat to you!