At a time when healthcare is increasingly dependent on digital technologies that enable and inform our providers, clinicians and care delivery systems, the invisible infrastructure framework behind the scenes becomes critically vital to ensuring a stable and predictable environment.
Like a utility, we often take it for granted as it runs in the background, and we simply expect it to work. This expectation is as it should be. Our caregivers’ highest priority is providing the best care possible using tools that help them navigate patient information, associated workflows, and supplement their clinical expertise.
The reliance and growth of these systems requires resilient and redundant architecture that is designed to “keep those lights on”, anticipate failure, and self-correct to ensure availability and reliable performance. As high-performing healthcare organizations have evolved over time, so have the complexities of designing, implementing, and sustaining high availability in critical clinical and business applications.
The complicated problem of protecting corporate infrastructure and compute and storage assets requires the right mindset, the right vision, thoughtful leadership, as well as an innovative and strategic out of the box way of thinking.
It also requires having a plan that conveys the criticality of those assets and aligns the intended plans along with the business needs relative to those technologies. A fundamental and paramount component to help address those needs is the creation of a data center strategy and continuous improvement performance plan.
Historical background of infrastructure evolution
Traditionally, a data center approach has been focused around the redundancy and backup of the core technologies and data, to ensure that it met the organization’s “uptime” standards and was recoverable when something failed. Having a server go down, a storage frame becoming inaccessible, a network link disabled by bad weather, or any other unplanned outage was what infrastructure teams focused on and protected against with our data center designs.
Fast forward to 20 or even 30 years ahead and notice that many organizations now find themselves limited by using the same design approach. The world has changed; and expectations are heightened as infrastructure is even more closely aligned with cybersecurity, making system availability more critical.
There is a whole new dynamic playing into what and how we need to build a data center strategy that satisfies those intensified clinical and business needs.
Industry standards – where are we now?
While IT historically focused on what was important to meet internal service level agreements and validate their investments, we now find ourselves asking what the business needs and what associated costs and risks are with extended systems unavailability.
While we cannot afford to have redundancy in every situation due to limiting factors such as budget and application architectures, we can partner with the business to understand the core technology needs and the impact of downtime on our business and clinical units.
Gaining the right perspective will determine realistic and technically achievable goals for recoverability within acceptable and mutually agreeable timeframes. The goal becomes to create a technical framework as a fundamental part of a data center strategy that offers resiliency across geographies to ensure that business continuity and disaster recovery objectives are supportable.
At the foundation is a design for an active/active data center architecture which builds the foundation to then architect and deploy the technologies that meet the recovery time objectives (maximum time the application can be unavailable without serious negative impact) and recovery point objectives (the amount of data loss as measured in time that can be reasonably recovered through manual intervention after the system is available again) as defined through a business impact assessment.
Data center strategy sets the stage for business continuity
Based on a BIA, we are able to map each business and clinical application to a tier and each tier will have a defined RTO and RPO. Knowing how long the business requires the recovery of an application and what is a target maximum for loss of data or transactions is paramount to the design and investment of the technology to achieve the defined metrics.
Coming back to core design and having foundational architectures in place, (such as diverse and redundant wide-area-networking circuits, duplicate and real-time replicated storage, geographically separated and fully redundant data centers) high-performing healthcare organizations can position themselves to design and implement the elements of the technology for each specific critical application and its derived disaster recovery objectives.
Why rely on a data center strategy?
No one data center strategy is the same. Every organization’s specific needs differ. Every organization should have a data center strategy that reflects their own unique situation that balances costs, risk management, and downtime impacts.
Setting a strategy is not a once and done philosophy, instead it should be a living document that creates the vision with specific plans to carry it out consistently with organizational priorities and timetables, and then revisited every one to two years at minimum to validate business goals alignment.
Being able to stay ahead on the technology side with a thoughtful, scalable data center strategy positions IT to anticipate and effectively react to the unexpected events that are becoming more frequent in today’s interconnected world by way of cyberattacks, failed technologies, or perhaps even growth and acquisitions where we must be nimble and agile enough to meet unplanned expansions while sustaining our resilient postures.
Paul J. Williams is associate vice president of IS infrastructure technology at Penn Medicine.
