The 3-2-1 Backup Rule – Are You Using This in Your Dental Practice?

Dental offices everywhere are keenly aware of the requirement to backup their business-critical data – it is a requirement under HIPAA. An easy-to-remember rule, that will assist you in creating a good backup strategy, is known as the 3-2-1 Backup Rule. The idea is attributed to Peter Krogh.

In his analysis, Mr. Peter Krogh stated “there are two kinds of people in the world – those who have had a hard drive failure, and those who will. He created a simple system that anybody can use to make sure their data is backed up and secure.

The 3-2-1 Backup Rule states the following:

  • Keep 3 copies of important data

  • Store your backup data on 2 different media types

  • Replicate 1 copy of this data offsite


Keep Three Copies of Important Data

The first copy is easy, this is the data in production – or primary data. You then need two additional copies of this data. Let’s use a simple example to understand.

You have a payroll file saved on your computer. We can then copy this file to a USB hard drive and also upload it to Dropbox. We now have three copies of this data.

The reason we do this is to minimize the chance of corruption or loss. Let’s assume the chance of a lost file is below:

1/1000.  or 1 in 1,000

When we have two copies of our data, the actual chance of losing our file is calculated below:

1/1000 * 1/1000 = 1/1000000 or 1 in 1,000,000

Now when we add a third copy, we gain another significant protection against data loss. See the calculation below:

1/1000 * 1/1000 * 1/1000 = 1/1000000000 or 1 in 1,000,000,000


Store on Two Different Media Types

It is extremely important to save your data on two different media type. In our example above, we had our primary data saved on our computer’s hard disk, with a second copy saved to an external USB drive. This is important to prevent the same types of hazards.

In this example we would make sure that the external USB drive is a solid state drive, where the internal drive on the computer was a traditional hard disk drive.

What are some other media types? You have plenty to choose from: hard drive, tape, optical, flash memory, and many others.


Replicate One Copy Offsite

In our original example you will remember that we saved our payroll file to a USB drive and then uploaded a copy into Dropbox. Finding a suitable offsite location for your data is critical.

We want physical separation between copies of our data. You can manually transport this data offsite by using drive rotation, but this is now highly discouraged. (Replication technologies can transport data offsite faster and safer than a person actually physically transporting the data.)

Best practice is to identify offsite storage and replicate your data to this target. This could be an FTP server, or public cloud service like Amazon or Azure.


What Now?

We would love the chance to discuss your thoughts on the 3-2-1 Backup Rule and any alternative strategies that you have found useful. If there are any questions, put them in the comments below or give us a call and we are happy to help where we can.

Leave a Reply

Your email address will not be published. Required fields are marked *