ITPOL10 IT Backup Policy by Provide Community

IT Backup Policy & Procedures

Version: V4

Ratified by: Finance & Investment Committee

Date ratified: 03/05/2023

Job Title of author: Director IT & Transformation

Reviewed by Committee or Expert Group Technology Programme Group Equality Impact Assessed by: Director IT & Transformation

1. Introduction

The Organisation’s increasing reliance on IT systems and the potential dangers that they are at risk from, means that we need to have procedures in place so that we can recover from any disaster leading to loss of data.

There are many possible risks that we need to protect against, including, but not exclusive to the following threats:

• Natural disasters – e.g. - Fire and Floods

• Failure of hard drives and other hardware

• Carelessness / accidental deletion of critical files

• Deliberate Sabotage and malware infection

These threats make it imperative that we have up to date backups in place at all times to ensure that we are able to recover from any such incident.

This policy covers all of the Organisation’s servers, including file and print servers, application servers and domain controllers regardless of if these are supported directly by the Provide Technology Team or by a third party.

The Information Security Policy (IGPOL53) states that sensitive and confidential data should not be stored on local hard drives so data stored locally is out of scope of this policy

2. Purpose

To ensure that all data residing on the Organisation’s IT systems shall be protected against loss or corruption through the use of robust backup procedures. These procedures will be performed to ensure that the organisation is not significantly disrupted should a failure occur within any of the systems

3. Definitions

Backup

Copying of data for the purpose of having an additional copy in the event that the original data is lost, corrupted or damaged. In which event a restore of the data would be performed.

Restore

The process of re-establishing data, such as a file to a previous state, usually after the data has been lost, corrupted or damaged.

4. Duties

Assistant Director of IT & Systems

Responsible for ensuring that this Policy is implemented and is reviewed at least every three years.

Technology Operations Manager

Responsible for ensuring there are documented Backup Procedures in place that adhere to this policy and that these are complied with

Technology Infrastructure Staff

Responsible for performing the backups to a high standard and as defined in the relevant process documents.

5. Consultation and Communication

This policy will be shared with all Provide Technology Staff who shall make themselves familiar with its content, it will also be made available to all staff on MetaCompliance.

6. The Backup Approach

The Technology Team will backup all data it is required to do so as part of the terms of contracts that the Organisation delivers or where there is a business, statutory or regulatory requirement to do so. All other data will be assessed for inclusion based on risk, value of the data and cost of recreating it; the default position will be to backup data and all exclusions will be documented in an appendix to the backup procedures.

The Provide Technology Team has enabled “Previous Versions” within the file servers to support fast recovery of documents on a day to day basis. Industry standard software will be used to automate the creation of the backups.

For the servers maintained and supported by the Provide Technology Department, the backups will be held on disks contained within the DPM server or exported to tape as per the retention policy.

Data stored in the hosted data centre environment, will also be backed up using industry standards software but purely to disk

7. Retention Periods

Retention periods will be set by the business and will reflect the requirements of Organisation’s services.

Data held in the hosted data centre environment will be held for a minimum duration of 42 days and replicated across 2 sites.

Data held by Provide will be held for a minimum of 42 days and will have a copy kept locally and a copy kept in the cloud.

Data of specific types, from specific systems or services can be held for longer periods where this is appropriate and has been agreed by the requesting service with both Information Governance and the Technology Service. However, data should not be kept for shorter periods.

8. Backup Tapes

Backup tapes are no longer being actively used. However, any historical tapes will be stored off site in a secure fireproof safe until the end of their marked retention period. Each backup tape will be labelled with a printed barcode that will enable its contents to be determined.

9. Backup Procedures

Backup procedures will be maintained by the Technology Operations Manager in the form of a SOP.

10.Restoring Data

In the event that a restore cannot be completed by the end user using the “Previous Versions” functionality, the user should raise a request with the Provide Technology Service Desk specifying when and where the restore is required from.

Provide’s Restore Procedures (see Appendix A) will ensure that data can be reestablished in the quickest possible time. Restores for data held on disk will be completed within the assigned Service Level but will be possible to complete within minutes where this is required. Data held on tape will take longer to restore but should be completed within 3 working days.

The Restore Procedures will require that staff requesting data to be restored will need to log a request with the Provide Technology Service Desk and the call will need to be approved by the folder owner or their line manager.

11.Disaster Recovery

Provide will maintain a Disaster Recovery Policy and Plan. The backup procedures required by this policy may be required if invoking the Disaster Recovery Plan.

12.Critical Systems RTO & RPOs

TPP SystmOne

TPP have a Zero Data Loss (ZDL) solution which is accredited by NHS Digital. ZDL ensures that at any time all data is stored in both the primary and secondary data centres. This means that in the event of a catastrophic failure in the primary data centre, service can be moved to the secondary data centre with absolutely no data loss. As such, the solution has a Recovery Point Objective (RPO) of zero seconds and an RTO of 2 Hours.

Answer Link (CareCall)

The Answer Link platform is hosted locally at Provide locations, HQ and Kestrel House. In the event of a catastrophic failure the Recovery Point Objective (RPO) is no more than 24 hours with a Recovery Time Objective (RTO) of 30 minutes.

Inform (Sexual Health Services)

The Inform Platform is hosted within our Pulsant Datacentres. As the whole environment is virtualised, we have greater stability. However, in the event of a catastrophic failure the Recovery Point Objective (RPO) is 10 minutes with a Recovery Time Objective (RTO) of 30 minutes.

Optimum (Wheelchairs Service)

The Optimum Platform is hosted within our Pulsant Datacentres. As the whole environment is virtualised, we have greater stability. However, in the event of a catastrophic failure the Recovery Point Objective (RPO) is 10 minutes with a Recovery Time Objective (RTO) of 30 minutes.

Priority Platform (Essex Wellbeing Service)

The Priority Platform is hosted externally by Priority Digital Health. In the event of a catastrophic failure the Recovery Point Objective (RPO) is no more than 24 hours with a Recovery Time Objective (RTO) of 90 minutes. All backups are stored for 30 days.

Appendix A: Restore Procedures

Restore Requests

When a user notices that a folder or document is missing, they should make every effort to see if there is a reason for this, such as checking with colleagues to see if the document has been moved.

Should the file or folder not be found, a call should be logged with the Provide Technology Service Desk, the user will need to inform the Service Desk of:

• What folders and files are missing

• Where the folders and files were stored

• When the folders and files were last known to be available

The Service Desk will undertake an initial triage and if restoration is required and is likely to be possible, the call will be transferred to the Infrastructure queue.

The Infrastructure Team will attempt to restore the folder or files or log a call with Provides data centre provider to do so.

The Infrastructure Team or Service Desk staff will contact the user with the outcome of the attempt to restore the file before closing the call.

Monthly Test

A monthly restore test will be undertaken by the Infrastructure Team.

EQUALITY IMPACT ASSESSMENT TEMPLATE: Stage 1: ‘Screening’

Name of project/policy/strategy (hereafter referred to as “initiative”):

IT Backup Policy and Procedures

Provide a brief summary (bullet points) of the aims of the initiative and main activities: Backup of data

Project/Policy Manager: Director IT & Transformation Date: 06/04/2023

This stage establishes whether a proposed initiative will have an impact from an equality perspective on any particular group of people or community – i.e. on the grounds of race (incl. religion/faith), gender (incl. sexual orientation), age, disability, or whether it is “equality neutral” (i.e. have no effect either positive or negative). In the case of gender, consider whether men and women are affected differently.

Q1. Who will benefit from this initiative? Is there likely to be a positive impact on specific groups/communities (whether or not they are the intended beneficiaries), and if so, how? Or is it clear at this stage that it will be equality “neutral”? i.e. will have no particular effect on any group.

Provide IT Users

Q2. Is there likely to be an adverse impact on one or more minority/under-represented or community groups as a result of this initiative? If so, who may be affected and why? Or is it clear at this stage that it will be equality “neutral”?

Q3. Is the impact of the initiative – whether positive or negative - significant enough to warrant a more detailed assessment (Stage 2 – see guidance)? If not, will there be monitoring and review to assess the impact over a period time? Briefly (bullet points) give reasons for your answer and any steps you are taking to address particular issues, including any consultation with staff or external groups/agencies.

Guidelines: Things to consider

Equality impact assessments at Provide take account of relevant equality legislation and include age, (i.e. young and old,); race and ethnicity, gender, disability, religion and faith, and sexual orientation.

The initiative may have a positive, negative or neutral impact, i.e. have no particular effect on the group/community.

Where a negative (i.e. adverse) impact is identified, it may be appropriate to make a more detailed EIA (see Stage 2), or, as important, take early action to redress this – e.g. by abandoning or modifying the initiative. NB: If the initiative contravenes equality legislation, it must be abandoned or modified.

Where an initiative has a positive impact on groups/community relations, the EIA should make this explicit, to enable the outcomes to be monitored over its lifespan.

Where there is a positive impact on particular groups does this mean there could be an adverse impact on others, and if so can this be justified? - e.g. are there other existing or planned initiatives which redress this?

It may not be possible to provide detailed answers to some of these questions at the start of the initiative. The EIA may identify a lack of relevant data, and that data-gathering is a specific action required to inform the initiative as it develops, and also to form part of a continuing evaluation and review process.

It is envisaged that it will be relatively rare for full impact assessments to be carried out at Provide. Usually, where there are particular problems identified in the screening stage, it is envisaged that the approach will be amended at this stage, and/or setting up a monitoring/evaluation system to review a policy’s impact over time.

EQUALITY IMPACT ASSESSMENT TEMPLATE: Stage 2:

(To be used where the ‘screening phase has identified a substantial problem/concern)

This stage examines the initiative in more detail in order to obtain further information where required about its potential adverse or positive impact from an equality perspective. It will help inform whether any action needs to be taken and may form part of a continuing assessment framework as the initiative develops.

Q1. What data/information is there on the target beneficiary groups/communities? Are any of these groups under- or over-represented? Do they have access to the same resources? What are your sources of data and are there any gaps?

Q2. Is there a potential for this initiative to have a positive impact, such as tackling discrimination, promoting equality of opportunity and good community relations? If yes, how? Which are the main groups it will have an impact on?

Q3. Will the initiative have an adverse impact on any particular group or community/community relations? If yes, in what way? Will the impact be different for different groups – e.g. men and women?

Q4. Has there been consultation/is consultation planned with stakeholders/ beneficiaries/ staff who will be affected by the initiative? Summarise (bullet points) any important issues arising from the consultation.

Q5. Given your answers to the previous questions, how will your plans be revised to reduce/eliminate negative impact or enhance positive impact? Are there specific factors which need to be taken into account?

Q6. How will the initiative continue to be monitored and evaluated, including its impact on particular groups/ improving community relations? Where appropriate, identify any additional data that will be required.

Guidelines: Things to consider

An initiative may have a positive impact on some sectors of the community but leave others excluded or feeling they are excluded. Consideration should be given to how this can be tackled or minimised.

It is important to ensure that relevant groups/communities are identified who should be consulted. This may require taking positive action to engage with those groups who are traditionally less likely to respond to consultations, and could form a specific part of the initiative.

The consultation process should form a meaningful part of the initiative as it develops, and help inform any future action.

If the EIA shows an adverse impact, is this because it contravenes any equality legislation? If so, the initiative must be modified or abandoned. There may be another way to meet the objective(s) of the initiative.

Further information:

Useful Websites www.equalityhumanrights.com Website for new Equality agency www.employers-forum.co.uk – Employers forum on disability www.efa.org.uk – Employers forum on age

EQUALITY IMPACT ASSESSMENT TEMPLATE: Stage One: ‘Screening’