On Fri, 06 May 2005 16:58:39 -0600, Abraham Al-Saleh <[EMAIL PROTECTED]> wrote:
I should additionally add (sorry about that), that it's not something that hasn't been considered in the past, and I'm considering it again, I just need to weigh costs for this with the costs for making our internet connection redundant, as well as the man power required, time it will take, and risks associated with each, which is why I came to the list asking for more information on using openbgpd, or bgp in particular.
Abe,
I suggest you reconsider your stance on collocation. The answer (due to HIPPA) may not be a "provider" of collocation facilities but actually having another physical site controlled by your company. I haven't actually read all of the HIPPA requirements but due to friends, I've got a good idea how much of a pain in the ass they can be.
The reason for collocating is logical. Sure, you may have a pair of APC Matrix 5000 units and a generator at your current site... -But heck, even my garage has the very same equipment! The difference is life and death decisions are not made based on the ability to access the machines in my garage. In your business, any inability to access medical records could cause people to die. You're in a totally different league and have to face a ton of liability if something goes wrong.
Let's say you go through the expense of full redundancy at your single site and when I say "full" I mean everything from multiple power drops from different chunks of the local grids, to at least pairs of generators, custom redundant wiring/circuits, staged UPS's all the way down the proverbial power line to the CPU's... -You're still vulnerable. The reason is simple, anything from a major disaster in Farmington Utah, to something as trivial as a fiber cut (i.e. someone with a backhoe accidentally ripping out network lines), you're still hosed.
Having multiple sites is the same logic as having redundant APC Matrix 5K units but it's applied on a more effective scale; If one gets hosed, you cross your fingers and hope the second will pick up the load. If you have only one site, you still have a single point of failure regardless of how many redundant lines you attach to it.
I understand the costs involved with having a second site, but in general the industry understands HIPPA compliance is expensive and worse yet, liability is even more expensive. The multi-site redundancy, though costly, would be a sales advantage due to the reduced liability it offers. Even if you can not afford to do it now, it would still be worthwhile to have "plans" in place on how it (eventually) will be done. If the legal department of some HMO client/partner requires site redundancy, you add implementing your plan to the costs of their contract... ;-)
JCR
Thank you for your time and attention to detail Mr. Roberts, I am going to forward this message to my boss and some coworkers so that we can factor your points into our discussion.
