Archive and protect sensitive patient data

Electronic archiving of medical documents requires special care. At the same time, it poses major challenges for the IT departments of hospitals and healthcare facilities.
- Data protection:
Patient data is highly sensitive, personal data. It must be reliably protected against unauthorized access as well as loss. - Compliance with retention periods:
There are legal requirements for electronic documentation. In some cases, PACS data must be archived in a legally compliant manner for a period of 30 years. - Access to the data:
In healthcare in particular, it is especially important that documents can be reliably accessed. Medical professionals must have fast access to documents in order to quickly make diagnoses. For example, even older X-ray images must be available at the touch of a button. - Data growth:
Digitization and technological progress are taking hold in the healthcare sector too. Rising life expectancy is also driving increasing data volumes. - Costs:
Budgets for IT structures and software are usually tight. A solution for the audit-proof archiving of patient records must therefore not only ensure compliance with legal requirements, but should also be associated with the lowest possible costs.
Medical doctors, laboratories and clinics thus face special challenges with regard to the archiving of medical data. A solid and optimized software solution for archiving medical documents is much needed. In this respect, the demands on archiving software for the healthcare sector are very high.
Electronic archiving in the healthcare sector: A solution approach
Institutions need a resilient and future-proof storage solution to guarantee compliance with legal requirements and to archive sensitive documents in a legally compliant and audit-proof manner.
- Hierarchical Storage Management:
The concept of hierarchical storage management serves as the basis for such a solution. For this purpose, a multi-tier storage architecture consisting of primary and secondary storage systems is set up. - Information Lifecycle Management:
Within this hierarchical storage architecture, data is managed and moved according to the principle of information lifecycle management. As soon as data reaches a certain age or is no longer accessed, it is moved to a secondary storage level. This is done automatically and according to previously defined policies. - Hybrid Storage Infrastructure:
Data storage is particularly efficient within a hybrid storage infrastructure. Different storage technologies and systems are used on the different storage tiers: Depending on the specific requirements of the user, flash, hard disks, private and public cloud, tape and optical technologies are combined within a hybrid storage infrastructure of this kind so that the specific properties of each technology are used efficiently.
The combination of hierarchical storage management, information lifecycle management and hybrid storage infrastructure creates an efficient and scalable archive platform. This type of platform meets the requirements of legally compliant archiving in the healthcare sector.
Software solutions for archiving patient data

Suitable storage and data management software manages the data according to the principle of information lifecycle management. According to previously defined policies, it automatically moves the data to the appropriate storage tier within the multi-tier storage architecture. At each storage tier, the technology that best meets the requirements of that tier is used.
To meet the challenges of audit-proof archiving in the healthcare sector, the corresponding software must fulfill certain criteria:
- A multi-tier storage architecture can contribute significantly to data security and protection, e.g. against ransomware. For this, the software should support offline media such as tape and optical. Regularly offloading primary storage of inactive data also reduces backup volume and makes it easier to adhere to backup schedules.
- The software must provide archiving functions that ensure audit-proof archiving, e.g. compliance with retention periods and immutability of archived documents.
- Seamless access to archived documents, PACS images, electronic medical files and documents must be possible so that they are quickly available.
- For storage infrastructure to grow with increasing data volumes, storage and data management software must be scalable, support storage expansion, and flexibly integrate new systems.
- The automated offloading of inactive data to secondary storage systems enables particular cost optimization if the HSM software supports a wide range of storage systems, regardless of manufacturer and technology. Then the storage medium that provides the best balance of required performance and storage capacity can be used on each storage tier.
Legally compliant archiving of medical data with PoINT Storage Manager
"Medical data requires legally compliant archiving. Our software PoINT Storage Manager is designed for long and secure data storage and easily meets the necessary compliance requirements", says Gundolf Gremler, CTO at PoINT.

The software PoINT Storage Manager works according to the principle of Information Lifecycle Management:
- Within a multi-tier storage architecture, PoINT Storage Manager automatically moves data to different storage tiers and archives them in a legally compliant way.
- The policies for tiering and archiving can be created individually – depending on the requirements and specifications of the institution.
Thus, the conditions for an efficient and cost-optimized use of the storage infrastructure are created. Users remain flexible in their choice of storage technologies, because PoINT Storage Manager supports all common storage systems independent of technology and manufacturer.
For example, also the tape technology with offline media can be integrated:
- Due to the "air gap", data storage on tape offers a high level of data protection.
- In addition, data storage on tape can cover long retention periods, as it is a particularly durable storage medium.
At the same time, PoINT Storage Manager meets the high requirements for legally compliant archiving of patient data and medical documents:
- The so-called WORM function protects the data from manipulation and unintentional deletion. The "Write Once Read Many" protection prevents changes to an archived file and guarantees its unchanged retention.
- PoINT Storage Manager's integrated retention management ensures that the specified retention period is adhered to.
- For the users - physicians, therapists, laboratory staff - the familiar processes remain unchanged. PoINT Storage Manager provides transparent read access to the archived documents.
- Access is realized via the file system of the primary storage and via the familiar user interface.
Storage solution for Big Data in medicine: PoINT Archival Gateway

With rapidly growing data volumes, the topics of digitization and big data are also gaining importance in the areas of medical research and diagnostics. Data volumes then quickly reach the petabyte range – with constant requirements for audit-proof, long-term and secure storage.
PoINT Archival Gateway supports you in archiving large and continuously growing data volumes. PoINT Archival Gateway is a software-based object storage which receives the data via the standardized S3 interface and writes it directly to tape with high performance values.
- The storage medium tape offers special security, cost efficiency and longevity. It is therefore perfectly suited for long-term storage of inactive data.
- PoINT Archival Gateway offers flexible scalability for growing data volumes.
- The solution uses the standardized S3 interface and integrates hardware independent of manufacturer.