Backing up USB devices in a HIPAA environment

Thomas Zucker-ScharffSolution Guide
Veteran in computer systems, malware removal and ransomware topics.  I have been working in the field since 1985.
Edited by: Andrew Leniart
There are few things more disastrous than losing a device that has not been backed up (except losing an unencrypted device that has not been backed up).  Here is how I resolved the problem of backing up USB devices in a HIPAA environment.

Let me begin by saying that this is not in any way a technical article - so if you are new to this forum or to backup in general, read on.  If you are having trouble backing up in your HIPAA compliant environment, feel free to continue.  Just don't expect to be technically enlightened by the text to follow.

I have previously published more than a few articles on why everyone should back up their devices and check those backups by doing test restores (a backup that cannot be restored is of no use at all).  In the first article, of many articles about backups, I wrote about a basic backup and the various reasons for it, along with links to various pieces of software.  I also created many mini-tutorials and a small course on backups (still unpublished).

I have had a problem though in backing up my own USB thumb drive.  The problem mainly stems from the fact that I work in an environment that needs to be HIPAA compliant.  By-and-large this does not present a problem, but our security team has set it so that every file, when it is copied to or from a USB device, is scanned for PII and PHI.  This is good, in general, but if I am trying to replicate/backup a large device with a lot of small files on it (whether they are encrypted or not), the slow-down that the scanning creates can make a 1-hour job take more than a week!

I constantly worried about this, because I was worried that I did not have a backup of my USB thumb drive (a 512gb PNY device).  Then one day it happened, my USB disappeared.  It was almost as bad as losing one's phone.  I literally looked everywhere for it.  After a few days, I gave up and started recreating everything on it using a 9-month-old backup.  I was in the process of doing this when I found it (hurray!).  It was then that my wife came up with the idea to use one of the many computers I have in my office as a dedicated offline backup device (my words - hers were more like "Why don't you use one of the computers you have in your office to back stuff up and just not connect it to the internet?").  That is what I now do.  I use a laptop I have disconnected from Wi-Fi (the wifi -for whatever reason - doesn't even work on this one) and the rest of the "wired" network.  I just plug two identical USB devices into and sync them.

This is, by far, not the best situation or setup.  As a friend of mine always said, "Any files you do not have backed up in at least two [other] places are files you do not care about."  Notice the word other, that means three copies of every file in question.  I actually prefer more copies (I auto-upload all photos I take on my cell phone to Amazon Photos, Flickr, and Dropbox, this does not include the backup of my phone to the Druva inSync servers.

The take-away:
Backup everything!  If you are unable to back up for any reason, there is probably a workaround.

I hope you found this article useful. You are encouraged to ask questions, report any bugs or make any other comments about it below.

Note: If you need further "Support" about this topic, please consider using the Ask a Question feature of Experts Exchange. I monitor questions asked and would be pleased to provide any additional support required in questions asked in this manner, along with other EE experts...

Please do not forget to press the "Thumb's Up" button if you think this article was helpful and valuable for EE members.

It also provides me with positive feedback. Thank you!

Thomas Zucker-ScharffSolution Guide
Veteran in computer systems, malware removal and ransomware topics.  I have been working in the field since 1985.

Comments (1)

Andrew LeniartBlogger, Journalist, IT Professional, Technical Writer, Qualified Editor
Author of the Year 2019
Distinguished Expert 2020

Good tip about backing up to multiple locations. I do this myself to my online Acronis Backup Storage space, Google Drive and other cloud drive sources I have with no effort required on my part. Simple, effective and safe.


Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.

Get access with a 7-day free trial.
You Belong in the World's Smartest IT Community