Dental Office network, hardware, software, backup

For complex topics that regular users would not be interested in. For power users and database administrators.
Post Reply
tdong
Posts: 100
Joined: Mon Jun 18, 2007 1:16 pm
Contact:

Dental Office network, hardware, software, backup

Post by tdong » Thu Oct 25, 2018 6:49 am

Hi Everyone

I haven't been here for a while. Busy with life. I had a some private messages asking about server setup etc.
Here is my setup hope it is useful and meet your need within your budget.

Servers
-Server minimum of two with server 2012 R2 OS (get 2016 is even better), essential is ok as well. (dell r710, dell r720 are good used price, or just get a new dell r330)
-Server1, Server2 setup as Host for HyperV and AD. Create a VM in Hyper V for OD server, Images, and Xray and another VM setup as Active Directory.
-server1 is replicate to server2 using HyperV replication which is in real time.
-get CoreFTP which is around $100 to setup sftp on your host server. if you put your backup here you can get it from anywhere.
-I like to keep the database small so opendental images are still store in the A-Z dir.

-For backup, I am using navicat for the database you can use other for backup mysql , robocopy for images, xray, files. I also use iDrive for cloud backup.
-Get an account for dropbox and onedrive and install it on the each of the host (and workstation if you wish).
-set the backup location for your database to the location of dropbox and onedrive (free one is 5gig more than you need for just database). For this you just need the latest copy of your database.
-at home or anywhere else. you can setup OD install dropbox and onedrive so that you can check on restore of your backup fairly easy.

Workstations
-Workstation any dell,hp etc with windows 10.
-For workstation that run window 10 install HyperV as well make a backup of the VMs and put it there in poweroff mode.
-install dropbox and onedrive as well.

Networking
-Get two internet lines from two different providers. One internet line will be your network. The other internet line will be use for patients free wifi and act as your internet backup. If your router has dual wan then set that up otherwise physically swap cable for internet is not a big deal.
-Get a router which has site to site vpn for your office and your home or where else. if you are using dynamic ip then get the dynamic dns service.
-setup site to site vpn then you will have full access to your office from home.
-for your home computer setup OD etc. restore from backup so that you can check on thing.


Remote desktop and monitor
-Google remote desktop install on your workstation and servers (optional) since you can remote from your workstation to your server
-Get a couple of arlos for security and remote support. you can walk any staff to fix thing if you can't do it in remote desktop. Facetime works as well. I find that support with audio only is sometime very frustrating you need visual.

Backup options.
-Robocopy is very good. Use COPYALL (Mirror will delete the source files if you delete stuff from target. Don't use it). you can schedule this script to run hourly or less. Full backup is time consuming. So get a couple of external usb drives and have multiple Robocopy scripts to write there with different schedules. Robocopy does differential copy fairly fast and each of it can be a full copy. Write a copy to your sftp location as well.
-Cobian backup is free
-Fastcopy for quick copy of files.

Compile OD step by step in case you are interested.
-Get community visual studio 2015 https://go.microsoft.com/fwlink/?LinkId ... lcid=0x409
-create the sgen.exe.config https://www.opendental.com/site/sourcecode.html
-get ortoiseSVN http://tortoisesvn.net and installed and get source code from https://opendentalsoft.com:23793/svn/opendental (choose version)
-compile with visual studio 2015 and choose release and x86
-install a trial copy to get all the extra dlls that requires.
-copy and paste your Release (under OpenDental bin) to the trial location and overwrite everything. This will be your working compile version of OD.


In case of disaster. you still need to manually turn on the failover on the servers. any of your workstation is a server itself but requires restore data from backup. Even your home is now your office.

In total disaster of your office you still have everything online and at your home or else where.

Add a third server for real time replication if you wish.

if you have any question or input feel free to let me know.

No plan is perfect but this is fairly cover everything in case of a disaster and get your office back online from minutes to an hour max.

Tu

User avatar
Ardavan
Posts: 106
Joined: Sat May 15, 2010 9:10 am

Re: Dental Office network, hardware, software, backup

Post by Ardavan » Mon Dec 31, 2018 7:54 am

Thanks tdong,
For those of us in the United States who wish to maintain HIPAA compliance following tdong's instructions don't forget to either:
1) Encrypt everything prior to uploading or
2) Sign a BAA with DropBox, OneDrive, and any other third party provider
MountainDuck can help with seamless client side encryption using cryptomator.
There are 10 types of people in this world, those who will laugh at this joke, and those who won't. ~Annonymous Bug Writer

JLM
Posts: 128
Joined: Wed Dec 05, 2012 12:52 pm

Re: Dental Office network, hardware, software, backup

Post by JLM » Thu Jan 03, 2019 1:08 pm

For those of us in the United States who wish to maintain HIPAA compliance following tdong's instructions don't forget to either:
1) Encrypt everything prior to uploading or
2) Sign a BAA with DropBox, OneDrive, and any other third party provider
MountainDuck can help with seamless client side encryption using cryptomator.
Just a clarification, you have to have the BAA even if you have encrypted stuff you upload to the cloud.
It's not encrypt OR BAA, it's encrypt AND BAA

JLM

User avatar
Ardavan
Posts: 106
Joined: Sat May 15, 2010 9:10 am

Re: Dental Office network, hardware, software, backup

Post by Ardavan » Tue Jan 08, 2019 11:12 am

Disclaimer: I am not a healthcare lawyer, the views and opinions expressed here are my own and not those of my employer or its affiliates.

Thanks for the input JLM, HIPAA can be a confusing beast. Of course it is best practice to encrypt in transit (to protect from eavesdropping) and at rest (to protect from physical theft), and of course it's also best practice to limit liabilities wherever and whenever possible (contractually through BAA's, and operationally through policies and practices).

That being said I am a computer engineer who brushes up on HIPAA annually to ensure my organization remains vigilant about compliance. Playing devil's advocate I may argue that without the key data resulting from strong encryption is indiscernible from noise, and as such there is no feasible threat to patient privacy when storing it (encrypted data) insecurely or with a third party.

Remember, a minimal BAA is nothing more than an agreement between the Covered Entity (CE) and Business Associate (BA) where the BA agrees to be bound by the same HIPAA rules as the CE. If the CE can satisfy HIPAA rules by implementing zero trust strategies and architectures then there is no need to get vendors to sign BAA's because they will never be privy to protected health information (PHI).
There are 10 types of people in this world, those who will laugh at this joke, and those who won't. ~Annonymous Bug Writer

Post Reply