Articles & Insights

FAQ: Third-Party Maintenance in the Healthcare Industry

Q: Will we still be HIPAA and data protection compliant if we use a third-party data centre maintenance provider?

A: YES. While it is the responsibility of the covered entity (hospital/healthcare organisation) to understand, acknowledge and meet The Health Insurance Portability and Accountability Act (HIPAA) regulations, Data Protection Act and General Data Protection Regulation, Service Express is committed to following all guidelines our customers have in place to meet the regulations.

Return to Top

Q: How do you ensure healthcare data security?

A: Service Express does not access any secure data when providing support. We never remotely or locally access a server without customer knowledge and permission. In the event we need a remote access point, we set up a one-off remote session.

Service Express will not compromise any type of security that you have in place to ensure that data is secure. We comply with any and all processes to protect secure data, while still allowing for access to repair your equipment.

Return to Top

Q: Will you sign a BAA?

A: We sign both Business Associate Agreements (BAAs) and Non-Disclosure Agreements (NDAs) as a compliance tickbox for our customers. Protecting healthcare data is the rule, not the exception. Even though we are not accessing any Protected Health Information (PHI), we always want to help our healthcare customers meet rules and regulations that could apply.

Return to Top

Q: How do we maintain security on defective hard drives?

A: We offer drive retention to customers who would prefer to keep chain of custody on failed drives in-house for HIPAA and data protection compliance. Most OEMs will charge for Defective Media Retention (DMR) or Comprehensive Defective Media Retention (CDMR), but we allow customers to retain drives and other magnetic media at no charge.

If it becomes necessary to take any drives or defective media off-site, Service Express protects your confidential information by properly disposing of the drives using a data destruction process that mirrors the US Government data destruction policy.

Return to Top

Q: Do we need the latest firmware update to be a HIPAA and data protection compliant data centre?

A: Not necessarily. Is your data secure in the current level of firmware your system is operating with? We advise our customers which firmware updates may affect the security of their data and recommend they obtain such updates (which OEMs may provide to equipment owners at no cost). We help our customers through the process of applying the firmware updates to their systems and equipment to ensure data centre security.

Return to Top

Q: We have several systems that we need to keep long term: can you keep them running?

A: Our post-warranty coverage includes End of Life (EOL) and End of Service Life (EOSL) equipment, helping you to maximise the ROI of your data centre assets by extending the customary OEM equipment life cycle for years.

When it makes sense to keep your equipment longer due to budgetary constraints, archived medical records or legacy app reasons, you can depend on Service Express’ 30+ years of experience for support and uptime.

Return to Top

Q: Can you meet the strict SLAs necessary for the healthcare industry?

A: We meet your coverage needs with a variety of Service Level Agreements (SLAs). You can choose 24×7, Same Business Day, Next Business Day or a customised solution. Our onsite response time in meeting these SLAs is an industry-leading 99%.

Beyond meeting SLA terms, our support is structured to ensure the best experience for the IT professionals we serve. Advantages include:

Our ServiceEdge™ sets the standard for what your service can and should be, with a 24/7/365 in-house customer support team and engineer callback within 30 minutes of opening a service ticket (average time 10 minutes) for fast resolution.

PartsEdge™ is our “Right Parts at the Right Time” process to supporting your data centre equipment. Not only do we have quality parts, we use our proprietary algorithm to make sure the parts needed are in local inventory before a failure occurs. Eliminating parts delays contributes to quicker service and a 97% first-trip repair rate.

Return to Top

Q: Are your engineers qualified to handle our mission-critical equipment?

A: Definitely! Our engineers have the experience and the resources to provide multi-vendor support for your server, storage and network equipment. This extensive data centre expertise means you can rely on a consistent level of support, even if an issue affects multiple pieces of equipment.

To provide outstanding support, every Service Express engineer participates in continuous, hands-on learning. Our award-winning Aces Development training programme aligns engineer development with actual call activity in the field, as well as incorporating customer needs, engineer skill sets and historical service data.

Should an unusual or more complex problem arise, immediate engineer support is available 24/7 from our Field Technical Operations (FTO) support team. This group of technical operations experts is ready with answers and next steps to resolve issues and maximise uptime for your mission-critical equipment.

Return to Top

Q: We just underwent a big merger: can you help with that?

A: Absolutely! Definitive Healthcare’s survey of healthcare leaders puts industry consolidation as the most important trend of 2019, with 803 tracked mergers and acquisitions along with 858 affiliation and partnership announcements last year. With this trend in consolidation activity, IT teams can encounter major challenges with asset management, including the merging and deduping of data centre assets.

For a comprehensive report of what assets are in your data centre(s), Service Express provides full inventory audits, including models and serial numbers. In addition, you can review what is covered under warranty with the OEM and see when that coverage expires with our warranty tracking. These asset management insights are accessible in our customer portal, ExpressConnect®.

To help with your surplus or retired equipment needs, Service Express offers decommissioning services and asset disposition. To ensure security, any equipment taken offsite is processed according to DoD and NIST standards in our Enterprise Production Lab.

Return to Top

Q: We have multiple locations both inside and outside the United States. Can you still support us?

A: Yes! We serve customers throughout the U.S. and offer international data center service coverage across the globe.

Multiple locations in healthcare are not uncommon, and while your primary and secondary engineer will vary by location, there will be one account manager, contract support specialist and hardware sales consultant to support all your locations.

Return to Top

Utilising our third-party maintenance solutions for data centre support saves you up to 70% on your current OEM maintenance costs. You can apply the savings towards patient care technology, staffing and strategic projects. By choosing Service Express as your data centre maintenance provider, you can improve your quality of support and maximise your uptime without compromising your HIPAA and data protection compliance.

Additional Resources