DOCSLIB.ORG

Understanding Service Level Agreements in Healthcare

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Understanding Service Level Agreements in Healthcare Understanding Service Level Agreements in Healthcare Orion Health White Paper Gustavo Herrera Site Reliability Engineering Director 042018 How to measure and control the However, as every system is different they quality of services in the health can have an almost infinite number of industry variables. It is important to note that not all variables bear the same relevance or have Service Level Agreements (SLAs) are one the same impact in quality as each other. of the most important parts of any cloud Some are concrete and can be quantified, service agreement, yet their importance can while others are more abstract and harder to be poorly understood. In their most basic represent in numbers. form SLAs are a single contract between two parties focusing on the type and quality To ensure there is understanding of of service provided to a client. Yet, how the the order of relevance, a hierarchy of contracts are developed, and what they variables— focusing on significance and contain can be overlooked. measurability—should be created. It is these two features that are key to defining Strong SLAs are paramount within accurate SLIs. healthcare—where capabilities such as data availability can mean the difference between Some SLIs can be composed by an life and death—and this whitepaper will aggregation of other SLIs, but each must present a comprehensive overview of what have enough relevance on its own to be SLAs are, how they are created, and their listed independently, otherwise it should importance to healthcare organisations. be rolled into a relevant SLI and discarded. For example: database availability; business Definitions: SLI, SLO and SLA logic availability; web server availability; and API availability are all different SLIs. Each Service Level Indicator (SLI) has a meaning on their own, but they are also presented as an aggregated SLI, such Defining a set of SLIs is the first step in as system availability. creating a Cloud Service Agreement. SLI can be defined as a variable (also known However, it could be argued that some as a value) that has enough relevance for availabilities have relative importance; for the service and can be quantitatively and example, web server availability will not objectively measured. The most well- have an impact on consumers using the known SLIs are “system availability” and API. Therefore, it is still valuable to make a “downtime”. distinction between the different SLI rolled up into system availability or uptime. Variables Relevant SLI Measureable FIGURE 1: Service Level Indicator Diagram Orion Health White Paper Understanding Service Level Agreements in Healthcare 2 Service Level Objective (SLO) Another factor to consider is the cost of enhancing the SLO compared with the added benefit as perceived by the customer. For An SLI alone does not provide a means to example, for user interaction, 3-4 seconds of measure the quality of a service, as there is response time is considered acceptable and still no judgment regarding what value, or there is no perceived value on reducing the range of values, the SLI could take. Service reaction time beyond that threshold. Usually, Level Objectives define what range of those this follows the law of diminishing marginal values will constitute an acceptable level of returns: that is, an increasing volume of service for a given SLI. investment on improving the SLO will become less and less productive. Each additional unit SLOs usually require some context to be of input will produce less output than the prior interpreted, for example, availability is unit of input until it does not make economic expressed as a percentage of time that a sense to keep investing money. system is usable over period of time (usually a month). Another common definition of availability is “the system is considered The Myth of Five-Nines: available if responds within 10 seconds to a user request”. The ‘myth of the five-nines’ is a particularly famous but currently unrealistic goal for IT providers who, in pursuit of perfection, now In other cases, such as ‘error rate’, the SLI target performance up to three decimal places— can be expressed as a number of errors in the case of uptime—being up 99.999% of the (per minute) considered acceptable (which time represented by five consecutive nines. informs how many retries must be allowed). The most common pattern is to have an SLO If this was goal possible, it would equate to just 5 expressed as the upper (or lower) bound minutes and 15.6 seconds of service interruption in a given year. While this currently unachievable of the acceptable range, for instance, any goal is frequently discussed, it is not offered by network round-trip time (RTT) lower than a any of the major public cloud providers or any given acceptable number in seconds, would other major service providers for server-based be a valid SLO (i.e. RTT < 4 sec). capabilities . It is important to consider external factors Less obvious examples are values that go and chains of dependency when defining an beyond the substrate that the SLOs are built SLO. Network latency, for example, cannot upon. For example, if the Infrastructure be defined if part of the communication Provider cannot guarantee an uptime for happens over the public Internet, since it is virtual machines (or containers) higher than technically impossible to predict the route 99.5% then it will not be possible (without a particular packet will follow under TCP/ extra work) for the Service Provider to offer IP networks. Sometimes even the laws of an overall service availability higher than physics need to be considered, such as the 99.5%. Ultimately, a combination of a relevant time it takes for a beam of light to travel and quantifiable variables and an expected through the fibre optic cables under the value range does not result in an SLA. In other Pacific Ocean. words, when the expression “Availability > 99.5%” is found, that is actually an SLO and Therefore, an SLO must be defined to not an SLA. While SLOs are not enough, realistic values, it is of no use to define SLO setting a reasonable set of SLOs is of the as “RTT = 0 Sec” or “Availability = 100%” essence and constitutes the core of a well- since those values will never be able to defined Service Contract Agreement in terms be achieved. of quality of service. Orion Health White Paper Understanding Service Level Agreements in Healthcare 3 Service Level Agreements (SLA) To build SLAs from Service Level compensations, typically called “service Objectives, some levels of criticality and credits”, can be defined monetarily or via cost (in terms of business value) need bonuses on future services. The bonuses to be introduced. The importance of the typically constitute an amount of service SLO needs to be qualified and paired credits depending on the severity of the with the consequences of breaching the failure. commitment. For example, the interruption of service Service Level Agreements are included for 30 minutes compared with one day of in the Cloud Service Agreement once interruption will result in materially different this has been completed and are usually degrees of penalty, in extreme cases associated with a level of compensation— resulting in dissolution of contract. in case of failure to honour them. Such SLI (what) SLO (objective) SLA(consequence) • quantifiable • minimum/ • contractual • relevant maximum • service credits • average FIGURE 2: Service Level Agreements Diagram The impact of automation on SLA Site Reliability Engineering (SRE) The relatively recent introduction of the can decrease from minutes or hours to just concept of Site Reliability Engineering seconds and the margin for human error is in the IT industry has revolutionised the drastically reduced. approach to increasing the quality, speed, security, and certainty of delivering an SLA, An added benefit, which is especially especially on cloud services. important for the healthcare industry, is the fundamental paradigm shift in data security. Site Reliability Engineering (or SRE) focuses The level of isolation that can be achieved on replacing Engineers with Automation. So, through utilising automation instead of instead of having DevOps or Ops Engineers humans, provides an opportunity to protect providing 24/7 support and maintenance of private data that would be otherwise production systems, the modern approach impossible. As automation has limited scope has Developers building automated and access, is subject to stringent auditing solutions that manage the 24/7 support and controls, and has been reviewed, tested and maintenance function. As a result, the mean approved prior to its implementation, the time to reaction of an incident response room for unexpected exposures of protected Orion Health White Paper Understanding Service Level Agreements in Healthcare 4 data are close to zero. Automation is also In contrast, in a traditional operations model ubiquitous and can be deployed anywhere an international IT provider—who is utilising in the world, providing another advantage DevOps or Ops Engineers—requires local for the healthcare industry which also has teams in each country, which significantly strong data sovereignty requirements. limits scalability in the context of a global service. FIGURE 3: Site Reliability Engineering Diagram Monitoring SLI and Alerting SLO For effective management of Service Level Building a monitoring and alerting system Agreements it is fundamental to apply a can quickly become a project on its own, robust monitoring and alerting system. instead of a means to an end. Fortunately, Without visibility and appropriate alerting, there are multiple offerings “as a Service” SLAs are an empty concept. available that provide a much better cost/ benefit ratio than building a solution. Nowadays, monitoring and alerting has become a discipline on its own, and there For the purpose of this paper, the following are numerous statistical and machine concepts are important: learning techniques that are applied to monitoring including trend prediction, Warnings heuristic anomaly detection, and others.
Load more

Recommended publications
  • IBM Hyperswap: an Automated Disaster Recovery Solution Disaster Recovery at Different Geographical Sites
    IBM Systems Technical white paper June 2020 IBM HyperSwap: An automated disaster recovery solution Disaster recovery at different geographical sites Table of contents Introduction.......................................................................................... 2 Problem statement .............................................................................. 3 Validating the system for HyperSwap failures ................................ 6 Generic best practices for IBM HyperSwap ..................................... 7 Summary............................................................................................... 8 Get more information .......................................................................... 8 About the author .................................................................................. 8 Acknowledgments ............................................................................... 9 1 IBM Systems Technical white paper June 2020 Introduction Overview This technical paper is based on a client engagement and is developed to assist Challenge IBM® Business Partners, field sales representatives, technical specialists, and How to configure an automated IBM clients to understand when can IBM HyperSwap® be deployed on IBM disaster recovery solution Spectrum Virtualize systems and the steps to validate the configuration for between existing IBM Storwize failure cases. It also includes the best practices involved for the specific client V7000 control enclosures at engagement and can be applied in a similar environment.
    [Show full text]
  • AIX Disaster Recovery with IBM Power Virtual Server
    AIX Disaster Recovery with IBM Power Virtual Server An IBM Systems Lab Services Tutorial Primitivo Cervantes Vess Natchev [email protected] TABLE OF CONTENTS CHAPTER 1: SOLUTION OVERVIEW............................. 1 1.1 Introduction .......................................................................... 1 1.2 Use Cases ............................................................................. 1 1.2.1 Geographic Logical Volume Manager (GLVM) Replication .... 1 1.2.2 Geographic Logical Volume Manager (GLVM) Replication with PowerHA ............................................................................... 2 1.3 Solution Components and Requirements ................................... 2 1.3.1 Components ................................................................. 2 1.3.2 Requirements ............................................................... 2 1.4 Solution Diagram ................................................................... 3 CHAPTER 2: IMPLEMENTATION .................................. 4 2.1 Base IBM Cloud PowerVSI and Networking setup ....................... 4 2.1.1 Open an IBM Cloud account ............................................ 4 2.1.2 Create PowerVS location Service and Subnet(s) ................ 5 2.1.3 Provision AIX and IBM i VSIs in each PowerVS location ....... 5 2.1.4 Order Direct Link Connect Classic to connect PowerVS location to IBM Cloud ............................................................. 5 2.1.5 Order two Vyatta Gateways, one in each datacenter .......... 6 2.1.6 Request a Generic
    [Show full text]
  • Data Center Disaster Recovery
    Data Center Disaster Recovery KwaiSeng Consulting Systems Engineer Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 1 Agenda Data Center—The Evolution Data Center Disaster Recovery Objectives Failure Scenarios Design Options Components of Disaster Recovery Site Selection—Front End GSLB Server High Availability—Clustering Data Replication and Synchronization—SAN Extension Data Center Technology Trends Summary © 2006 Cisco Systems, Inc. All rights reserved. 2 The Evolution of Data Centers © 2006 Cisco Systems, Inc. All rights reserved. 3 Data Center Evolution Networked Data Center Phase Data Center Continuous Data Center Availability Virtualization Data Center Network Consolidation Optimization Compute Internet Evolution Computing Data Center Client/ Networking Server 1. Consolidation Mainframes 2. Integration Content 3. Virtualization Networking 4. High Availability Thin Client: HTTP Business Agility Business TCP/IP Network Terminal Evolution 1960 1980 2000 2010 © 2006 Cisco Systems, Inc. All rights reserved. 4 Today’s Data Center Integration of Many Systems and Services Storage N-Tier Front End Network Applications Network Application/Server WAN/ Optimization FC Security Internet Switch Web Servers Resilient Cache IP Firewall DR Data Center Scalable Infrastructure Application and Server Optimization NAS App Servers Content Data Center Security IDS Switch MAN/ DC Storage Networks Internet VSANs Distributed Data Centers DB Servers FC Switch Mainframe IP Comm. Operations FC Switch RAID Metro Network
    [Show full text]
  • Small Business Disaster Recovery
    QUICK GUIDES Small Business Disaster Recovery When a disaster occurs, businesses must take care of their employees’ needs, communicate the impact, address financial matters (e.g., insurance, disaster assistance), restore operations, and organize recovery. Below are resources to help reopen your business and make progress through long-term recovery. For more details, visit: www.uschamberfoundation.org/ccc. TOP 10 TIPS FOR RECOVERY Keep detailed 1. Implement your disaster plan. Assess damage and consider if a backup location is needed. records of business 2. Shift your team and leadership from preparedness to recovery. activity and the 3. Implement a communications strategy to ensure that the facts go directly to extra expenses employees, suppliers, customers, and the media. of keeping your 4. Encourage employees to take appropriate actions and communicate. business operating 5. Document damage, file insurance claim, and track recovery. in a temporary 6. Cultivate partnerships in the community with businesses, government, and location during the nonprofits. interruption period. 7. Provide employee support and assistance. 8. Connect with chambers of commerce, economic development, and other community If you are forced to support organizations. close down, include 9. Document lessons learned and update your plan. expenses that 10. Consider disaster assistance. Contact the Disaster Help Desk for support at continue during the 1-888-MY-BIZ-HELP (1-888-692-4943), or visit www.facebook.com/USCCFhelpdesk or time that the business https://twitter.com/USCCFhelpdesk. is closed, such as advertising and the cost of utilities. RECOVERY RESOURCES The Insurance Information Institute This is a checklist for reopening your business after a disaster.
    [Show full text]
  • Azure Disaster Recovery- As-A-Service: Plan, Implement, Manage Help Ensure Speed and Ease of Cloud Recovery Through Proven Azure Disaster Recovery Solutions
    Education IT Professional Services Azure Disaster Recovery- as-a-Service: Plan, Implement, Manage Help ensure speed and ease of cloud recovery through proven Azure disaster recovery solutions From power outages to natural disasters or human error, unplanned disruptions can be costly and detrimental to your district’s educational and business priorities. In the event of a Highlights disaster, you need a reliable, tested and cost-effective solution to respond with speed and agility while reducing the financial losses • Leverage the cloud, at an affordable price that result from these outages. point, to maintain business continuity. Most school districts do not have a DR strategy or plan because • Run disaster recovery drills annually with no the cost of a secondary data centre is prohibitive and technically business or application impact. very complex. Performing a DR drill can be difficult and carries with it the risk of impacting production workloads. Data loss and • Minimize errors when failing over and drastically reduce downtime. application errors are a common occurrence when failing over to a secondary site. • Save money by using Azure as your secondary data centre. In addition, traditional DR requires constant updating and maintenance in order ensure the environment continues to • Realize a tested and proven Recovery Plan. function and perform optimally. This requires dedicated cycles • Protect heterogeneous environments with a from IT staff. single solution: Hyper-V, VMware, physical servers. Minimize risks and avoid costly incidents • Achieve Ministry mandate for DR IBM K-12’s Microsoft Azure Site Recovery is a Disaster Recovery as a Service (DRaaS) solution. It removes the complexity of traditional DR, and greatly reduces the cost to implement and maintain it.
    [Show full text]
  • SAP on Google Cloud: Disaster Recovery Strategies
    SAP on Google Cloud: Disaster-recovery strategies Overview © 2020 Google LLC. All rights reserved. Contents About this document 3 Introduction 3 Disaster recovery 3 Architecture considerations 4 Disaster-recovery strategies 5 Scenario 1: RTO within days, RPO dependent on business function 6 Scenario 2: RTO less than a day, RPO within minutes 7 Scenario 3: RTO in minutes, RPO close to zero 9 Disaster-recovery planning and testing 11 Recommendations 11 Capacity planning 11 Automation 12 Disaster-recovery plan 12 Summary 12 Further reading 13 2 © 2020 Google LLC. All rights reserved. About this document This document is part of a series about working with SAP on Google Cloud. The series includes the following documents: ● High availability ● Migration strategies ● Backup strategies and solutions ● Disaster-recovery strategies (this document) Introduction This document helps architects to make smart decisions when designing disaster-recovery (DR) architectures and strategies. The document considers not just the criticality of individual solutions, but also the different components of a typical SAP system. A good disaster-recovery strategy begins with a business impact analysis that defines two key metrics: ● Recovery Time Objective (RTO): How long you can afford to have your business offline. ● Recovery Point Objective (RPO): How much data loss you can sustain before you run into compliance issues due to financial losses. For both cases, you must determine the costs to your business while the system is offline or for data loss and re-creation. Typically, the smaller your RTO and RPO values are (that is, the faster your application must recover from an interruption), the more your application will cost to run.
    [Show full text]
  • Storage Disaster Recovery Service
    Storage Disaster Recovery Service Product Introduction Issue 09 Date 2021-06-21 HUAWEI TECHNOLOGIES CO., LTD. Copyright © Huawei Technologies Co., Ltd. 2021. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd. Trademarks and Permissions and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd. All other trademarks and trade names mentioned in this document are the property of their respective holders. Notice The purchased products, services and features are stipulated by the contract made between Huawei and the customer. All or part of the products, services and features described in this document may not be within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information, and recommendations in this document are provided "AS IS" without warranties, guarantees or representations of any kind, either express or implied. The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure accuracy of the contents, but all statements, information, and recommendations in this document do not constitute a warranty of any kind, express or implied. Issue 09 (2021-06-21) Copyright © Huawei Technologies Co., Ltd. i Storage Disaster Recovery Service Product Introduction Contents Contents 1 SDRS Introduction..................................................................................................................
    [Show full text]
  • Disaster Recovery As a Service Using IBM Spectrum Virtualize and Vmware Site Recovery Manager Integration a Technical Report
    IBM Systems Technical White Paper December 2016 Disaster recovery as a service using IBM Spectrum Virtualize and VMware Site Recovery Manager integration A technical report Overview This technical paper demonstrates how IBM® Spectrum Virtualize™ Software Only V7 with VMware Site Recovery Challenge Manager can provide key components for disaster recovery as a service (DRaaS) and benefits in data mobility across sites in a Cloud and managed service providers private cloud environment. It provides a simple and automated looking to implement DRaaS to users with business continuity with low risk between sites having heterogeneous or dissimilar storage heterogeneous storage infrastructure infrastructures are met with various challenges, such as: The target audience for this paper are technical leaders, system and storage administrators, managed service providers (MSPs) and How to reduce capital expenditure cloud service providers (CSPs) to implement disaster recovery (DR) (CAPEX) and operational cost for as a service between heterogeneous storage infrastructures. DR? The solution is developed on IBM Spectrum Virtualize Software How to integrate with client’s Only V7 which is deployed on x86 processor-based Lenovo server cloud orchestration and hardware. The solution uses the VMware Site Recovery Manager interoperate with on-premises integration using IBM Storwize® Family Storage Replication existing storage systems? Adapters (SRAs) How to deliver centralized storage management? This solution provides key components for simplified automation for business continuity with the specified recovery point objective Solution (RPO) and recovery time objective (RTO) requirements for both planned and unplanned outages. IBM Spectrum Virtualize is a software- The solution also provides benefits for data mobility between defined storage solution which provides virtualization layer to decouple storage heterogeneous storage infrastructures using IBM Spectrum hardware and software management.
    [Show full text]
  • The Definitive Disaster Recovery Plan Checklist
    The Definitive Disaster Recovery Plan Checklist Every day there are new horror stories of tech outages, associated expenses. While a simple file-level backup system downtime, and data loss — even at the best of companies. When might be sufficient for some applications, your mission-critical disaster strikes, engineering teams are dispatched to repair the applications will likely need a DR technology based on real- damage, while PR teams work overtime to restore customer time continuous data replication, to enable you to achieve confidence. It’s a time-consuming and often expensive effort. near-zero RPO and RTO. No matter what the cause of the disaster, the organizations that manage them most effectively, and with the least amount #2: Identify Stakeholders of collateral damage, are those with a comprehensive, easy- to-follow, and regularly tested disaster recovery (DR) plan. The next step is to identify all those who need to be updated Whether you already have a DR plan or you are just beginning once disaster strikes. In addition to those involved with the process of creating one for your organization, this Definitive performing the actual recovery from a disaster (e.g., engineers, Disaster Recovery Plan Checklist will help you ensure you’ve support, executives), you should also pinpoint members of included all the crucial components in your plan. your PR and marketing team, vendors, third-party suppliers, and even key customers. Many companies keep a register of #1: Determine Recovery Objectives stakeholders, a good starting point for identifying all of the (RTO and RPO) stakeholders you’ll want to notify if there is a disaster.
    [Show full text]
  • Solution Brief: Huawei All in One Backup Solution
    Solution Brief: Huawei All in One Backup Solution Huawei All-in-One Backup Solution brings enterprise class seamless, KEY FEATURES automated backup to SMB customers. Commvault and Huawei offer a portfolio of data protection solutions that fit small and medium • Preconfigured, scalable architecture businesses as well as the remote office to the data center in large • Snapshot orchestration enterprises. • Deduplicated, encrypted copies • Any tier Huawei All-In-One Backup node is an integrated backup solution • Any platform designed for Small to Medium sized Businesses (SMBs), enterprise • Any data type companies, and branches of large enterprises. It deploys Huawei • Orchestrated disaster recovery RH2288H V3 as hardware and industry-leading Commvault® software as • Advanced search and eDiscovery backup software; it assembles backup server, backup media, and backup • Built-in analytics software in one package, saving construction cost and simplifying • Powerful User Interface backup management. • Universal access Our strategic alliances unlock unique value for our CHALLENGES SOLVED Partners, available nowhere else. • Modernizing virtual environments • Maintaining operational consistency at remote locations • Addressing data protection needs without additional staffing WHERE TO LEARN MORE • Simplifying data infrastructure complexity • Addressing disaster recovery planning For more information, please visit Huawei online at • Unifying departmental systems or follow us on: • Achieving regulatory compliance www.huawei.com From simple backup to cloud gateway, Huawei offers a solution that can http://www.linkedin.com/company/Huawei be applied in a number of use cases such as: http://www.twitter.com/Huawei • For small to medium sized companies, Huawei offers an All-in-One http://www.facebook.com/Huawei Backup Solution for backup and disaster recovery.
    [Show full text]
  • Disaster Recovery in Cloud Computing
    International Journal of Advanced Research in Computer Engineering & Technology (IJARCET) Volume 4 Issue 5, May 2015 Disaster Recovery in Cloud Computing Mr.Akshay A. Gharat, Mr. Devendra E. Mhamunkar ASM INSTITUTE OF MANAGEMENT & COMPUTER STUDIES (IMCOST), THANE, MUMBAI University Of Mumbai to protect the data from loss. Cloud providing companies Abstract: Nowadays , data has been generated in large like Google, Amazon, Microsoft etc., experienced cloud amount that required the data recovery services. We know disaster with a huge loss of data and servers. When disaster that the cloud computing introduces a new type of computing occurs at client side backup will be stored in cloud but if platform in today’s world. This type of computing will disaster occurs in cloud data will be lost. Natural disasters generates a large amount of private data on main cloud. may occur due to bad weather results in disaster To Therefore, the necessity of data recovery services are growing overcome these disasters there are some disaster recovery day-by-day and it requires a development of an efficient and techniques which are used to recover data. effective data recovery technique. The purpose of recovery technique is to help user to collect information from any Disaster recovery techniques as required to their backup server when server lost his data and unable to provide business continuity. Dedicated and shared models are the data to the user. To achieve this purpose, many different two approaches for disaster recovery based on cost and techniques have been proposed till date. In this review paper, speed. Storing the data from cloud infrastructure in order to we mention few recent techniques that are the solutions in the recover when disaster occur.
    [Show full text]
  • Disaster Recovery Strategies
    Disaster Recovery Strategies From the Experts at Scale Computing Technical Whitepaper Understanding how to survive and respond to I.T. threats Table of Contents Introduction ....................................................................................................................................................3 HC3 Data Protection Suite .......................................................................................................................3-5 Backup ..........................................................................................................................................................3 Replication ...................................................................................................................................................4 Failover .........................................................................................................................................................4 Recovery ......................................................................................................................................................5 ROBO and Small Environments ..................................................................................................................6 Distributed Enterprise ................................................................................................................................6 Small Environments ....................................................................................................................................6
    [Show full text]