PACS datacentre decommissioning
This week’s blog is written by guest blogger Peter Heron who is the HSCIC Programme Manager responsible for overseeing CSC’s work to decommission the data centres used for the PACS and RIS contracts in the South, North West and West Midlands.
Following contract end (exit 30th June), CSC were required to decommission the data centres used for their PACS and RIS services. This includes the destruction of all data held within the data centres and the destruction of the infrastructure that the data is held on in accordance with IG security guidelines.
This work is well underway: there has been a controlled soft power down, followed by a controlled physical power down, of the Unix, Wintel and storage hardware systems along with the network infrastructure. Following this. network and switch configurations were erased and infrastructure cabling and racking is shortly to be dismantled. There is no longer any traffic traversing the data centre N3 links.
One of the final and most important tasks is for NHS trust nominees (and HSCIC Test Assurance team) to witness the data destruction process. This will take place during several visits across the first half of September. Witnesses include up to 7 people from NHS trusts and 2 from HSCIC Test Assurance. This activity involves witnessing the destruction process of Patient Identifiable Data (PID) and Patient Identifiable Information (PII) held on hard disks by using Government approved wiping software; the data is deleted using multiple passes which overwrites the existing data with various random patterns of new data that prevent the original data from being recovered. Finally, the data also held on magnetic tape is degaussed (wiped using a strong magnet) and physically crushed.
Before the end of September, the final act will be for CSC to confirm, via formal letter to HSCIC, that the data centres are fully closed down. At this time, each of the 78 trusts will be formally written to confirming their data has been destroyed.
And so ends an era!