Xamin helps U.S. banks and healthcare facilities meet regulatory requirements with Veeam

The Business Challenge

Architecting, procuring, implementing and supporting the technology required by financial institutions and healthcare organizations is not for the faint of heart. The regulatory scrutiny they face is intense, and for good reason. They are major contributors to the nation’s economy and the population’s well-being.

With decades of experience, Xamin has established a proven track record among hundreds of financial institutions, healthcare organizations and reputation-sensitive companies. Whether it’s a $10 billion credit union or a $100 million healthcare facility, Xamin has them covered.

“We understand the landscape of regulated industries and what is needed for these organizations to meet strict compliance requirements, said Pete Smothers, Chief Operating Officer at Xamin. “Xamin is Service Organization Control 2 (SOC 2) certified, which requires that we operate under the same types of compliance scrutiny as our clients with regard to security, availability and confidentiality of customer data.”

Federal agencies and regulatory bodies place significant standards upon any organization that interacts or deals with financial or healthcare data. These standards carry penalties that can extend to service providers supporting these industries. For instance, the fines for HIPAA violations can cost up to $50,000 per penalty or $1.5 million per year for each violation. In 2018, HIPAA fines totaled more than $28 million.

Xamin must conduct and pass SOC 2 audits each year to maintain compliance and provide assurance to their end-user customers. These audits center on what controls are in place to protect the systems utilized by Xamin and the data to which it has access. Therefore, having total confidence in data management is paramount.

“Like most of our clients, we reached a point when our legacy backup solution was no longer reliable, putting data at risk,” Smothers said. “We considered several availability solutions, but only one could meet our needs. Critical applications and data must be available continuously so we can comply with regulatory requirements. We deployed Veeam, and now we recommend it to every client.” 

The Veeam Solution

Veeam Backup & Replication helps Xamin pass its SOC 2 examination each year. Veeam backs up and replicates 10 TB across more than 50 VMware vSphere virtual machines (VMs) on-premises for fast, local recovery and off-premises for BC and DR.

“Veeam delivers the highest level of data availability on the market,” Smothers said. “It’s simply the best, and that’s what our clients deserve.”

One of Xamin’s clients is a $700 million community bank located in Tornado Alley, a storm-prone region of the United States. The bank had a BC and DR plan that complied with guidelines from the FFIEC but wanted more data recovery options. In 2006, the FFIEC urged banking institutions to make sure their BC and DR plans were comprehensive after Hurricane Katrina decimated dozens of banks and credit unions on the Gulf coast.

“Our client’s legacy backup solution was slow and unreliable,” Smothers said. “They couldn’t verify recoverability — a key prerequisite for BC and DR, and they had limited recovery options.”

Xamin recommended the bank deploy Veeam to back up and replicate data between its main banking office and a DR office that are geographically separated to prevent damage to both sites by a tornado. Veeam verifies the recoverability of backups (SureBackup) and replicas (SureReplica) and provides a recovery capability not possible before. Instant VM Recovery restores whole VMs immediately, helping to make customer-facing banking services available quickly, even after a tornado.

“Veeam is at the epicenter of bank’s first truly comprehensive BC and DR strategy,” Smothers said. “We test it thoroughly each year to ensure they can maintain compliance with FFIEC.”

Xamin also helps healthcare organizations maintain regulatory compliance regarding HIPAA. One of Xamin’s clients provides world-class ophthalmic care. With thousands of patients, it’s one of the largest eye clinics in the nation’s heartland, generating millions in annual revenue. Like the bank, the clinic needed a comprehensive BC and DR strategy to support regulatory compliance.

“We back up and replicate all of their data, including more than 10 TB of high-resolution eye images, to the clinic’s DR site each night with Veeam,” Smothers said. “We’re helping them protect the images per HIPAA and make sure they’re available on demand so doctors can treat patients. Veeam helps us help the clinic deliver on their promise to provide the best eye care.”

The Results

Provides a comprehensive BC and DR strategy to support regulatory compliance
“Being able to recover data quickly during a disaster is critical for every client,” Smothers said. “Veeam helps us deliver enterprise-class BC and DR strategies that streamline compliance in highly regulated industries.”

Ensures rapid recovery and availability of critical data for several financial institutions operating in Tornado Alley
In addition to verifying the recoverability of data with SureBackup and SureReplica, banks can recover data in minutes with Instant VM Recovery. Veeam helps them provide customer-facing banking services quickly in the event of a disaster.

Provides high availability and historical archiving of high-res medical images for a large eye clinic in the nation’s heartland
“Veeam is the only cloud data management solution that has what it takes to help our clients comply with regulatory requirements and deliver unparalleled services in their industries,” Smothers said.