| Worksheet ID: |
1367 |
| Record Location: |
IMMUNIZATION REGISTRY (AMAZON CLOUD SERVERS) |
| File Arrangement: |
alpha & numeric |
| Media Format Generated: |
Electronic |
| Media Format Stored: |
ELECTRONIC |
| Date Range: |
1993 TO CURRENT |
| Annual Accumulation: |
130 GB |
| Current Volume: |
360 GB |
| Record Value: |
Administrative |
| Audit Requirements: |
State |
| Reference Frequency: |
| Current Year per Month: |
10 |
| Past Year: |
10 |
| 2 - 5 Years: |
10 |
| Over 5 Years:
|
10 |
|
| Data Update Frequency: |
Daily |
| Information Shared Outside of State: |
Yes |
| If Shared, List Agencies: |
Authorized immunization providers in TN and those located in the bordering states that provide immunizations to TN residents. Authorized school systems and other state agencies may also be granted access to the IIS. |
| Essential Record: |
TRUE |
| Essential Record Stored: |
Amazon Cloud Services
Backups
STCs backup policy for AWS environments consists of two layers. These two layers retain the environment at both the server and data levels. Backups are an additional safeguard on top of the disaster recovery policy outlined.
The first layer is an instance snapshot that runs nightly. This captures the state of the instance at the point in time the snapshot is performed. Snapshots that are taken from encrypted volumes are automatically encrypted. The retention period for these snapshots will be 1 week.
Amazon EBS Snapshots
The second layer of backups includes an Oracle Database backup that is pushed to AWS disk storage (S3), which is mirrored across multiple data centers. These backups will include full weekly backups, incremental nightly backups, and hourly log backups. The retention period for these backups will be 4 weeks. Test recoveries from these backups will be conducted periodically to ensure the reliability of backups. |
| Essential Record Media Type: |
Electronic |
| Confidential: |
Yes |
| Confidential Legal Citation: |
Tenn. Code Ann. § 37-10-401 (c)
Tenn. Code Ann. § 10-7-504 (a)(1)
Tenn. Code Ann. § 10-7-504 (4)(A)
Tenn. Code Ann. § 10-7-504 (9)(C)
Health Insurance Portability and Accountability Act of 1996 (HIPAA), Public Law 104-191
45 C.F.R. Part 160, Part 162, and Part 164. |
| Media Recommendation: |
Current Format |
| Media Recommendation Other: |
|
| Agency Retention: |
100 years |
| Agency Retention - Years Active: |
|
| Agency Retention - Years Inactive: |
|
| Records Center Retention Period: |
0 |
| Final Disposition after Retention Expires: |
Keep as Electronic |
| Legal Citation: |
TCA 37-10-401 |
| Record Sample: |
No Sample |
| Legal Documentation: |
No Legal Documentation |
| Electronic Records Plan Inventory |
| System Name: |
The IIS is hosted on the Amazon Web Services (AWS) platform known as TennIIS |
| IT-ABC Number: |
|
| Hardware Description: |
The IIS is hosted on the Amazon Web Services (AWS) platform. This is a cloud-based Platform as a Service (PaaS) |
| Software Description: |
Oracle Database, Web Browsers |
| System Location: |
The IIS is hosted on the Amazon Web Services (AWS) platform. This is a cloud-based Platform as a Service (PaaS) environment that provides significant hardware, networking and security capabilities. Other documents delve into the specifics of the environment and its features in more details.
The diagram below provides a high-level view of the hosting deployment. One of the key features for security purposes is the Virtual Private Cloud (VPC). This is a hardware and software barrier that restricts who can access the resources and how they can be accessed. Within the VPC are the physical servers for the IIS. These comprise the web application servers and database servers. Each server type is configured in pairs to provide redundancy and failover capabilities. Security features, backup procedures and business continuity processes are detailed further in their respective documents. |
| Backup Procedures: |
Backups
STC's backup policy for AWS environments consists of two layers. These two layers retain the environment at both the server and data levels. Backups are an additional safeguard on top of the disaster recovery policy outlined.
The first layer is an instance snapshot that runs nightly. This captures the state of the instance at the point in time the snapshot is performed. Snapshots that are taken from encrypted volumes are automatically encrypted. The retention period for these snapshots will be 1 week.
Amazon EBS Snapshots
The second layer of backups includes an Oracle Database backup that is pushed to AWS disk storage (S3), which is mirrored across multiple data centers. These backups will include full weekly backups, incremental nightly backups, and hourly log backups. The retention period for these backups will be 4 weeks. Test recoveries from these backups will be conducted periodically to ensure the reliability of backups. |
| Disaster Recovery: |
Due to the additions/modifications to select AWS features involving how disaster recovery is handled; the business continuity plan and checklists will be a dynamic process.
In addition to the above checklist, STC has created the following plan to address any service issues that occur during normal business hours (8AM-5PM AZ time) as well as outside of normal operating hours. This plan will be executed by an assembled cloud services team with expertise in cloud resources and infrastructure, application knowledge, and database structure.
1. When a service issue occurs during normal STC operating hours, the client will need to call the primary help desk number (844-206-9927)or the STC afterhours number (844-223-7520).
The help desk person will then communicate the issue directly to the cloud services team. If an outage is identified outside of business hours, the client is instructed to call the Account Executive assigned to them. It is also recommended to send an email to CloudServices@stchome.com with the service issue detailed and screenshots attached if applicable.
2. Once the cloud services team is informed of the issue, they will work together to triage the issue and determine where the fault is occurring. They will provide status updates following the initial diagnosis, what steps are being taken to resolve the issue, and when the issue has been resolved.
3. After the client is made aware the service is back to normal operating condition, STC will conduct a root cause analysis and generate recommendations and steps to prevent the same service issue from occurring again. This will be documented and sent to the customer by their Account Executive for review. |
| Data Migration Description: |
Electronic records are located in TennIIS and hosted by the Amazon Web Services (AWS). The data migration process would be managed by the TennIIS vendor STC. |
| Metadata Description: |
Oracle database searchable by all fields, including last name, first name, middle name; guardian's name; mother's maiden name; physical addresses, provider information, VFC Provider PIN Number |
