"CHP, which operates 29 hospitals, has implemented many of the requirements but still needs to address the disaster recovery component, Harrison said. That part of the process has been put off because of a lack of IT staffers to dedicate to the task, he said, noting that CHP's security team has just two workers who are responsible for securing more than 2,000 servers across two data centers. "
They run 29 hospitals, but only have 2 people for 2000 servers? What exactly can they be thinking? Hats off to those two techies, 'cause I sure couldn't keep track of my share of that many servers, spread over two data centers and 29 facilites. Do they think they are somehow saving money? More than anything, they should be coming up with a good disaster recovery plan, because they are certainly setting themselves up for a good disaster.
Bt the way, I think I met these two uber-techs at a HIPAA training in Chicago earlier this year. They are good, alright, but if I had known the kind of responsibility they are shouldering, I would have looked closer for the supersuits hidden under their secret identity outfits.
If this is how it seems, then shame on the CHP administration. Saving a nickle, and overworking two very good, dedicated and knowlegeable people can only come back to bite you in the end.