Creating MacPractice Backups of the database is the only way to maintain the data added to MacPractice. It is your responsibility to ensure that backups are created, properly stored, and that an effective backup scheme is in place. The Backup Guide will assist with developing a backup scheme, creating manual and automatic backups, removing old backups, and restoring backups.
The Backup Guide will assist with creating a Backup Scheme through the following topics:
- Planning a Backup Scheme
- Server Backup Preferences
- Encrypting your Backups
- Creating Manual and Automatic Backups
- Restoring Backups
MacPractice does not provide any backup service or data storage, nor do we have the Database Encryption password if you choose to use this setting. Please note that Time Machine, DropBox, Dolly Drive, or other online backup services do not create database backups. While these services may backup a folder already containing a MacPractice backup, the backup must first be created through MacPractice.
MacPractice recommends creating a daily backup of MacPractice to the local hard drive and to an external device. We also recommend an off-location backup, such as to a secure cloud location or an external device kept out of office should the worst happen.
It is very important to always have a good backup to revert to if there is an emergency.
Consider the following when creating a Backup Scheme:
Always store external backups in a secure location, such as a fireproof safe. Select a location that can be accessed if a backup is needed.
Rotate the backup media for each day of the week your practice is open to reduce the impact of a potential device malfunction.
Should your server computer or external drives be compromised or lost, encrypting your backups will ensure that any PHI (Protected health Information) is inaccessible without the encryption password. The backup file can never be restored without the encryption password and not even MacPractice Support can bypass encryption security. Always securely store this password in case it is forgotten.
Retain the backups on an external device. Retain at least one backup from the following time periods:
- The last 2 business weeks or 10 business days
- The end of every month
- The end of every quarter
- The end of the fiscal year
Your Backup Scheme should include a destruction process where older backups are archived, destroyed, or removed. Backups that are deleted, either manually or with the Max Backups feature are not retrievable. Archive any backups that need to be maintained to comply with your Backup Retention Policy (see Retention).
Your internal and external drives on the MacPractice Server are limited in backup capacity by the size of the drives and the backups. Regularly removing older backups that do not need to be retained will help maintain space on the MacPractice Server drives and may be necessary in the event of a Low Disk Space or Full Disk error.
You can locate Server Backups in the MacPractice Menu > Preferences > Server Backups. This Preference category is only accessible from the MacPractice Server computer.
Within the Server Backups pane of the MacPractice Preferences, you can configure and schedule where and when backups are created.
- Default Backup Directory: The Default Backup Directory field sets the location to which automated backups are written. By default, this path is /Library/MacPracticeBackups. To change the Default Backup Directory, click the Choose button next to the Default Backup Directory field and select the location. This backup path can point to any local media, such as an internal or external hard drive. Backups cannot be made directly to non-local media, such as a networking path or directly to a CD.
- Backup Times: The Backup Times field designates when backups will run for each backup directory.
- Compression Level: The Compression Level slider controls the compression level for the backups. Lower compression will result in a faster backup creation time, but the final size will be larger. More highly compressed backups will take longer to create, but they will take up less space on your storage medium once finished.
- Skip Compression Test: The Skip Compression Test checkbox disables the gzip compression test that is performed by default. It is recommended to leave this option unchecked. This test may be used by MacPractice Support to assist in some troubleshooting situations.
- Encrypt Backups: The Encrypt Backups option encrypts MacPractice backups with secure AES-256 encryption. Enabling this preference requires a password to be entered before the backup can be restored. If the encryption feature is used, it is vital that you remember the password. MacPractice does not have a way to bypass the encrypted password. It is not possible to restore or decrypt an encrypted backup without the encryption password. MacPractice cannot retrieve the data stored within an encrypted backup. Despite this, we strongly recommend encrypting your backups to ensure your data is secure.
- Restart Database Server After Backup Completes: This preference, when enabled, will trigger the MySQL server to restart once a backup finishes. This does not exit out of MacPractice, but upon a backup completion any other logged in users may experience slowness or loss of connectivity. If this is enabled, an office must ensure that backups are scheduled outside of operational hours.
Your MacPractice Server's live database is secured via a Security Password which must be entered when starting the server in order to gain access to the database. This ensures that your PHI (Protected Health Information) is secured should an unauthorized party gains access to your server computer. However, your MacPractice Backups are not similarly secured unless you choose to encrypt your backups via Server Backup Preferences.
Why is this important?
Theft continues to be one of the major causes of healthcare data breaches. If a server computer or storage medium is stolen that contains unsecured data, this would be considered a data breach that requires reporting the breach. Please refer to The U.S. Department of Health & Human Services website for more information.
To encrypt your backups, navigate to the MacPractice Menu > Preferences > Server Backups.
Check the Encrypt Backups checkbox.
Enter your password, and re-enter it in the Verify prompt. Important : MacPractice does NOT retain your encryption password! If you misplace or forget this password, MacPractice cannot assist with accessing your encrypted backups. Write this password down and store the password in a secure place!
You will be prompted to confirm that password. All backups created after this point will be encrypted with the chosen password.
This section details how to create Manual and Automatic Backups on your Server computer.
A MacPractice Backup can only be created on the MacPractice Server. For automatic backups to be created on the server computer, the computer must be powered on and cannot be set to sleep. The MacPractice database must also be running. If the computer is not powered on and active, the backup will not be created.
MacPractice does not support creating backups on a Network location. If you need to store backups on the network, we advise that you write a backup to a location on the Server computer, and then once the backup is successfully created, you can then move it to a location on the Network.
Steps to take before you can create backups
There are a few steps to address prior to creating backups to ensure you don't run into any issues.
Setting Privileges in MacPractice
Users must have the correct privileges to create a MacPractice backup. These privileges can be managed in the References ability under the User Group Privileges node. Enable the following privileges for the user group that will be responsible for backups management:
- Access Preferences
- Allow Backup Database
- Edit Backup Preferences
macOS User and Security Settings
You'll want to review and assign the correct User Group permissions for the MacPractice Server computer users to ensure the proper levels of access are assigned to each user. The MacPractice Backup files are only accessible to an Operating System user who is a member of the macpractice_backup user group. To edit the system users, select the Apple menu in the upper left corner of the screen, then select System Preferences followed by Users & Groups.
Click the lock in the lower left corner of the System Preferences window to make changes to the groups. Enter the computer administrative username and password. This is the username and password for the computer, not MacPractice.
Next, select the macpractice_backup group and check the box next to any computer users that should create or view MacPractice backups on the server. Click the lock icon and close the window to save the changes.
For Security Settings, if you intend on having backups written to an external device (and we strongly recommend you do so!) you'll want to enable Full Disk Access for the MacPracticeServerController. You can do this by navigating to System Preferences > Security & Privacy > Privacy Tab > Full Disk Access, and ensuring the "MacPracticeServerController" is present in the list and checked, as shown in this screenshot:
By doing this, the ServerController will have the necessary access to write to your connected storage devices.
A new backup scheme can be created by clicking the plus button, or click the minus button to remove a backup scheme. With the Enabled checkbox checked, a backup will be created at the selected location at the scheduled time and days. When this box is unchecked, the indicated backup scheme will not run.
The Source column determines which portion of the database will be stored in the backup. For most practices, you'll want this set to All, as this will back up the entirety of your MacPractice database.
We recommend creating at least one complete (All) backup every day.
Additional backup schemes can be created to backup either the database or attachments separately, but partial backups (data or attachments only) include only the selected portion of a backup. For example, if a database only backup is restored, no attachments will be restored.
- Database: All MacPractice and patient data, but no Attachment data.
- Attachments: All images files in MacPractices Digital Radiography/Imaging and Attachments/Images, but no MacPractice and patient data.
- All: All information, including data and attachments.
Warning: If no maximum number is determined, MacPractice will continue to generate backups at the scheduled times until there is no more space on the hard drive. This can cause all kinds of operational problems for your server computer, so we strongly recommend setting a maximum number.
Backup Schemes should never be configured to run at the same time and day. Creating a backup taxes the server resources. Multiple backups should never run simultaneously. If multiple backup schemes are created, adjust the time to allow one backup to start and end before another backup starts. For example, if a backup starts at 6:00 PM and the backup takes at least 30 minutes to complete, set the next backup to start at 7:00 PM. This would allow the 6:00 PM backup enough time to complete before starting the next backup.
To learn how to restore your database from a backup, please refer to our Restoring the Database from a Backup article linked here.