Reviewed 27/01/2021 - Backup regime reviewed and restored to generally pre-pandemic level. New text shown thus.


There are three parts of the makeup of HOPS:
* The website
* The documents
* The database

- The website is the interface that you use to browse HOPS and the pages that present information calculated from the data in the database.

- The documents are files that railways upload such as in the Operations Documents area or the competence decision supporting files.

- The database is what stores all the information that allows HOPS to run (such as permissions, etc) and all the information that railways enter into it (such rosters, competence, etc).

The Website:

The website is controlled by a version control system which means we can roll back to any point in history. This would be appropriate, for example, if we made an error in the code that caused the website to stop working properly, this might be minor, such as one little function, or major such as the whole site. The version control system is replicated on multiple machines to guard against failure of a single storage location.

Historical version records are disposed of at HOPS's discretion.

The Documents:

Documents that railways upload to HOPS are backed up off site once a day.

We only keep the most recent daily backup. This means the most that can be lost is documents uploaded in the last 24 hours. (If a document was accidentally deleted within 24 hours of it being uploaded, it may not form part of the most recent backup and therefore may not be able to be retrieved).

The Data:

The data is backed up to protect against accidental deletion or error by you or us. All backups are kept offsite to protect against catastrophic failure of the server (such as physical disk failure, fire, etc). The main server and backups server is part of a professional commercial server farm with a high level of failure protection in place.

All backups are kept off-site in case of a server incident (fire, flood, problem with server company, etc). The backups are kept in the UK and protected by same GDPR legislation as the main HOPS system.

The data is backed up every hour. The hourly backups are rotated daily, so we'll keep the twenty-four most recent hourly backups. We also keep one offsite backup per week for four weeks, and one offsite backup per month for six months. This means that we can restore HOPS in hourly increments for the last 24 hours in case of any accidental deletion or alteration to records, plus weekly for four weeks and monthly for six months.

NO BACKUPS OF DATA OLDER THAN THIS ARE KEPT. This means that once data has been deleted from HOPS, after six months it is completely gone. This does not apply to archived data, which is retained in HOPS and in backups.

This means that, at any one time, let's say 2:45pm on Tuesday 28th May 2014, there will be the following backups of the data on the server:

24 hourly backups from
14:xx Tuesday 28 May 2014
13:xx Tuesday 28 May 2014
16:xx Monday 27 May 2014
15:xx Monday 27 May 2014

One from w/c 25 May 2014
One from w/c 18 May 2014
One from w/c 11 May 2014
One from w/c 4 May 2014

1 May 2014
1 April 2014
1 March 2014
1 February 2014
1 January 2014
1 December 2013

All failures are different, and it is impossible to plan for everything, but the above backup regime is appropriate for the type of system that HOPS is and the type of data that it stores.

If you would like more information about HOPS please contact us.