Avoid Pitfalls of Health-care Wi-Fi Networks
- 04 June, 2007 11:50
In health-care, network dependability can literally be a matter of life and death, and US federal law mandates security and privacy levels beyond those needed in any other vertical industry outside finance and national security. And many health-care providers operate on shoestring budgets, in part because of the large population of uninsured individuals.
So when US-based Tuality Healthcare, a 90-year-old not-for-profit integrated health-care provider serving the western suburbs of Portland, designed its Wi-Fi network it moved carefully. "We, as an industry, are not early adapters of unstable technology," says Chris Herrin, Tuality's network services manager. For instance, the provider is only now upgrading from its Cerner Classic Clinical Information System, a dumb-terminal architecture, to the Cerner Millennium client/server architecture.
The health-care provider operates Tuality Community Hospital, a 167-bed facility, as well as a 48-bed satellite hospital nearby and clinics throughout the area.
Tuality, however, is heavily networked on the wired side. "We are a Cisco shop with a multi-gigabyte backplane built on six Model 6500 routers that can take transmission speeds to tens of gigs," Herrin says. "Right now, we are running at 6 to 8 gigs, and throughput is fabulous."
Tuality needs that speed to support its networked Picture Archival Computing System (PACS), which has become its lead application. With it the provider is replacing some of its traditional film images throughout its facilities, including operating theatres. It delivers images directly to doctors' offices, which, Herrin says, the doctors love and which has helped change the minds of some physicians about using computers.
It allows radiologists to read images at home, providing coverage for the emergency room evenings until 9pm, after which an outsourcer, Virtual Radiological Consultants, takes over for overnight emergencies. The radiologists access the images transmitted to them directly from the modality - X-ray, CAT or MRI - and either call or fax their reads to the emergency room.
PACS saves Tuality money by eliminating film and developing costs and cutting second-and third-shift personnel costs, and it has improved morale among the radiologists. But medical images are big and put heavy demands on the network. "We ran T1s to the radiologists' homes because the service agreement with our Internet provider was not sufficient to handle the uptime," Herrin says. That's why a 1200-member organization has such a heavy-duty network infrastructure.
"The PACS application broke through the barrier of computer resistance to the extent that our neurosurgeons and orthopedic surgeons wanted it in the ORs in place of film," Herrin says. "We still have some doctors resisting computers, but the mainstream is well versed and is encouraging and, in some cases, pushing us to use the latest and greatest."
This has paved the way for the next step, layering an Aruba Networks wireless edge network onto the environment to serve Tuality's Hillsboro main campus. While this will allow the provider to support mobile computing for its staff - most of whom spend the majority of their day away from desks and nurses' stations - and potentially may allow it to provide pass-through Internet service to patients and visitors, it also introduces a new security exposure. With the security and privacy requirements of the US federal Health Insurance Portability and Accountability Act being a constant concern, Herrin was all too aware of the potential problems.
Avoiding a nightmare
"We looked at all the news stories about the guys who lost laptops full of people's personal information," he says. "That turns into a nightmare for a staff, so we want to come out of the gate strong with our initial wireless implementation."
He decided to implement the Aruba firewall but was not satisfied with Aruba's access control. Instead, he chose Network Chemistry's RFprotect, including:
- RFprotect Scanner, a network-based vulnerability management solution for rogue wireless AP detection and remediation.
- RFprotect Mobile, a portable, laptop-based analyzer for automating site surveys, security assessments and incident response.
- RFprotect Distributed, a 24/7 wireless monitoring and intrusion-prevention system.
Tuality first looked at Network Chemistry because Gartner gives it a high rating, Herrin says. Then "users I talked to were unanimously enthusiastic about the products and the vendor's responsiveness," he adds.
"So we are working directly with Network Chemistry now, and so far it is going very well," he says. "With the strength of Network Chemistry's products and their ability to integrate, there is just no question that we will be ready to protect our assets and sensitive patient information when we go live."
Bert Latamore is a journalist with 10 years' experience in daily newspapers and 25 in the computer industry. He has written for several computer industry and consumer publications.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
Larry Page wants to see your medical records
Dual-Persona Smartphones Not a BYOD Panacea
After two-year hiatus, EFF accepts bitcoin donations again
CIOs struggle to deliver timely mobile business apps: survey
Spiceworks' free management software gets integrated MDM
Deploying Flash in the Enterprise
Flash is quickly emerging as the preferred way to overcome the nagging performance limitations of hard disk drives. However, because flash comes at a significant price premium, outright replacement of HDDs with flash only makes sense in situations in which capacity requirements are relatively small and performance requirements are high. Learn how deployment approaches-including hybrid storage arrays, server flash, and all-flash arrays-that combine the performance of flash with the capacity of HDDs can be cost effective for a broad range of performance requirements.
Implementing A Security Analytics Architecture
According to the 2012 Verizon Data Breach Investigations report, 99% of breaches led to data compromise within “days” or less, whereas 85% of breaches took “weeks” or more to discover. This presents a significant challenge to security teams as it grants attackers extended periods of time within a victim’s environment. More “free time” leads to more stolen data and more digital damage. Principally, this is because today’s security measures aren’t designed to counter today’s more advanced threats. Read on.
Customer Success - Slater & Gordon Lawyers
Lawyers work hard, and they work fast. Any activity that takes their focus away from the task at hand represents lost productivity and lost revenue. Slater & Gordon Lawyers needed to filter spam and email-borne malware and provide high availability for email. Results from the business solution they chose include 250 hours of IT staff time reclaimed annually for other tasks, long delays in email delivery alleviated, reduced email-related storage costs, and email failover to the cloud in minutes, avoiding hours-long outages. Find out how they got these results.