Healthcare IT Risk Mitigation - A Network - Centric approach. White Paper



Similar documents
IT INFRASTRUCTURE MANAGEMENT SERVICE ADDING POWER TO YOUR NETWORKS

Managing the Explosion of Medical Data. Healthcare organizations turn to technology solutions to address the barrage of information.

See all, manage all is the new mantra at the corporate workplace today.

Advantages of Managed Security Services

1. Thwart attacks on your network.

POWERFUL ACCESSIBILITY. A SINGLE WORKSPACE. A MYRIAD OF WORKFLOW BENEFITS. Vue PACS. Radiology

Case Studies. Table of Contents

INFORMATION TECHNOLOGY SERVICES TECHNICAL SERVICES June 2012

Information Security Policy September 2009 Newman University IT Services. Information Security Policy

Solutions for Health Insurance Portability and Accountability Act (HIPAA) Compliance

Proactive. Professional. IT Support and Remote Network Monitoring.

Endpoint Virtualization for Healthcare Providers

CuTTIng ComplexITy simplifying security

AcroWiFi. Professional WiFi Connectivity Service. Detailed Service Catalog

Accelerate Private Clouds with an Optimized Network

Best Practices for Building a Security Operations Center

Virtualization Beyond the Data Center: Increase Network Infrastructure Utilization and Efficiency to Reduce Operational Costs

Protect Students. Secure Data. Improve Productivity. Advanced IT Solutions to Secure and Enrich Your K-12 Community

WHITE PAPER. Tap Technology Enables Healthcare s Digital Future

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

i-care Integrated Hospital Information System

2008 Small Business Technology Trends Survey: A Peer Perspective on IT in Small Business

Introducing Care Connect

Internet Content Provider Safeguards Customer Networks and Services

INFORMATION TECHNOLOGIES FOR PATIENT CARE MANAGEMENT

LEVERAGING EXISTING IT INFRASTRUCTURE FOR IMPLEMENTING & INTEGRATING A PATIENT ENGAGEMENT SYSTEM

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

Introduction. Silverton Consulting, Inc. StorInt Briefing

Solutions Guide. Resilient Networking with EPSR

Practice law, not IT. You can save costs while outsourcing to the US law firm technology experts!

E-Guide. Sponsored By:

Stopping The Application Management Blame Game Through Integrated IT Management Tools.

Achieving Regulatory Compliance through Security Information Management

933 COMPUTER NETWORK/SERVER SECURITY POLICY

Application Performance Management

How To Compare Fax Servers To A Hosted Fax Server

Healthcare Delivery. Transforming. through Mobility Solutions. A Solution White Paper - version 1.0

MSP Service Matrix. Servers

ADDRESSING HEALTHCARE DATA INTEGRATION TO AUTOMATE PATIENT ENGAGEMENT WORKFLOWS

Focus on your business, not your infrastructure. A buyer s guide to managed infrastructure services.

Increasing Productivity with Mobile Integration.

One Patient, One Record: How Allina completes an award-winning EHR with enterprise content management

Wi-Fi, Health Care, and HIPAA

Scalability in Log Management

What You Should Know About Cloud- Based Data Backup

White Paper. April Security Considerations for Utilities Utilities Tap Into the Power of SecureWorks

How to save money with Document Control software

NOS for Network Support (903)

Securing Unified Communications for Healthcare

Values of Healthcare

Document Management with Advanced Auto-Indexing

Managed Network Services: The TCO Payoff White Paper Sponsored by Time Warner Cable Business Class

Avaya Patch Program Frequently Asked Questions (For All Audiences)

Application Visibility A Recipe for Conducting Successful Virtualization Projects

Inpatient EHR. Solution Snapshot. The right choice for your patients, your practitioners, and your bottom line SOLUTIONS DESIGNED TO FIT

ICND2 NetFlow. Question 1. What are the benefit of using Netflow? (Choose three) A. Network, Application & User Monitoring. B.

What are cloud services?

white paper Using WAN Optimization to support strategic cloud initiatives

Managed Network Services: The TCO Payoff

The Financial Benefits of Using LiveAction Software for Network QoS

Traffic Analysis With Netflow. The Key to Network Visibility

The ABCs of K-12 Network Management

Adoption of Information Technology in Healthcare: Benefits & Constraints

What is Your Healthcare Interface Method? Gain Leverage in Your Clinical Interface Environment

Cisco Wireless Control System (WCS)

BEYOND THE EHR MEANINGFUL USE, CONTENT MANAGEMENT AND BUSINESS INTELLIGENCE

Network Application Performance Alignment to IT Best Practices

Attaining HIPAA Compliance with Retina Vulnerability Assessment Technology

REGULATIONS FOR THE SECURITY OF INTERNET BANKING

Preparing your network for the mobile onslaught

Traffic Analysis with Netflow The Key to Network Visibility

Solution Brief: Enterprise Security

Minder. simplifying IT. All-in-one solution to monitor Network, Server, Application & Log Data

The Power of BMC Remedy, the Simplicity of SaaS WHITE PAPER

Changing Trends In Healthcare Information Management and Electronic Health Records

Understanding the Total Cost of Ownership for Endpoint Security Solutions. A TCO White Paper

A Guide to Electronic Medical Records

Heath Shield Heath Care Management System

Network Enabled Cloud

DRUPAL WEBSITE PLATFORM BUYER S GUIDE

Leveraging security from the cloud

LEADING INNOVATION IN MOBILE HEALTHCARE TECHNOLOGY

Motorola AirDefense Network Assurance Solution. Improve WLAN reliability and reduce management cost

Stopping The Application Management Blame Game Through Integrated Infrastructure Management Tools.

Why you need an Automated Asset Management Solution

EHR Implementation: What you need to know to have a successful project: Part 2. Bruce Kleaveland President Kleaveland Consulting, Inc.

Managed Service Plans

Protecting systems and patient privacy

Cisco Unified Communications and Collaboration technology is changing the way we go about the business of the University.

Cisco Security Optimization Service

AUTOMATED PENETRATION TESTING PRODUCTS

Connecting your business

Moving Network Management from OnSite to SaaS. Key Challenges and How NMSaaS Helps Solve Them

Effectively Managing Communications with Customers During a Service Outage

empowersystemstm empowerhis Advanced Core Hospital Information System Technology Comprehensive Solutions for Facilities of Any Size

IT SERVICE MANAGEMENT: HOW THE SAAS APPROACH DELIVERS MORE VALUE

Five Best Practices for Utilizing Network Change and Configuration Management

How To Protect Your Network From Attack From A Network Security Threat

EARTHLINK BUSINESS. Simplify the Complex

Dell s Unified Clinical Archive Solution

Transcription:

Healthcare IT Risk Mitigation - A Network - Centric approach White Paper

The Healthcare is one of the fastest growing industries today - thanks to the increased consciousness to seek a healthy living and the ease of access to excellent medical care. With such unprecedented surge in demand for medical care, Hospitals cannot but seek a strong and robust IT system across their setting to manage efficiently. In fact today the IT department is as common as a radiology department in most hospitals. Hospitals rely on IT system, and Computer networks to manage the entire patient treatment cycle - from admission to discharge, to the extent that they have come to view the IT department as a value-enhancer, away from the The cost-centre that they were once considered to be. The flip-side to this overarching reliance on IT is that even the slightest glitch in the IT system could bring down the hospital on its knees. Add to it the federal laws like HIPAA that seek intense scrutiny of the IT system security and patient data integrity, and the job of the IT System/Network manager becomes all the more difficult. This paper puts forth a solution to overcome the various challenges/risks that today's healthcare institutions face and puts forth a solution to overcome the IT related risks. The Healthcare Institution of today Healthcare institutions come in all sizes - from the basic only-outpatient-treatment-centre down the road to the large Medical centre in Universities to the very large community healthcare centres. What is common to them is the strong IT system that each has in place and the much stronger strict federal laws that each is governed by - only that in the case of the large and very large centres the law is more pronounced and the fallouts of not complying with the laws could mean damaging ramifications. The IT spending by Healthcare Institutions today is like never before. This is mainly on account of the need to manage the health related information of numerous patients and their medical histories. The other reason for IT proliferation is the interest in leveraging the treatment given. The diagram below captures the prime drivers of IT in healthcare. Prime Healthcare IT Drivers

Usage of IT to leverage Healthcare Delivery Healthcare software and systems popularly termed the HIS(Healthcare Information) help to automate all the important process in the healthcare institution. the Patient registration centre at the Reception is computerised A unique MRN(Medical Record Number) is allocated to each new patient. In the case of returning patients the episode number is incremented to reflect in the Master Patient Index Allocation of rooms to the patient Should a patient be an In-Patient, an appropriate room can be allocated electronically. Patient Health Record Maintenance All patient health related info -medical history, and current health status is available as electronic records to be accessed by the Physicians and Nurses from anywhere Any update can be done to this information by authorised personnal and viewed by other authorised healthcare staff Simplified Order Management A doctor can clearly define the medication to be administered and lay out the frequency and prescription for the nurses to follow Also quick checks for any allergies the patient has, or any lapse in treatment administration can be identified and suitable remedy done Reduce paper and document overloads Thanks to PACS ( the Picture Archiving & Communication Systems software) that enables storing all documents and imageries in scanned format electronically - this is getting cheaper with time and has the advantage of renederign acceess to the same documnet by multiple physicians at various locations at the same time. An integrated process flow With a good IT system in place it is possible to track the patient's medical history and status at any point in time. Also billing gets easier - as each treatment given to the patient - lab tests, radiology, medicines, sophisticated rooms - all can be accounted for and billed as a whole. It is also much easier to stake claims from Insurance agencies with such a work-flow HIPAA & federal guidelines compliance The Health Insurance Portability and Accountability Act & the federal laws were the last straw on the camel's back that made the hospital systems take to IT in a big way. With growing emphasis on maintaining EMR (Electronic Medical Records) of patient health and ensuring the integrity and security of the patient data from unprivileged access, IT is the only way out

The Catch : As can be seen from above the number of benefits the healthcare institution stands to gain with an IT system in place is far more than the upfront spending it has to incur in porcuring one. Yet, one major threat of such a system is its extreme reliance on IT systems, which in turn rely on the nebulous Computer networks. So what it means for the Healthcare centre is a network glitch could render the IT system unusable - with it goes away the access to all the patient information and medication instructions. Also with the wide spread use of electronic medium for the communication and entertainment purposes. the vital hospital network is always under threat of being abused for purposes that are not within the purview of patient treatment. Such a phenomenon could unnecessarily burden the network making the availability of bandwidth for a much more critical application a dream. A network disaster namely : Failure of a network element that goes unnoticed Loss of access to the IT application (HIS) Non-availability of enough bandwidth for healthcare related activities Unauthorised intrusion in to the network by scrupulous elements and virus attacks could pose serious risk to the reputation and even the existance of the healthcare institution. So attempts to mitigate the network risk by way of having mechanisms ready to combat a network disaster is well in order A case in Point Consider the case of a Large Community Medical System that has 5000 employees, has 60 distinct business units.to achieve high levels of service delivery and efficiency the medical center deploys a sophisticated Healthcare Information system(his) that spans its entire campus. A sophisticated Healthcare Information system to automate the whole process flow. This includes the Capability to digitise patient records A sound picture archiving system (PACS) to A High speed bandwidth line connecting its entire campus Voice Over IP Systems to enable easy and cost effective communication Access to wireless internet access anywhere in the campus through access points

This HIS has the ability to store electronic medical records of patients and facilitate quick reference to the patient health staus to authorised(prieveleged )physicians This apart it also has a strong Picture Archiving system (PACS) to electronically store patient image records. To support the access to HIS and PACS from anywhere the medical center has a high bandwidth network across its campus. This in turn facilitates Voice - Over - Ip communications, Access to wireless internet access from anywhere in the campus. Risk Assessment - The key points to consider: As the medical center is heavily reliant on IT and computer networks, ensuring remote data access and network connectivity is very critical for the smooth functioning of the whole enterprise. The Network Administrator/CIO has to anticipate the possible problems that may crop up disrupting the smooth functioning of the Healthcare delivery process. The possible problems/challenges are: The network going down and access to computer, printer systems taking a hit Ramifications: Physicians can't access patient health information and all medication and surgical orders passed on the patient gets disrupted, administrative staff cant access data relating to discharge and billing etc Heavy losses on account of mistakes that happen in the event of missing data access The network bandwidth being wasted on non-critical applications like streaming video etc Due to unwanted applications eating the bandwidth, the vital applications like PACS dont have enough bandwidth to support physician access from anywhere instantly Also the access to HIS takes a hit consequently Unpriveleged access to patient records and violating HIPAA norms The healthcare centre violates HIPAA norms by not ensuring adequate protection to patient data. Also in the event of any such event, the hospital is expected to be capable of reporting on the details of such incidents The losses include painful legal hassles, defamatory suits, and lost brand equity

Very High Mean Time to Repair (MTTR) Any network dependant enterprise should have procedures and process in place that facilitate quick fixture of problems in the network. It gets all the more important in the case of a sensitive industry like the healthcare institution - Being able to fix and troubleshoot problems faster could define the life and death of the patients A system in place to quicse should have procedures and process in place that facilitate quick fixture of problems in the network. It getkly assign responsibility to personnel to fix problems and to track the progress of the resolution Risk Mitigation: Having assessed the potential risks that an enterprise is vulenrable to it is vital to address them effectively at the earliest. The challenge (Perceived Risk) 1. Monitor networks and proactively thwart any possible network failures The Solution ( Risk Mitigation Mechanism ) A good network Monitoring software that can inspect your entire network and give meaningfull and in depth reports can help wade through the problem 2. Monitor network bandwidth usage and ensure high bandwidth availability at all times to critical applications Have a strong WAN monitoring solution that can monitor the entire network bandwidth and the entire network traffic as it happens. A report on who the Top Talkers are, what applications are eating the maximum bandwidth, at what time periods the bandwidth peaks, the bandwidth usage pattern over the last couple of months etc are very useful More importantly such information can help decide whether to go in for a capacity planning and for how much 3. Having log of all access done to HIS system and patient records A strong Log analyzer solution that can capture and store logs of information on all access - succesful / failed attempts, done to the HIS. It should also be able to report on the stored logs for actionable decisions and help in reporting for HIPAA compliance 4. Reducing the MTTR(Mean Time to Repair) in case of any event/disaster - having a strong disaster recovery process A sound Help Desk Management Software that can help assigning ownership to individuals incharge of resolving the issue and being able to track the progress of the issue for quick resolution of the problem.

ManageEngine - a Healthcare enterprise network manager While individual point solutions that address each of the risk mitigation solutions identified above exists, it is good to have a unified integrated solution that can address all these aspects. ManageEngine suite has this capability. The member module softwares OpManager, NetFlow Analyzer, EventLog Analyzer & ServiceDesk Plus software address the issues of Network Monitoring, Bandwidth Monitoring, Log Analyzis & Reporting and Help Desk Management respectively.

For more details on ManageEngine NetFlow Analyzer visit http://www.netflowanalyzer.com.for technical queries contact support[at]netflowanalyzer[dot]com. For comments on this article contact sankar[at]adventnet[dot]com.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information