Administrative Policies and Procedures POLICY FOR USE AND ACCESS TO ENTERPRISE DATA CENTER FACILITIES Department: Information Technology Services Policy Number: Effective Date: Revision Date: June 11, 2008 POLICY: UW Medicine data centers house servers supporting computing systems which provide patient care and administration services, and are a critical resource. Data centers provide both physical and network infrastructure as well as security protections for critical systems. Accreditation agencies also require strong data center protections, including strong access controls. Data centers resources are likely to be limited in one or more areas, such as cooling, power, or weight. Therefore, all servers placed into and access to enterprise data centers will be reviewed, prioritized, and approved in advance according to their level of critical impact (mission critical) to the medical center(s) by UW Medicine IT Services (ITS). Any changes in access to or the hardware of approved systems must also be reviewed and approved by ITS. Access to data centers will be granted only to those with a clear need as approved by ITS, in accordance with the procedures defined below. Individuals granted access must agree to electronic or paper access controls and video surveillance, as required by UW Medicine and its accreditation agencies. This policy applies only to enterprise data centers. DEFINITIONS: Enterprise data centers support major enterprise information systems critical to the mission of UW Medicine. For reliability, enterprise data centers have redundant power, cooling, and networking, and are designed for resistance to earthquakes. Systems in enterprise data centers are designed and installed to be managed and monitored on a 24/7 basis remotely. Physical access to enterprise data centers are restricted and monitored, and networks are protected against intrusions. Procedures governing these facilities are designed to meet financial audit, HIPAA and other regulations. Primary data centers handle the most critical of enterprise systems and are in close proximity to patient care facilities to minimize disruptions from communications failures. Secondary data centers service less critical enterprise systems. Enterprise data centers are listed in Appendix 1. Local data centers support departmental and some smaller enterprise systems and are managed by the facility and/or ITS. These data centers vary in quality and are smaller in capacity and size. Local data centers may lack redundancy for power, cooling, or networking, and may not control access or protect networks. If systems in these facilities contain patient information, they must meet appropriate regulatory requirements, including compliance to appropriate security policies. Local data centers include NW078 in UWMC and BEH39 at HMC. System Criticality refers to the level of importance of the system for the continued operation of UW Medicine, its hospitals, patient care activities, and/or the School of Medicine. Criticality levels range from 1 (most critical) to 5 (least critical).
Level 1 Information systems or supporting systems critical to the normal operations of UW Medicine s Immediate Critical Patient Care activities, where a downtime of 0-4 hours is highly disruptive. Level 1 systems must be fully redundant in at least two physically separated enterprise data centers, and a single system must be able to operate independently in a single data center. Emergency manual procedures for a level 1 system are difficult to implement. Examples: Critical to Patient Care - ORCA PROD, PACS, Lab, Critical Support Systems - DNS servers (network name resolution), and Active Directory (access/authentication) systems. Level 2 Information systems or supporting systems that are Essential to Patient Care or provide Essential Support to UW Medicine activities where a downtime of up to 24 hours would be operationally feasible and for which good manual down time procedures beyond that are difficult to implement without directly impacting critical patient care activities. Level 2 systems should be redundant. Examples: Essential to Patient Care - Hospital Capacity, Docusys, Registration demographics, Essential Support Public Safety, Safety Monitoring, communications support. Level 3 Information systems or supporting systems that are Important to UW Medicine s business where a downtime of up to 72 hours would be disruptive to normal operations. Level 3 systems are not required to be redundant. Examples: EPIC patient scheduling, Email system, system and infrastructure monitoring systems, certain Research systems. Level 4 Information systems or supporting systems where a downtime of 3 days or more can be tolerated before resumption of Normal Operations. Test and Development systems that are designed to function in a fail-over capacity also fall into this level. Examples: Patient billing, PMM, Rosebud. Level 5 Information systems used only for Research, Isolated Development or Test, and Departmental Scheduling or other purposes where the restoration of the system is not required for normal operations. Examples: Sum Total, ORCA Dev, ORCA Test, Spacelabs Test, Research PROCEDURE The detailed procedure for managing the placement of hardware into an enterprise data center is in an accompanying document. Items covered in the procedure include review by UW Medicine Oversight and ITS Project Intake committees. Individuals or departments requesting data center resources must submit a request to one or more medical center review committee(s) and if approved forwarded for consideration at project intake or IT Services Oversight Committee (ITSOC). Review shall include, but not limited to the following: The power and cooling requirements of the system hardware. PHI data stored on or access required by the system. Access to existing shared/critical systems (i.e., HL7, shared data bases, web servers, etc.) The network requirements of the system. The backup and storage requirements of the system. Projected growth over the expected lifetime of the system and its impact on hardware. System design for fault tolerance, redundancy, and emergency operations. The nature of the software, including its criticality to patient care, support for emergency operations, HIPAA, etc. Available data center resources. Funding to support data center costs of the hardware. 2
Systems not supporting active applications must be removed from enterprise data centers. Data centers should not be used to hold retired systems because of limited resrouces. Should data center facilities become limited, priorities and considerations for the placement of hardware will include, but are not limited to: An emergency situation requiring hardware maintenance and/or replacement. An operational replacement of hardware where the replacement s characteristics for power, cooling, and weight are equal to or less than that it replaces. This may not be allowed if both the existing and replacement hardware must be available concurrently. Level of the project under Washington Department of Information Systems (DIS) and the Information Systems Board (ISB) which have been previously reviewed by ITS and UW Medicine. Criticality of the system for patient care and/or administration. Priority of the project as dictated by UW Medicine. Once approved by oversight committees, installation of computing systems must be performed and/or approved by UW Medicine ITServices Data Center and Security/Infrastructure staff. To insure the integrity of the data centers, required reviews include: Proper documentation of hardware, and network configurations, and applications. Approved security practices. Identification of responsible parties. Physical placement of servers. Physical hookup of power and network. System monitoring Racks, UPS, cooling and other requirements specific to the data center. In accordance with UW Medicine SEC10 and other relevant security policies, individuals or departments who violate the use and/or access to data centers may be subject to one or more of the following: Shutdown of systems until breach is resolved. Termination of access to the data center. Removal of systems that fail to comply with the policy. Termination of employment for individuals violating the policy. CROSS REFERENCES ITS Project Intake Procedure ITS Data Centers Policies and Procedures ITS Security Review Policy and Procedures (http://security.uwmedicine.org/policies) ITS Basic Data Center Policies ITS Server Placement Request Form ATTACHMENTS Enterprise Data Centers 3
REVISIONS Chief Information Officer: Date: VP Medical Affairs Chief Operating Officer: Date: 4
Enterprise Data Centers (as of April, 2008) 1) UWMC Surgery Pavilion (SP1004) [primary data center] in use 2) HMC NJB Building [primary data center] opening early 2009 3) UW Technologies 4545 Building [secondary data center] in use 4) Sabey, Tukwila [secondary data center] in use 5) UW Towers [secondary data center] planned late 2009 5