Patton Fuller Community Hospital Request for Project Essay
The following document shall serve as the RFP (Request for Project) for the Patton-Fuller Community Hospital. Team A has researched the hospital’s current IT systems seeking ways to ensure many years of continued success and compliance with the very best practices in the IT community today. Specific areas such as networking architecture design and the future proofing of the design for speed, accuracy, and security of the system shall be discussed as part of this RFP.
Special consideration was given to the sensitive nature of the security surrounding patient information while proposing changes. The network proposals also include planning for external data links for areas such as insurance companies, physician offices, and vendors for medical supplies. As much of this data is critical to the treatment of patients, high speed and high reliability network function is second only to the security of the network itself.
As the customer base grows it will also be critical to maintain adequate data storage on site as well. Team A shall propose the best methods for securing large amounts of data at the hospital, and the best methods to ensure physical and electronic security for this data. As many of the current technologies being used are data intensive when looking at storage needs the specific areas such as x-rays, MRI’s, CAT-scans and other large files storage will be addressed.
Once the network and storage is fully installed and working as specified the next step is to assure that the software and supporting hardware is well suited to display the data to the end users in an easily manageable and highly functional method. Specific methods to deliver data to the end users are discussed and included in the final proposal, including suggestions for Wi-Fi, satellite, WiMax, DSL, cable and how each choice would benefit the end system. These systems will tie into the internal internet access points for both doctors and patients.
Access points are defined for both fixed data access points as well as mobile computing points on the network. At the end of this presentation a wrap up of these technologies shall provide an overview of how each is an integral part of a system providing years of excellent patient care and a model of efficiency for the Patton-Fuller Community Hospital. Review the Current Networking Architecture The current networking architecture of the Patton-Fuller Community Hospital can be broken down into two major sections.
Today the two major backbones of the network include a 1000 Base T using CAT6 cable which provides network access to many administrative and operational areas of the facility. Executive management, Human Resources, Operations, Facilities, Finance, as well as the IT data center are all connected directly to this side of the network backbone. The hospital side is connected via 1000 Base F which uses fiber optics to ensure the very highest speed data transmission as well as protection from RF and other possible interference from hospital and lab equipment in use throughout this area.
Connected on this side of the network bridge one finds Radiology, the Operating rooms, Wards, ICU’s, Emergency room, Labs, and the Pharmacy. Bringing the two major backbones together one finds a Network bridge which seamlessly combines the two different network technologies to a unified bridge point. Data entering the bridge from the fiber side is easily converted to the standard CAT6 cable, and the same is true for the CAT6 signal being converted to fiber optic pulses. This allows the same data to be shared across the entire hospital network.
Currently, a wireless access point is also installed in each ward and throughout the ICU by using a Cisco 1250 series access point. The Cisco web portal offers the following information “The Cisco Aironet Access Point is a wireless LAN transceiver that acts as the connection point between wireless and wired networks or as the center point of a standalone wireless network. In large installations, the roaming functionality provided by multiple access points enables wireless users to move freely throughout the facility while maintaining uninterrupted access to the network” (Cisco).
The Apache Web server has a well established group dedicated to the discussion, identification, and correction of any security risk one might find in their software systems. By working with the dedicated teams at the Apache project center one learns “how to configure the product securely; and find out if a published vulnerability applies to the version of the Apache product you are using; if a published vulnerability applies to the configuration of the Apache product you are using; obtaining further nformation on a published vulnerability; the availability of patches and/or new releases to address a published vulnerability” (Apache).
Cisco also offers more than enough information to configure the ASA 5510 Adaptive Security Appliance for the most secure VNP connections connected to the local network and the data stored within its boundaries. The greatest number of complaints made about computers and computer programs are that they run slowly and they produce inaccurate information. Research in technology is ongoing and improvements in these areas are apparent.
Patton-Fuller is a full service, functioning hospital. They must ensure that their medium for transferring data is robust enough to support their daily medical activities. The hospital needs to upgrade their Ethernet cable to 40 Gb E. This cable is designed to run fiber optics. The cable should also include 5 twisted-pair cable and 1000 Base LX cable, which is capable of transferring data 440 meters (FitzGerald, 2010). This robust cable will support digitized medical imaging technology. This includes x-rays, MRI’s, CT scans, and other similar images.
The upgraded Ethernet will allow Patton-Fuller to share these images as well as other data with other medical counterparts (Fitzgerald, 2010). The upgrade will include a switched Ethernet. Switched Ethernet is best because it will keep the data of two computers from colliding during transfer. Even if they are receiving information, only one computer at a time will transmit. Improve Server Performance Software Patton-Fuller can speed up and improve the performance of their network by changing their network operating system. Information Technology (IT) has to monitor and regulate the setting on the software.
The number size and type of the messages affect the performance of the operating system (FitzGerald, 2010). Hardware Patton-Fuller should invest in additional networking servers to avoid overloading the system. Two or more servers can be dedicated to the software that sends and receives e-mail; another server can be dedicated to a financial database and functional areas at Patton-Fuller. Patton can use a 3rd server to store patient medical record. The use of a server for the managing and storage of hospital equipment and inventory would save time and money for Patton.
Patton will need to purchase/obtain upgrades for the CPU’s, so they use the fastest speed available. The CPU-cache has to be upgraded to increase computer memory and therefore increase performance. The Patton-Fuller Hospital has a need to process large volumes of data, such as patient medical records, finance and billing reports, supply documents, and equipment information. Inadequate hard disks can create delays in the processing of information on the LAN server. Research reveals that computers that use one hard disk are limited to one read/write head (FitzGerald, 2010).
A computer using multiple hard disks simply increases capacity of the data flow through the system. Circuit Capacity Each department in the hospital processes data inside and outside of the facility. Patton uses a segmented network that will better allow the data to flow with minimal danger of clogging the system. Patton-Fuller uses a physical conduit called a network interface card to bridge the gap between computers and the network. Ideally, each server is connected to only three or four network interface cards.
This technology helps to keep the system from becoming overloaded and causing failures. Of course, the root of a good system is a good backbone network design. Backbone Design Patton-Fuller Community Hospital is an intricate group of departments and systems that rely heavily on network interconnections. The way they are able to achieve such is by using a backbone network. A backbone network is defined as a high speed network that connects several networks (FitzGerald, 2010). The Local Area Network (LAN) is connected by high speed circuits.
The backbone network at Patton is made up of Ethernet cables and hardware devices (FitzGerald, 2010). The devices available to Patton are routers, switches, and a gateway. However, for the most effective transfer and to maintain the speed necessary, Patton should use Virtual LAN (VLAN) with multi-switches. Switching devices are best because they transfer data without altering as it moves across networks. Costs for the Project The costs to an organization to operate a network are substantial. These costs represent a large part of a company’s budget. The costs must be managed.
In an effort to manage costs the organization must consider the total costs incurred purely for owning the network. Total cost of ownership measures the annual cost to keep one computer in an operational state (Fitzgerald, 2010A). The elements included in the cost factor are repair cost, hardware and software upgrades, maintenance support, training. Costs relating to wasted time when the network is down or when the user is in training for updated software are included (Fitzgerald, 2010). Although, specific, individual costs are important, it is also important to identify categories that should be included.
These are Network Operations, which are account administration, authentication services, directory services, e-mail and messaging, mainframe and cluster operations, mass data storage, policy management, printing, security administration, WAN Operations, web services; End User Support: departmental technology support, instructional technology support, patient support, support/help desk, training and education; Client Hardware: Technology equipment and supplies, patient equipment and supplies, hospital equipment and supplies; Application Software: software site licenses, patient software, and technology support software.
An organization may also choose to determine costs by reviewing only the costs that directly relate to network ownership. These calculations do not include the time wasted while waiting during a network down session; nor does it include the production lost when software update training is given (Fitzgerald, 2010). Most important is to understand that personnel costs could amount to about 70% of an IT budget. Therefore, the focus should be to simplify software update processes, simplify training, and as many other processes that may require a technician to report on site.
Special Concerns with Transfer and Security of Patient Information Network Reliability and Uptime Some companies would be slightly inconvenienced and upset if their computer networks were to fail. They just become annoyed, take a break, or shift to other duties. The company may lose revenue or a customer may get upset. However, if a network fails at Patton-Fuller Hospital lives could be lost. Therefore, it is imperative that Patton-Fuller’s performance management team closely monitor the number of times and the lengths of time network outages occur.
Patton can gauge and calculate network reliability and uptime by using a formula. One can determine the amount of time a network is available by calculating the number of hours the network is available and dividing it by the number of hours per month. The higher the number, greater is the reliability of the network (FitzGerald, 2010, Chap. 13 pg 486). System Response Time Patton-Fuller Hospital is also concerned that the computer equipment that has been installed, and does not respond the instant a command is given.
Once again, a hospital is not the place for inadequate networking equipment. Equipment testing should be conducted prior to installation to ensure the equipment responses as quickly as needed. Network Topology A network topology is a structured design that connects computers, printers, routers to a local area network by twisted pair copper wire cables or by fiber optic cable. Common types of topology are the bus, ring, star, and mesh. These typology types represent the design or arrangement of the networking devices.
Of the four types of typology listed, the bus topology would best suite Patton-Fuller. Benefits would be that all available computers will receive the information that is transferred. The Ethernet software then functions with the data layer link to ensure that only the intended addresses receive the data. This type is less expensive than the other types and it is easier to install. Network Protocols Network Protocols define rules and conventions for communication between network devices.
Protocols for computer networking generally use packet switching techniques to send and receive messages in the form of packets. Network protocols include mechanisms for devices to identify and make connections with each other, as well as formatting rules that specify how data is packaged into messages sent and received. Patton-Fuller community Hospital uses Apple MAC OS, MAC Pro computer systems and the network protocol that Patton- Fuller Community Hospital should use is Apple Filing Protocol.
Apple Filing Protocol is available from a number of companies including Microsoft, which is the operating system that is being used. Apple Filing Protocol allows Patton-Fuller to access files over their network, allows for personal file sharing, and supports features of HFS (the standard file system in MAC OS) such as source forks and creator codes, and the desktop database. Data Integrity Data integrity- refers to the validity of data, meaning data is consistent and correct. Garbage in garbage out is a well known term, and is frequent if there is no data integrity in the data warehouse.
Patton-Fuller Community Hospital has a large database that stores information that needs to stay private. A common way of enforcing data integrity is through Referential Integrity, which is the relationship between the primary key of one table and the foreign key of another table. The two keys must always be maintained. For example, a primary key cannot be deleted if there is still a foreign key that refers to this primary key. Primary key/unique constraint is primary keys and the unique constraint is used to make sure every row in a table can be uniquely identified.
Not null vs. null-able for columns identified as not null, they may not have a null value. Valid values, only allowed values are permitted in the database, for example, if a column can only have positive integers, a value of -1 cannot be allowed. Data Security Data security concerns are paramount in a hospital setting as much of the information is private and protected by federal privacy protection laws written for the sole purpose of protecting client or patient rights to the protection of the information regarding their health, treatment, and medications.
Many steps must be taken to ensure the data does not fall into the wrong hands or that it is shared outside the legal scope of information sharing for this particular market. One of the most critical, but often overlooked aspects of securing this data is the physical security of the hardware and equipment which stores the data. Every server area as well as the network access points must be monitored by personnel to ensure that only those who should have access to the data are able to gain access to the physical point of connection or into the NOC (Network Operation Center) itself.
Badge access is commonly used so that a full record is kept of who was in the data center, when, and for how long. Physical access points throughout the wired and wireless network need to be audited and turned off when not in use. Varied levels of access to each data access point should be appropriate for the needs of that specific terminal or network address. Personnel in Human Resources (HR) do not have a need to view a patient’s medical history, and people in the Emergency Room (ER) do not require information regarding a patient’s credit card numbers.
By closely monitoring the levels of data in which each access point or user has the ability to view, one immediately closes most security lapses on the network. The most commonly used method used to transfer data from the facility to others who need access is by Virtual Private Network (VPN). This method provides near absolute security by use of tunnels. The data is encrypted while it is on the public internet systems and only the two endpoints have the ability to encode and decode the data back to a useful format.
This technology allows the use of existing internet infrastructure as a virtual private network, which costs far less than actually installing a private line between two points. In some limited cases where the data center is located on a separate property or one organization operates in two completely different locations, another valid option is to have a private line between the two locations. While more costly, it does typically have a higher uptime and lower risk of failure than the VPN model.
Network security is very close to data security when one is seeking ways to ensure that all the data is secure; it is first critical to secure the network which carries the data. By using adequate username password rules for access to the physical network, the network is at far less risk of a brute force attack. The very best in network encryption must be used to move data between non- internal end points such as the hospital and pharmacy, which dispenses the patient’s drugs. Access points must be monitored; ideally traffic should be watched for large amounts of data being moved into regions of the network that are normally not active.
Firewalls must be installed and configured correctly at all external access points and opening only the ports required for official hospital business. While one of the oldest methods of securing a network, the open only what you need method, is still by far more capable than the method one uses to block suspected problem traffic. The Cisco 7609 already has many of the needed capabilities to ensure that random internet traffic does not allow malicious access to the hospital’s internal network. Proper configuration of this and the Apache Internet Server will be adequate for all security risks at this point of the network.
This router can do so much if one takes the time to provide expert level training and administration of the unit. According to Cisco it can handle “Integrated Video Call Admission Control with innovative visual quality of experience for both broadcast and video on demand (VoD), provide an Intelligent Services Gateway, providing scalable subscriber and application awareness with multidimensional identity capabilities and policy controls, as well as Integrated Session Border Control with quality of experience in both Session Initiated Protocol (SIP) and non-SIP applications” (Cisco).