On :August 10, 2017
CASE STUDY St. LUKE’S HEALTH CARE SYSTEM
Hospitals have been some of the earliest adopters of wireless local area
networks (WLANs). The clinician user population is typically mobile and
spread out across a number of buildings, with a need to enter and access
data in real time. St. Luke’s Episcopal Health System in Houston, Texas
is a good example of a hospital that has made effective use wireless technologies to streamline clinical work processes.
Their wireless network is distributed throughout several hospital buildings
and is used in many different applications. The majority of the St. Luke’s
staff uses wireless devices to access data in real-time, 24 hours a day.
Examples include the following:
♣ Diagnosing patients and charting their progress: Doctors and
nurses use wireless laptops and tablet PCs to track and chart patient
♣ Prescriptions: Medications are dispensed from a cart that is wheeled
from room to room. Clinician uses a wireless scanner to scan the
patient’s ID bracelet. If a prescription order has been changed or
cancelled, the clinician will know immediately because the mobile device
displays current patient data. C9-1
♣ Critical care units: These areas use the WLAN because running hard
wires would mean moving ceiling panels. The dust and microbes that
such work stirs up would pose a threat to patients.
♣ Case management: The case managers in the Utilization Management
Department use the WLAN to document patient reviews, insurance
calls/authorization information, and denial information. The wireless
session enables real time access to information that ensures the correct
level of care for a patient and/or timely discharge.
♣ Blood management: Blood management is a complex process that
involves monitoring both patients and blood products during all stages of
a treatment process. To ensure that blood products and patients are
matched correctly, St. Luke’s uses a wireless bar code scanning process
that involves scanning both patient and blood product bar codes during
the infusion process. This enables clinicians to confirm patient and blood
product identification before proceeding with treatment.
♣ Nutrition and diet: Dietary service representatives collect patient
menus at each nursing unit and enter them as they go. This allows more
menus to be submitted before the cutoff time, giving more patients
more choice. The dietitian can also see current patient information, such
as supplement or tube feeding data, and view what the patient actually
received for a certain meal.
♣ Mobile x-ray and neurological units:
St. Luke’s has implemented the wireless network infrastructure necessary to enable doctors and clinicians to use mobile x-ray and neurological scanning units. This makes it possible to take x-rays or to perform neurological studies in patient rooms. This minimizes the need to schedule patients for neurology or radiology lab visits. The mobile units also enable equipment to be
brought to the bedside of patients that cannot be easily moved. The
wireless neurology and x-ray units have also helped to reduce the time
between diagnosis and the beginning patient care.
♣ C9-2 Original WLAN:
St. Luke’s first WLAN was deployed in January 1998 and made the hospital
an early pioneer in wireless health care applications. St. Luke’s first wireless
LAN was implemented in a single building using access points (APs) made by
A principal goal of this initial installation was to improve efficiency.
However, sometimes the WLAN had the opposite effect. The main problem
was dropped connections. As a user moved about the building, there was a
tendency for the WLAN to drop the connection rather than performing the
desired handoff to another access point. As a result, a user had to
reestablish the connection, log into the application again, and reenter
whatever data might have been lost.
There were physical problems as well. The walls in part of the building
were constructed around chicken wire, which interfered with radio waves.
Some patients’ rooms were located in pockets with weak radio signals. For
these rooms, a nurse or doctor would sometimes lose a connection and have
to step out into the hallway to reconnect. Microwave ovens in the
kitchenettes on each floor were also a source of interference.
Finally, as more users were added to the system, the Proxim APs, with a
capacity of 1.2 Mbps, became increasingly inadequate, causing ongoing
♣ Enhanced LAN :
To overcome the problems with their original WLAN and reap the potential benefits listed earlier in this case study, St. Luke’s made two changes [CONR03 and NETM03].
First, the hospital phased out the Proxim APs and replaced them with Cisco Aironet (www.cisco.com) APs. The Cisco APs, using IEEE 802.11b, operated at 11 Mbps. Also, the Cisco APs used direct C9-3 sequence spread spectrum (DSSS), which is more reliable than the frequency-hopping technique used in the Proxim APs. The second measure taken by St Luke’s was to acquire a software solution from Net-motion Wireless (netmotionwireless.com) called Mobility.
The basic layout of the Mobility solution is shown in Figure C9.1. Mobility
software is installed in each wireless client device (typically a laptop,
handheld, or tablet PC) and in two NetMotion servers whose task is to
maintain connections. The two servers provide a backup capability in case
C9-4 one server fails. The Mobility software maintains the state of an application
even if a wireless device moves out of range, experiences interference, or
switches to standby mode. When a user comes back into range or switches
into active mode, the user’s application resumes where it left off.
In essence, Mobility works as follows: Upon connecting, each Mobility
client is assigned a virtual IP address by the Mobility server on the wired
network. The Mobility server manages network traffic on behalf of the client,
intercepting packets destined for the client’s virtual address and forwarding
them to the client’s current POP (point of presence) address. While the POP
address may change when the device moves to a different subnet, from one
coverage area to another, or even from one network to another, the virtual
address remains constant while any connections are active. Thus, the
Mobility server is a proxy device inserted between a client device and an
application server. Enhancing WLAN Security
In 2007, St. Luke’s upgraded to Mobility XE mobile VPN solution [NETM07].
This migration was undertaken to enhance security and compliance with
HIPPA data transmission and privacy requirements. Mobility XE server
software was deployed in the IT department’s data center and client
software was installed on laptops, handheld devices, and tablet PCs.
With Mobility XE running on both clients and servers, all transmitted
data passed between them is encrypted using AES (Advanced Encryption
Standard) 128-bit encryption. Mobility XE also serves as an additional
firewall; devices that are not recognized by the Mobility XE server are not
allowed to access the network. This arrangement helped St. Luke’s achieve
its IT goal of having encryption for all wireless data communications.
Mobility XE also enables the IT department to centrally manage all
wireless devices used by clinicians. This allows them to monitor the C9-5 applications currently being used by any device or user, the amount of data
being transmitted, and even the remaining battery life of the wireless device.
If a Mobility XE device is stolen or lost, it can be immediately quarantined by
IT executives at St. Luke’s view wireless networking as key lever in their
quest to increase clinician productivity and improved patient care. Mobile
EKG units have been deployed bringing the total of wireless devices in use to
nearly a 1,000.
Visit the Net Motion Web site (www.netmotionwireless.com) and access and read other Mobility XE success stories. Discuss the patterns that can be observed in the benefits that Mobility XE users have realized via its deployment and use
Mobility XE users can now use the advanced Microsoft 64 bit Features this may include the security, management and performance of all its features and server operating systems should get improved for the productivity of the mobile users. This improves the safety for the mobile users and improves the streamlining data centered operations. Mobility XE 9.2 has helped the mobile users in constantly maintaining on the platforms, this process will obviously lead to reduce the cost. This device can now use to privatize all the private networks. All the officers on this device are always Remain connected and productive. This will always protect the data from attackers and makes it secure. Mobility XE 9.2 has come with server installation this will help the users to reduce their time in setup. To net motion and wireless customers it has enabled them to use the application even if they keep changing the networks several times.
Mobile VPN securities this secures all the data transformations in network to and from the mobile devices in using with VPN Tunnel using AES encryption. A mobile device can always connect to any local networks with the help of network roaming. All these major features will really work on the single sign-on process. In this process users are not allowed to change their networks that every time they change the networks. This will increase the use of Mobile devices every day. Maintaining a great management for the filed workers. Creating a major security devices to meet all standards of company.The amount of network traffic per mobile user is completely depending upon that how many clients are using and the type of network traffic. If that number of clients increases the maximum traffic per client will always decreases.
Do some Internet research on the security implications of HIPPA requirements for hospital networks. Discuss the major types of security mechanisms that must be in place to ensure hospital compliance with HIPPA requirements.
HIPAA (Health Insurance Portability and accountability Act), This was implemented and passed by congress became in law on August 21,1996 to maintain and project patient’s data. It’s a series of laws that a govern health care providers can and cannot say about a patient to outside entities. Knowing the laws of HIPAA is more important for the managers in the healthcare services. All the healthcare managers should always know that how this information is shared to the outside entities with the legal standards and how can the healthcare provider be held accountable for the Laws. We can also investigate many ethical decisions and dilemmas that healthcare professionals make when diagnosing potential medical conditions. The challenging conditions that doctors and patients share in their medical course of treatment. After taking this course patients will be able to interpret legal terms which are relevant to ethical issues comparing to the legal concepts. HIPAA primarily focus was to mandate all the health care information become “portable” and “available” for the organizations to use their electronic transactions and other administrative measures. Discussing all the legal concepts in which the ethical behavior was always relevant to Healthcare life decisions. The main purpose of HIPAA security’s rule is to maintain the accurate safeguards which are in a place to protect Electronic protected health information (EPHI). Each categories of safe guard are always an important line in protecting EPHI. For all the organizations that have been already implemented the security policies, the HIPAA security policy will not make extra changes.
♠ HIPAA security rules are divided into four types:
♦ Administrative Safeguards
♦ Physical Safeguards
♦ Security Services
♣ Administrative Safeguards:
Administrative safe guards were implemented in section 164 308 of the security rule. Administrative Safeguards was always useful in covering the entity and to handle the healthcare information with the help of administrative policies and procedures and practices. Administrative Safeguard policies usually take the written policy application forms for the daily operations. This covers over the half of HIPPA security regulations. This section provides eight administrative standards and a part of business of associate contracts. Security management will always implement the policies and procedures to detect all the security attacks.
♣ Physical Safeguards:
Physical Safeguards where implemented to protect health care information, These major deals with all the physical information access to data and facilities. Physical safe guards always focus on data protection.
♣ Security Services & Security Mechanics:
Security Services & Security Mechanics mainly deals with the technical systems, networks and applications that process or transmit which was protected by health information. “Sept. 23, 2013 compliance deadline for new requirements.
On Jan. 17, 2013, the U.S. Department of Health and Human Services released the long-awaited omnibus final rule pursuant to the Health Information Technology for Economic and Clinical Health Act and the Genetic Information Non-Discrimination Act of 2008. The Final Rule is effective as of March 26, 2013, and covered entities and business associates must comply with the applicable requirements of the Final Rule by September 23, 2013.”
Revising procedures and policies and team workforce on all new requirements. Breach definition and breach assessment tools are updated with the new objective standards. This always requires Health and Human Services(HHS) to make the periodic audits to all the covered entities and business associates are complying with HIPAA privacy and security rules. A Pilot program was implemented by the office of civil rights whereas KPMG LLP an accounting firm was developed and conducted around 115 audits on all covered entities from November 2011.
In today’s economic world Health care industry was running for the security reasons of their data. All the business challenges in increasing their network connectivity in enabling the keys for information asserts without compressing all the availability of that proclaims. According to oracle technology incorporating technology in all the hospitals will make sure that the patients will be accessed to check their information will me more secure that all the patient’s data will be secured in one place” (Couzin,2001)”. This will reduce all the risk included for the patient information where this was accessed by several doctors and nurses and technicians. There are some more solutions provided by the oracle that doctors don’t need to spend their time in writing the patients forms and tracking patients chats and like waiting for the X-Ray charts all the information and the tasks are bean now authorized by the (Couzin,2001). This was being mainly increased in the use of information’s and tasks, which increases the vulnerability and security. Securely sharing patient’s information over all their regional link up networks like hospitals, clinics, technicians this has become a key role in (k Beta security web 2001).
IBM has conducted a survey on 1999 and revealed that 33% of Americans trust their banks to maintain their personal information securely, and only 23% has also placed their personal information in health care. Health care provides maintain and share their data for the patients diagnose and some for the research proposals and for marketing. “According to the Ethics Survey of Consumer Attitudes conducted by the Cyber Dialogue and the Institute for the Future for the California Health Care Foundation and the Internet Health Care Coalition in January 2000, more than 75% of the people surveyed are concerned about Web sites sharing information without their consent.”
Do some Internet research on the use of VLANs in hospitals. Summarize the benefits of using VLANs in hospitals and identify examples of how St. Luke’s could further enhance its wireless network by implementing VLANs
A Virtual Local Area Network(VLAN) is a broadcasting domain which was partitioned and isolated by the data link layer. LANs are used for the local area networks, VLANs are been allowed for network administrators to group all hosts together even if the hosts are not on the same network.
♣ Helping Transform Healthcare:
Health care organizations are molding to information technology to cope with many pressures which reduces cost and improve quality and safety. This technology will always create an integrated network to doctors, nurses, technicians, payers and other stake holders can exchange their information more easily. “The cisco medical Grade network (MGN) which makes the networks to provide and meet the health care needs for interoperability, security, availability, productivity and flexibility.”
Health care industry has been to confront into number of business challenges. Among all these in making the service quality, safety and rising costs will always meets the needs of expanding with an increasing number of patient’s complex burden of illness. Inter-operable health information technology and patient eccentric care systems this will always been supported by the new care models.
Controlling costs for administrative waste in delivering best quality health care for all primary concerns for all who pays for the health care, which includes employers, insurance companies, patient’s, governments and tax payers. According to May 2006 reports the center in which Medicaid and Medicare services in United States can reach up to $1.9 trillion in 2006, this can rise more to $2.5trillion by 2015. All health care costs are being risen from 7.2% Gross Domestic Product(GDP) in 1965 was more than 16% today.
“According to United States Department of health and human services there was 6% of nursing shortage in 2000, according to shortage this will obviously double in 2010. As a result, 275,00 nurses registered as full time. By 2015 this shortage is expected to more than 20% and this will escalate to 29% by 2020.”
St. Luke’s can further enhance its wireless network by implementing VLANs. This will obviously strengthen all the existing medical systems, which always diagnostic images and video streaming applications. Which will help to make the work easy in examining the patient’s electronic data from laptops or computer systems. Faster in moving with the diagnostic images of the patient’s. Which supports all the health care applications for security interface. Making real time to all physicians to work more effectively. These networks will always connect the physicians and technical and other departments in the campus for extra needs in diagnose. Staff can also get accessed in many other departments this will help them to know the major needs of the patients and this will reduce the human errors. Making their applications more fluence throughout their network. Patients can have a better experience with the hospitals to make their appointments and check in and check out processes.