St Luke Hospital networks.
Mobility XE success stories
There are immense benefits of using Mobility XE, but one stands out. Mobility XE provides a secure and stable connection of its users ensuring data is safe and allows workers keep on working without losing connectivity. With the use of mobility AT&T reported that their technicians maintained connectivity as they continued working. The workers only needed to log in once a day using a secure network and could roam between networks and move in and out without losing connectivity. The consistent connectivity has reduced delays in implementation of new security patches, applications and drivers are installed faster leading to simplified operations in management. With more rapid troubleshooting and diagnostics, system issues are resolved faster which keeps workers on their job. AT&T recorded a 54% decrease in overtime, workers performed 1.8 times more jobs and had a 43% less expense. (Netmotion, inc. 2017:netmotionsoftware.com/case-studies)
Mobility XE protects users from switches and network gaps. This ensures that users do not need to repeat logins into a network system. Upon deployment of Net Motion at Alina health, EMTs enjoy a persistent connection to the network leading to easier access to medical records despite the locale of the worker in the institution. Workers are now able to offer treatments better and faster. Through Mobility XE with the use of failover and load balancing the network is always available to the users. The system also provides compliance to HIPAA regulations with features such as disconnection and quarantine of stolen devices ensuring patient health records are safe. (Netmotion, inc. 2017:netmotionsoftware.com/case-studies)
The Dutch Pilots’ Corporation uses the Mobility XE software to keep the pilots online through their navigation systems during poor performance periods and network switchovers. This ensures reliable, constant access to the mission control navigation system. Sailing trips are now safer, timely and less costly which has maximized profits for the company. (Netmotion, inc. 2017:netmotionsoftware.com/case-studies)
HIPAA requirements for hospital networks.
The HIPAA (Health Insurance Portability and Accountability Act) gives guidelines on the practices and procedures to be used in the healthcare industry to ensure privacy and safety of patient information. Hospitals have to find a way to meet the standards without causing any effect to the quality, confidentiality, and availability of the information. Failure to meet the HIPAA regulations has legal implications combined with ethical considerations of implementation and design of adaptations to meet the specifications of the guideline. (Annas, G. J. 2003). A wide range of technological solutions are available for the hospitals, and the use of such technology will bring efficiency in hospital operations, cutting costs and improving the quality of delivery of services. Health care institutions, therefore, are obliged to carefully select and implement the solutions for better security and privacy of medical data.
To ensure hospitals comply with the HIPAA regulations, hospitals must adopt several security mechanisms some of which might be costly and extensive for some hospitals with inadequate patient information systems. One of the primary requirement of the guideline is certification of health institutions. Hospitals are required to perform frequent assessments of their security practices and compare them against the HIPAA guidelines. The main aim of the evaluation is to identify deficiencies in the security system and work to correct them. HIPAA recommends that the process of assessment be continuous for early detection of security breaches.
Healthcare institutions are required by law to have comprehensive contingency plans in case of system breaches or emergencies. The plan should have procedures and policies for data backups, recovery plans for disasters, critical data analysis, and operations for emergencies and revision and testing procedures for the contingency plans. This would require extensive system updates, depending on contingency plans and security education for data handlers.
For any security system having a physical access control is vital. The HIPAA security guidelines provide very strict recommendations concerning physical security for all institutions that handle sensitive health data (Choi, Y. B., Capitan, K. E., Krause, J. S., & Streeper, M. M. 2006). Hospitals are required to put in place procedures and policies that govern the control of physical access security. The policy document should have disaster recovery plans, verification procedures for authorization of physical access, security plan for the facility, operation plans for an emergency, control of the removal or entry of equipment from the installation, maintenance records, and sign in or sign out for visitors, and data access control procedures. Therefore, hospitals have to put in place to restrict access to unauthorized personnel which improves security and accountability. Equipment and devices such as laptops can be better protected as a result of the guidelines.
Every health care institution should have a secure workstation allocation, especially for data handlers). (Choi, Y. B., Capitan, K. E., Krause, J. S., & Streeper, M. M. 2006). HIPAA rules, specify that there should be minimal or no unauthorized access to workstations. Hospitals are required to have guidelines or policies to determine the allocation of workplaces. The policies should specify secure locations for workstations that are not in an open area or public places. It is important that the orientation of workstations is considered to protect screen contents. Some other solutions provided include shields installation, video surveillance of workstations and password protection of screens.
Under HIPAA regulations employees are required to receive security training in areas such login failure monitoring and password protection. Training of workers should be continuous and up to date depending on the safety plans put in place. HIPAA recommends that a program is put in place to train employees and should include security reminders, awareness education such failed login awareness, protection from viruses, report procedures in case of a security threat and password management.
A security concern might arise upon termination of work for an employee. It can lead to dangerous ruin especially when a large number of workers are terminated ( Choi, Y. B., Capitan, K. E., Krause, J. S., & Streeper, M. M. 2006). HIPAA recommends that hospitals have termination procedures that serve to neutralize the security threat. Some of the steps can include an update of access lists, changing of passwords for access doors, computers, and other devices, changing locks, and confiscation of access cards and keys. The policy should also specify whose responsibility it is to implement the termination process for accountability issues.
Use of VLANs in hospitals.
The increase of demands in the modern hospital environments is pushing hospital administrations to look for solutions for a friendlier and easier working environment. Use of technological solutions such as VLANs (virtual local area networks) ensures hospitals serve patients better and maximize their resources. VLANs are currently used in many hospitals for the immense advantages they bring. Some of which include reduced cost of operation, improved network performance, and performance of employees, easier manageability of information, selective availability of data and enhanced security (MA, X. K., XU, X. D., & LIU, A. B. 2007), all of which help to meet HIPAA standards.
VLANs ensure that workers do need reconfiguration when they move to another location. (WANG, Y. Z., SUN, W., & CHENG, J. 2009). Other advantages of the VLAN is that packet flooding is limited to switch ports; routers are not required to control broadcast traffic and lower traffic due to confinement of domains which also helps in selective communication between users.
St Luke hospital can further enhance its wireless networks by prioritizing its control of its wireless network traffic. This can be achieved by putting up security measures that can deny or allow access points using the 802.1X port access control. VLAN tags can be installed to insert these security measures to the hospital’s wireless network.
WANG, Y. Z., SUN, W., & CHENG, J. (2009). Hospital Network Management Based on VLAN Technology [J]. Chinese Medical Equipment Journal, 10, 018.
MA, X. K., XU, X. D., & LIU, A. B. (2007). Organization and implementation of VLAN division in hospital [J]. Chinese Medical Equipment Journal, 4, 019.
Choi, Y. B., Capitan, K. E., Krause, J. S., & Streeper, M. M. (2006). Challenges associated with privacy in health care industry: implementation of HIPAA and the security rules. Journal of medical systems, 30(1), 57-64.
Annas, G. J. (2003). HIPAA regulations-a new era of medical-record privacy?. New England Journal of Medicine, 348(15), 1486-1490.
Netmotion Wireless, Inc. “NetMotion Mobility (2003).Curing the Wireless LAN at St. Luke’s Episcopal Hospital. Case Study, 2003. Netmotionwireless.com/resources/case_studies.aspx
Netmotion, inc. 2017:netmotionsoftware.com/case-studies.