Posted by: Jenny Laurello
CPOE, Network optimization, PACS, Wireless
Accessing patient data directly at the point of care via wireless technologies is a major focus among healthcare providers. This trend has led to a reduction in manual errors, an increase in clinician productivity and enhanced quality of patient care. Mandates have been made in response to this trend in order and ensure productivity gains are not negated by system complexity. This is a significant undertaking. Its downside is that clinicians will only partially comply or abandon a system if it makes mobile technology difficult or frustrating to use.
Organizations that learn how to deliver the seamless experience and “always there” reliability that clinicians have come to expect will largely avoid this setback.
Two working scenarios are generally to blame for an intermittent or complete lack of network connection. Clinicians on site at hospital campuses or outpatient clinics and other professional offices accessing data over a wireless land area network are susceptible to all kinds of coverage “dead spots.” A long hallway, stairwell or elevator shaft can drop an employee’s connection.
Clinicians can encounter spotty coverage when in their vehicles or otherwise out in the community when trying to access data networks using air cards from cellular carriers. Concrete buildings, reflective surfaces, varied terrain and cell tower distribution can lead to network connection drops and cause applications to crash. Physicians and nurses are then forced to re-log in to the system and re-enter lost data.
A set of best practices have emerged to help healthcare organizations overcome connection difficulties so that clinicians keep their focus on treating patients, not tackling IT issues.
Authenticate, don’t frustrate — Does your organization require single-factor (user name and password), two-factor (combination of something that the user knows, like a password, and something that the user has like a smart card or RSA SecurID token), or multi-factor authentication (single- or two-factor user authentication, combined with separate authentication of the device through a digital certificate)? Test how your current approach impacts usability and consider new methods, such as device authentication, which operates in the background without user intervention. This approach is great for user transparency.
Protect data with encryption –A proven approach to protecting confidential patient data is FIPS 140-2 validated Advanced Encryption Standard at 128-bit, 192-bit or 256-bit strengths. It secures the entire connection path, maintaining a continuous encrypted tunnel from the client device in the clinician’s hands to backend servers in the data center. It’s critical to safeguard both patients and the healthcare organization, regardless of the combination of networks the data traverses — including Wi-Fi, cellular or wired campus networks.
Deliver application persistence — It’s important to maintain both the network session and any open applications for an end user when network connections are interrupted. This can happen when a physician enters an elevator or an ambulance goes through a tunnel. A mobile virtual private network (VPN), built for such precarious environments, can maintain a network session and make sure that applications don’t lose data even when in the middle of a transmission. Make sure all the applications that run on a wired network also work in a wireless environment. Some critical applications to protect are medical records, picture archiving and communication systems (PACS), computerized physician order entry (CPOE), medical monitoring, pharmacy, patient registration, scheduling, housekeeping, billing and accounting.
Support internetwork roaming — When users cross network boundaries and access multiple networks, a mobile VPN can also automatically handle any separate network logins without requiring user intervention. This is especially advantageous when using cellular networks, as coverage is sometimes spotty and organizations often need to employ two or more carrier networks to fully cover their service area. The same seamless roaming applies when using multiple access points on a medical campus.
Leverage policy management — Policy management heightens security and productivity by controlling how applications, users and devices access networks. Policy management makes it possible to allow only specific clinical applications, prohibit Web browsing, restrict access to an intranet or specific clinical sites, or to set restrictions based on connection speed or time of day. Tablets used by roaming clinicians, smartphones in the hands of physicians, notebooks carried by health workers and executive laptops can all have different policies, with each defined at the user level.
Control network access — Integrated network access control verifies that devices have required security precautions in place — such as patches, operating system updates, and active antivirus with current signatures — before allowing a connection. Network access control integrates with policy management to automatically remediate devices, in a way that doesn’t interfere with patient care duties.
Administer quality of service — Traffic-shaping capabilities give priority network bandwidth access to the most critical applications, so that Web browsing or large file downloads don’t interfere with the medical mission. Patient monitoring systems or applications that physicians depend on such as point of care, CPOE or PACs, may be assigned higher priority than scheduling and billing. Medical centers that employ voice over IP devices for push-to-talk communications may single out voice traffic as their highest priority.
Manage devices — Managing hundreds of devices deployed throughout a medical center, inside ambulances or carried by roaming health workers is difficult, especially when management activities can’t risk interfering with clinical duties. Solutions that allow device management through a central console and also integrate with a third party enterprise-level management solution are particularly efficient because they allow management chores, such as application updates, to run when users aren’t actively logged on.
Measure and monitor performance — The practice of cellular network performance management gives IT staff the insight and visibility they need to optimize their mobile data deployments. Detailed technology performance reports expose poor network performance and chronic connectivity problems related to signal strength, location, network saturation, older network technologies, devices, drivers and more. This granular management capability can help energy providers verify they are paying appropriately for the data they’re using and creates new opportunities to decrease cellular expenditures, reduce employee downtime and expedite troubleshooting efforts.
These considerations will help healthcare organizations realize the clinical improvements of bedside data access, while sharply reducing helpdesk calls from users. Workers will be free to roam and use computing devices constantly, while experiencing uninterrupted use of open applications throughout the workday. Organizations can also be confident these productivity gains won’t sacrifice critical security objectives.