HOW MUCH IT SUPPORT IS NEEDED

WHEN DEPLOYING HEALTHCARE POLICY

MANAGEMENT SOFTWARE?

policymedical.com

IT buy-in and support is important when it comes to deploying healthcare policy management software.

We thought it was important to address the question of how much IT involvement is really needed when deploying a healthcare policy management software.

IT BUY-IN AND SUPPORT

policymedical.com

Policy management software is usually not as expensive as EPIC or Kronos but because of the corporate visibility of policies and procedures this hesitation is understandable and we wanted to share with you in this presentation how much time is really needed by your hospitals time strapped IT staff.

IT BUY-IN AND SUPPORT

policymedical.com

Compared to an enterprise rollout the reality is there is very little strain put on the IT team of a facility when setting up policy management software.

There are three main points which take up an IT specialists time: Basic Security considerations. Setting up browser configurations (if needed) to handle any

unique plugins Creating a VPN tunnel for LDAP SSO

(this is just techie speak for syncing your usernames and passwords with the policy management system so your employees don’t have to remember another password.

IT BUY-IN AND SUPPORT

policymedical.com

The other big area that takes time out of an IT specialists time is syncing your existing usernames and passwords that you use everyday with the policy management software.

This removes the task of having to set-up hundreds or thousands of user accounts. Every leading policy management vendor does this: confi guring a VPN Tunnel for LDAP SSO (Lightweight Directory Access Protocol, Single Sign-On).

Setting up a VPN tunnel allows for a secure connection between a policy management software’s SSO server and your facilities LDAP server. Allowing users to utilize the same log-in that they use for their

networked computers, to log-in to the policy management software. The creation of this secure VPN tunnel comes in five stages.

BROWSER CONFIGURATIONS

policymedical.com

Step 1: Policy management vendor usually send two one page forms for

your IT team to complete. Step 2:

Policy management vendor receives the completed forms & creates the secure VPN tunnel.

Step 3: Policy management vendor sends your IT team the configuration

for the secure tunnel. Step 4:

Your IT team configures the secure tunnel to the specifications provided.

Step 5: Policy management vendor verifies the connection over the

secure tunnel to your LDAP server and configures the policy management application to properly reflect your facilities’ LDAP configuration.

CREATION OF SECURE VPN TUNNEL

policymedical.com

These steps can be completed in as little as a single business day enabling your facilities access to LDAP SSO.

Understanding that not all situations are the same the typical time required for creating and configuring a VPN tunnel is about 8 hours of a single IT specialists working time.

The person that will usually be doing this on your IT

team will probably be someone with a title close to Network, or Database, Administrator.

CREATION OF SECURE VPN TUNNEL

policymedical.com

There are a few final tasks that cannot be skipped by your IT team:

To add the policy management vendor’s “no-reply” email address (i.e. no-reply@ilovepolicies.com) to your email safe list. Adding this email to your email safe list will allow the

policy management system to properly send emails. Though this task cannot be skipped its impact on your IT team should be at most one (1) working hour.

OTHER BASIC SECURITY CONSIDERATIONS

policymedical.com

The final thing to mention to your team and specifically your IT team is the fact that policy management systems do not contain any PHI (patient health information). This is very vital to know and communicate.

If IT teams are not communicated this simple, yet vital, fact they will be marching down a road to highly secure the policy management software in ways that are just not needed.

When a system houses any sort of PHI it needs to follow certain protocols and the data needs to be handled and secured in specific ways. Once again this is not the case for policy management

software. As there is no PHI there are only two other security measures that an IT team may want to take.

OTHER BASIC SECURITY CONSIDERATIONS

policymedical.com

1. The first would be to restrict access to certain locations by creating what is called a white list of IP addresses.

2. The second would be to channel all access to the policy management system through one internal intranet web page by embedding what is called an encrypted security token.

These two tasks would only take 1-2 hours of your time.

SECURITY MEASURES

policymedical.com

There you have it. There is certainly some IT time required to deploy policy management software, but probably not as much as you might think.

It is untrue if you are ever told that policy management software is deployed 100% by non-technical users on your end and the policy management vendor handles everything.

However the truth and main points to take away is that it will cumulatively take only one IT specialists time of around 2 days to do what is needed from a technical perspective.

Also to reiterate there is no patient health information. We mention this point again because over the past year every

healthcare facilities security team that we have encountered told us that all policy management vendors should openly and clearly communicate this fact. It saves them a ton of time if they know that ahead of time.

PERHAPS NOT AS MUCH IT TIME REQUIRED AS YOU MIGHT THINK

policymedical.com

If you would like to find out more, or would like to request a demo, please

don’t hesitate to contact our team here, at Policy Medical, who is always here to help with any questions you may have.

BENEFITING YOUR ORGANIZATION

policymedical.com

THANK YOU