omed09 phillips it practice

8/6/2019 Omed09 Phillips It Practice

1/45

IT in Practice, A Jumpstart!Alex Phillips, MCSE, CCNP, OMSIII

Lincoln Memorial UniversityDeBusk College of Osteopathic Medicine

[email protected]

American Osteopathic Association of Medical Informatics


2/45

My Background A decade of experience in designing, building, securing and support of

production networks in the Healthcare, Education, and Financial Sectors Previous Employers/Contracts:

SDS (Danaher): Systems Engineer / Project Manager/ Disaster RecoveryOfficer(DRO) for Sites in Australia, Japan, Mexico and Europe and Corporateoffice in Orange, CA

University of California at Irvine

UCI HealthSystems: Business Systems Analyst

UCI School of Medicine: Director of Medical Academic Computing

University of California at Los Angeles

UCLA School of Medicine: Bioinformatics support for Ambulatory CareResearch

Citibank: Datacenter Operations Engineer / Y2K Audit Team

Ameriquest Mortgage: Network Engineer/Project Manager/DRO/ Security Audit(Sarbanes-Oxley) Team

Argent Mortgage: Lead Network Engineer/DRO/ Security Audit (Sarbanes-Oxley) Team

IndyMac (OneWest) Bank: Senior Systems Analyst / Shift Lead


3/45


4/45

Goals NOT to make an engineer or programmer out of you!

Offer my experience and share IT Best Practices to helpavoid common pitfalls in implementation and audits

Prepare you for discussions with vendors you will partnerup with to build and support your office network

Discuss components of your office network

Hardware: Network devices, Servers, Backup and Cooling

Software: Choices and Licensing

Disaster Recovery

Introduce you to Electronic Medical Records with the firststep being E-Prescribing through the SureScriptsnetwork


5/45


6/45

Network Requirements Desktops Needing Wired Connections:

Doctors Office and Reception Areas A Full Complement per every 2 devices

(2) RJ45 CAT6 Ethernet ports to plug computers or printers into

(2) RJ45 CAT6 Ethernet ports used for Analog phones/fax machines (RJ11adapters) or IP Telephones with full CAT6 Connectors

Cabling run up the wall, through the ceiling to your Main Data Frame(MDF) where all of your network equipment will be stored

All MDF connections run through proper cable management into thenetwork switches

Audit Note: The door to the MDF must be closed and locked at alltimes per HIPPA


7/45

Network Requirements

Wireless DesktopConnections: Exam Rooms

Use the same Brand andmodel of wireless card in allPCs so you can quickly

spot intruders Keep all desktops on the

same driver revision for thewireless card

Wireless Intercom systemfor STAT requests tonursing station


8/45


Wireless Desktop Connections:Exam Rooms, contd.

Security Configurations

Use WPA2/AES (PSK2)

Enterprise to encrypt it Key Exchange every 7 hours

Dont broadcast your SSID

NO WEP EVER!


9/45


Optional Wireless Connections: Waiting Area

Have a separate Wireless Internetconnection for guests that is isolated fromyour office network

Have a cheap cable modem or DSLconnection connected to a consumer-

grade wireless router Example: Linksys WRTSL-54GS

Best processor, memory and wirelessspeed for your patients

Still secure with WPA+TKIP (PSK) but

your patients dont have to downloadspecial WPA2 drivers from Microsoft toget onto this network-NO WEP EVER!

Change the password monthly and haveit available at reception


10/45


Restroom?


11/45

Network Requirements, contd. Switch

Main component that all computers, servers and networkconnections outside the office are made through

Usually 24 or 48 client ports per switch, 1 device per port Laser or 1000 Mb Ethernet ports to connect to other

switches

Cisco example: 2960 Intelligent Ethernet Switch ($1600) 48 Ethernet (RJ45) Ports with Power over Ethernet (POE) 2 Fiber or 1000 Base-T ports to connect to other equipment

Advice: Buy 2 from your vendor and have a fullyconfigured standby and pay for the cheaper support planfrom the equipment maker: i.e. 8AM-5PM, Next BusinessDay


12/45

Network Requirements, contd.

Firewall

Protects your internal network from the outside world

One connection to your switch (internal) and oneconnection to your router (outside)

Audit Note: A physical and logical separation of your

network from the outside world will be required Advice: Purchase a router with integrated security features

and purchase the highest level of support for it, i.e. 4 hourSLA at 24/7 support


13/45

Network Requirements, contd.

Routers

TWO routers needed forTWO main connections

YOUR router for theconnection to your

internal network, to theswitch

Internet Service Provider(ISP) Router Connectionto the Internet

ISP

Practice

Router


14/45

Network Requirements, contd. Routers

YOUR Router Your router will be owned

and managed by you andyour IT support

Will be your controlled entrypoint into your network

Will have firewall featuresintegrated to reduce the costof implementing andsupporting a separatefirewall

Will incorporate WirelessAccess (802.1 a, b, g)managed securely

Offer secure remote VirtualPrivate Networking (VPN)Connections to your office

(Optional) Offer IntegratedPBX phone system supportfor IP Telephony

Practice

Router


15/45

Network Requirements, contd. Cisco Router Example: 1841 Modular Router with

Security, IP Base Feature Set ($3000): Up to T1 (1.5 Mb) speeds Up to four 10/100 Mbps built-in switch ports Up to 800 Virtual Private Networking (VPN) tunnels Support for wireless local-area network (LAN) standards

802.11a/b/g

Meets Design Requirements (1) Ethernet port to ISP Router (1) Ethernet port to switch (1) Cable/DSL Module or Ethernet Connection

to possible 2ndISP (Cable Modem) as backup

Wireless LAN 802.11a/b/g support Office Telephony Integration will require the 1861

Router Series ($5000) and IP Telephones ($400+ each)


16/45

Network Requirements, contd. Routers

Audit Note: A network redundancy plan with ServiceLevel Agreements (SLA) for the hardware and ISP thatconnect you to the E-Prescribing system and theInternet will be required

Advice: Buy an Integrated Services Router that will offer your

office Connectivity to outside networks Protection from outside threats through an embedded

firewall feature set Managed Wireless integration into your network

Purchase the highest level of support for it, i.e. 4 hour SLA

at 24/7/365 coverage Lease the Internet Router from ISP

All Hardware and Software will be covered under an (SLA)that is usually 4 8 hours of Time to Service Restoration


17/45

IT Room (MDF) Equipment Rack:

Network Equipment at top Router at the top Switch below with network

cabling routed to it

Servers Uninterruptable Power Supply

(UPS) Mounted at least 4 inches

above the floor You will need to have an

electrician install higheramperage electrical cabling toplug the UPS into

Setup power managementsoftware to shut down serversautomatically

Audit Note: The door to the MDFmust be closed and locked at alltimes per HIPPA


18/45

IT Room (MDF), contd. Environmental Controls:

Dedicated cooling Routed through its own conduit in

the ceiling Upgrade current HVAC system or

install a dedicated one in the office

Dedicated fire suppression andnotification

Dry fire-suppression systemprevents damage to equipment

Inergen FM-200

NO WATER EVER! Connected to building fire alarm

system

Audit Note: Your office managerand the on call physician contactinformation needs to be listed ascontacts for the burglar and alarmmonitoring systems


19/45

Server Hardware

Best Practices:

Hard drives: 15000 RPM drives help keep graphics files moving

quickly RAID 5: High performance way that a group of hard

drives work together to protect you from data loss

Memory ECC RAM: Error Correction Memory for highprocessing servers

At least 4GB is recommended for most applications

Processor: Intel Xeon

Advice: When selecting any of the parts (drives,memory, CPU,) look for the obvious price break, andselect the parts just below it


20/45

Server Hardware, contd.

Server Examples: ($6000 to $8000 each, fully

configured) HP ProLiant DL385 G5 Server

Industry Standard System Setup and troubleshooting: SmartStart Remote Administration: Insight Manager

Dell PowerEdge R710 Good if you already have Dell equipment in your

current network

Setup and troubleshooting: Dell Systems Build andUpdate Utility (SBUU)

Remote Administration: Dell OpenManage


21/45

Server Hardware, contd.

Tape Backup

Protect your patient data in the event of an equipmentfailure or office disaster

LTO-4-120 800/1600 GB tapes are the currentstandard

Buy from the same manufacturer as the serversystems you buy ($2500-3000)

HP: 1/8Ultrium 960 Tape Autoloader

Dell: PowerVault 124T LTO-4

Rackmount kits remove clutter


22/45


23/45

Server Software

Industry Standard: Windows Server 2003 or above

Small Office System 2003, Premium:

Adds MS Exchange for email and SQL Database server ifyou have more than 10 employees

You should license by connection for every employee youthink may be connecting to the system at the same time

Use Outlook Web Access in the practice to access email sothat users can get into the server from any web browser


24/45

Server Software, contd.

Antivirus/Malware: Trend Micro Worry Free Security;Advanced Server

Antivirus for your servers, desktops, email and wirelesssystems

Practice-wide management from one console

Minimal ongoing administration


25/45

Disaster Recovery

Audit Note: A thorough and properly tested Disaster

Recovery Plan will be required Advice: Plan should include:

Auditing and Accountability: At least two named DisasterRecovery Officers (DRO) for the practice, at least onenamed staff liaison per site

Server failure: at least 2 servers with overlapping networkand domain functions that fail-over to the other should theneed arise

Service Restoration: Contracted consultants with a block of hours and a Service

Level Agreement for turnaround time

Facility to see patients in if your primary one is compromised Automatic phone system failover to second office or answering

service with a dedicated person until you can failback to theprimary one


26/45

Disaster Recovery, contd.

Plan, contd.

Off-site Data Storage: Storage of important documentsand backup tapes in case of the loss of an entire sitesdata/equipment

Best choice: Iron Mountain pickup and on-call delivery

Tapes from one office sent to another office by courier

Bank vault that an office manager makes deliveries andpickups from


27/45

Practice Optimization Office Computers

Backup critical staff PCs at least weekly Have a default image of the desktops and laptops ready so you

can quickly bring them back up if their hard drives fail Ghost Altiris

Use Windows XP for the desktop Operating System and set for

automatic patch updates Use Microsoft Office for your Physicians, Billing and Accountingstaff only ($700) and Star Office (Under $50 per PC fromwww.sun.com) for every other PC.


28/45

Practice Optimization, contd. Dictation

Digital recorders with USB, Olympus is the standard

Plug in to PC and AS-5000 Software routes the dictationswherever they need to go

Route to Dragon Naturally Speaking, Physician edition

The preliminary transcription can go into the patient recordimmediately as a draft


29/45

Practice Optimization, contd. Dictation, contd.

Add a Medical terms .dic file to MS Word on thedictation/transcription workstation(s)to build in the mostcommon words

http://www.ptcentral.com/university/medterms_zip.html

http://mtherald.com/free-medical-spell-checker-for-microsoft-word-custom-dictionary

Your dictation is spell-checked against these medicaldictionaries that are now on ICD-10 standards FOR FREE!

The software does the majority of transcription and

correction for you, so your costs are reduced.


30/45

Practice Optimization, contd. Dictation Results

Have a private area, hosted by either party or a 3rdpartyfor uploading dictation files and downloading laboratoryand pathology results

Have an Input and Output folder for each day with amanifest of dictations done, and corresponding audio files

That same manifest should be sent back from dictationwith a file in MS Word 2003 format


31/45

Practice Optimization, contd.

Laboratory and Pathology Results Results should also be available electronically

A hosted site for delivery would be the best, siteadministrators have passphrases for the sites

Passwords like password are insecure

Passphrases like ibetiknowyourpassword are just as easyto remember but much more secure

Fax is always a backup, have name, telephone and faxinformation for each vendor posted in several locations


32/45


Outside Vendors

The main goal is to be ableto have 3 files immediatelyavailable from any office:

Dictation of last visit

Laboratory results

Pathology results


33/45


Worst case scenario: No chart available when on call

Visit a place with Internet access or start up your laptopwith a Wireless card

Get to those 3 files

Review all of the latest information needed

Call back an educated opinion on what your plan of care is

Also great for providers working in multiple offices


34/45

Time-Out!


Devices at the desktop

Switches and secured Routers

IT Room (MDF)

Equipment Rack

Environmental Controls

Server Hardware

Server Software

Disaster Recovery

Practice Optimization


35/45

Practice Electronic Records

EMR and E-Prescribing System Selection Goals

Get a new Certification Commission for Health InformationTechnology (CCHIT) certified system deployed

Get access to the national SureScripts E-Prescriptionnetwork

Quickly pass as many prescriptions through this system toqualify for meaningful use under American Recovery andReinvestment Act (ARRA) incentive guidelines


36/45

Practice Electronic Records, contd.

Choosing your system

Implementing any system will be a learning processrequiring proper preparation, training and ongoing support

Core SureScripts Services Rx Benefit: eligibility, benefits and formulary information

Rx History: prescription history information across providers

Rx Routing: secure computer-to-computer exchange ofprescriptions between prescribers and pharmacies

Buyers guide available atwww.surescripts.netfor systemsthat are certified to attach to the national prescriptionmanagement system

Advice: More than 40 different software vendors Focus on vendors that have Platinum or Gold Level Statusbecause they have the proper experience and resourcesto support your software


37/45


Top Certified Solution Providers

SureScripts Platinum Solution Providers:

NextGen EHR, RxNT

SureScripts Gold Solution Providers:

Allscripts ePrescribe, Axolotl Elysium, DrFirst Rcopia,

eClinicalWorks, GE/Kryptiq Centricity, NewCrop. Try to sample as many of these systems as you can and

make sure to involve other providers and office staff inthe evaluation process


38/45


Transition Period: Scan Everything!

Purchase several scanners and dedicate PC workstations to them

Install Adobe Acrobat Standard to scan documents into PDF format

Have a rotating group of people scanning the documents

Consider contracting with a staffing agency for some medical officeassistants that are technology savvy to be dedicated to this project

for the bulk of the work


39/45


Before EMR is fully implemented

Document Organization: Binary Large Object (BLOB) Build folders with Medical Record Numbers (MR) on them on a

server and have all patient records scanned into those folderswith subfolders based upon date

When the EMR is implemented, these documents (BLOBs) can

be imported into the patients electronic record since it is alreadysorted by the MR number and date of service

Any paperwork that providers still prefer to use while gettingused to using a tablet PC or laptop will continue to be scannedand added to the patients record


40/45


Before EMR is fully implemented

Prescription printing: Tamper proof paper with printing allowed from doctors

accounts only for that tray

Prescription Paper MUST BE SHIPPED to the Licenseaddress or the address on file with the DEA.

All scheduled drug security restrictions still apply; crossingout RX date and post-dating prescriptions is not 100%guaranteed to be in compliance

http://www.cpsintlinc.com/hospital-supplies/tamper-resistant-rx-paper.html

http://www.rxpaper.com


41/45


42/45


EMR Implemented:

Make time in staff meetings for EMR concerns and addressthem promptly

Have regular meetings with Project Champions to reviewresults Triage current issues and propose solutions

Discuss next phases for implementation (i.e. expansion modules)

Conference calls with your IT Partner At least once a week for the first four weeks after the system goes live

Relay staff questions and concerns

Follow up on support cases still outstanding


43/45

Next Step in Management

Remote Access

Virtual Private Network (VPN)access to your office

Citrix MetaFrame remoteaccess to EMR

RSA SecurID Two-FactorAuthentication

Data Backup:

Vaulting of tape system

Storage Area Network (SAN)

integration

Security

Best Practices

Surviving an audit


44/45

ANY QUESTIONS?


45/45

References

www.microsoft.com

www.cisco.com

www.dell.com

www.ironmountain.com

www.trendmicro.com

www.sun.com/software/staroffice/index.jsp

www.rxpaper.com

www.olympus.com

www.dragon-medical-transcription.com www.rsa.com

omed09 phillips it practice

Documents