u10a1 hogan
TRANSCRIPT
-
8/13/2019 u10a1 Hogan
1/34
-
8/13/2019 u10a1 Hogan
2/34
-
8/13/2019 u10a1 Hogan
3/34
HAPPY HEALTH SYSTEMS 3
Table of Contents
Proposal for Happy Health Systems ....................................................................................................... 1
Executive Summary ................................................................................................................................... 2
Table of Contents ....................................................................................................................................... 3
List of Figures ............................................................................................................................................. 5
List of Tables, Graphs, and Diagrams .................................................................................................... 6
Proposal for Happy Health Systems ....................................................................................................... 7
Approach ................................................................................................................................................. 8
Key Stakeholders ................................................................................................................................... 9
Requirements .......................................................................................................................................... 9
Business Architecture Design ............................................................................................................ 12
Hospital Network Topology ................................................................................................................. 12
Clinic and Research Facility Network Architecture Topography................................................... 16
DNS Naming Conventions .................................................................................................................. 17
WINS Naming Conventions ................................................................................................................ 18
Network Management Technique...................................................................................................... 21
Fault ............................................................................................................................................ 23
Configuration Management .................................................................................................... 23
Accounting Management ........................................................................................................ 24
Performance Management ..................................................................................................... 24
Security Management .............................................................................................................. 24
Performance Management ................................................................................................................. 26
Security Management .......................................................................................................................... 26
Ethical Responsibilities of the IT Professional................................................................................. 27
Safeguard the identities of clients barring any law that forbids them from doing so. .... 27
Not use technology in an inappropriate manner or to do harm......................................... 27
Maintain strict confidentiality of personal and company information entrusted to them.
28
Not access any information or resources without specific authorization. ........................ 28
High Level Technology Architecture.................................................................................................. 28
-
8/13/2019 u10a1 Hogan
4/34
HAPPY HEALTH SYSTEMS 4
Infrastructure Requirements ........................................................................................................... 28
Transmission of Data ....................................................................................................................... 29
Hardware Specific Requirements .................................................................................................. 30
HIPAA Compliance .............................................................................................................................. 31
References .................................................................................................................................................. 33
-
8/13/2019 u10a1 Hogan
5/34
HAPPY HEALTH SYSTEMS 5
List of Figures
FIGURE 1-OVERVIEW OF PROPOSED SYSTEM .............................................................................................. 7FIGURE 2-HOSPITAL BACKBONE MAP ............................................................................................................. 13
FIGURE 3- ROUTING TABLE FOR HOSPITAL.................................................................................................. 14
FIGURE 4-HOSPITAL ETHERNET TO USER .................................................................................................... 15FIGURE 5- BACKBONE TO HUB DISTRIBUTION ............................................................................................. 16FIGURE 6- HUB TO WORKSPACE LAYOUT ..................................................................................................... 17FIGURE 7- NAT ADDRESSING FOR HOSPITAL ............................................................................................... 18FIGURE 8-SITE MAP ............................................................................................................................................... 19FIGURE 9- CLINIC NAT ADDRESSING ............................................................................................................... 21FIGURE 10- NETWORK BACKBONE ................................................................................................................... 22FIGURE 11- FCAPS DIAGRAM ............................................................................................................................. 23FIGURE 12-DATA PROCESS UML ....................................................................................................................... 30
-
8/13/2019 u10a1 Hogan
6/34
HAPPY HEALTH SYSTEMS 6
List of Tables, Graphs, and Diagrams
TABLE 1-KEY STAKEHOLDERS ............................................................................................................................ 9TABLE 2- SITE IDENTIFICATION ......................................................................................................................... 10
TABLE 3- SITE NAMING CONVENTIONS........................................................................................................... 20
TABLE 5- AZURE PRICE LISTING ....................................................................................................................... 29
-
8/13/2019 u10a1 Hogan
7/34
HAPPY HEALTH SYSTEMS 7
Proposal for Happy Health Systems
Happy Health Systems consists of four hospitals, ten clinics, a research facility, and a
physicians practice that manages itself. They have a need to update its antiquated and varying
system with a unified EMR system, allowing their over 9000 users to access the system and
interact as their specific location requires. In addition to the EMR, each user must be able to
utilize a unique MS Exchange e-mail address, the MS Office suite, PeopleSoft ERP, Symantec
Security Suite, and Spybot Search and Destroy. While Happy Health desires Spybot Search
and Destroy, this proposal will outline why that would be duplicative.
Raleigh 1 Raleigh 2 Durham 1 Cary 1
MS Exchange Server
Primary Data Server Clust
(Details on Figure 1-2)
Zebulon 1 Raleigh 3
Pittsboro 1
Cary 3 Durham 2
Morrisville 1 Garner 1 Clayton 1 Wake Forest 1
Raleigh 4
MS Office Server
PeopleSoft ERT Server
EMR System
Apex 1
Figure 1-Overview of Proposed System
-
8/13/2019 u10a1 Hogan
8/34
HAPPY HEALTH SYSTEMS 8
Approach
The CEO and any designees will determine the exact state the business architecture is
in and will develop a realistic and measurable goal. Inclusion of State and Federal HIPAA laws
are required in this determination. This determination will also be made with the inclusion of all
departments that have been deemed essential by the CEO. The determination will be written,
and specific recommendations will be made in this proposal. The proposal follows a timeline
with specific milestones and goals:
Identify and quantify the success condition
While the CEO has affirmed certain needs for the company, certain restrictions
remain:
Budgetary
Time
Training involved with implementation
Maintenance after the fact
Milestone: All success conditions gathered, recorded, and approved by the
CEO.
Review all information
The CEO and team leaders will review the current state of the business
architecture and infrastructure, and will determine any changes, additions, or
subtractions that are required to support the new architecture and the success
condition
Milestone: A Unified Modeling Language (UML) diagram will be created
outlining information flow
Draft the preliminary proposal
-
8/13/2019 u10a1 Hogan
9/34
HAPPY HEALTH SYSTEMS 9
Milestone: Staffing needs, the UML process flow, and specific
infrastructure needs
Review and finalize the drafted proposal
Milestone: Hold meeting to review and finalize the proposal with the CEO,
CIO, Team Leaders, and any members crucial to the proposed process.
Key Stakeholders
The following table shows the key stakeholders for this proposal. While the CEO and
CIO will be the primary stakeholders, the current IT Team Leader will receive daily reports on
the status of the business architecture proposal.
Position Level
of
Interest
Level of
Influence
CEO High High
CIO High High
HR Team
Leader
High High
IT Team Leader High High
Marketing/Sales
Team Leader
Low Low
End User High High
Table 1-Key Stakeholders
Requirements
This section will document the core system requirements. These are divided by level
first, and then by system if needed. In developing these requirements, actual contracts from
-
8/13/2019 u10a1 Hogan
10/34
HAPPY HEALTH SYSTEMS 10
other vendors have been evaluated. The following requirements have been identified (Core
System Engineering Team 13 Jun 2011)
Data
o The data requirements define where the data is stored within the core system
Performance
o The quantifiable specifications of the core system
Functionality
o Specifically, what the core system will be doing
Non-Functionality
o The items relating to items not directly involved with operation of the core
system.
Limitations
o Items that the core system are not capable of
The information obtained throughout this process must be kept confidential. Employee
and patient sensitive information will be used in every record, and therefore, must have a senior
IT member with each transaction of data until the data is securely transferred onto the new
servers.
Table 2- Site Identification
Site ID Date Type Description Source of
Information
Locations # of
users
Priority
H1 Within 2
weeks
Hospital Raleigh 1 IT staff,
CEO, CIO
Corporate
offices,
Administration,
2000 1
-
8/13/2019 u10a1 Hogan
11/34
HAPPY HEALTH SYSTEMS 11
Treating,
Outpatient
H2 Within 4
weeks
Hospital Raleigh 2 IT staff,
CEO, CIO
Administration,
Treating,
Outpatient
2000 2
H3 Within 6
weeks
Hospital Durham 1 IT staff,
CEO, CIO
Administration,
Treating,
Outpatient
2000 3
H4 Within 8
weeks
Hospital Cary 2 IT staff,
CEO, CIO
Administration,
Treating,
Outpatient
2000 4
C1 Within 12
weeks
Clinic Raleigh 3 IT staff,
Clinic Staff
Outpatient,
Administration
100 5
C2 Within 14
weeks
Clinic Pittsboro 1 IT staff,
Clinic Staff
Outpatient,
Administration
100 6
C3 Within 18
weeks
Clinic Cary 3 IT staff,
Clinic Staff
Outpatient,
Administration
100 7
C4 Within 20
weeks
Clinic Durham 2 IT staff,
Clinic Staff
Outpatient,
Administration
100 8
C5 Within 22
weeks
Clinic Apex 1 IT staff,
Clinic Staff
Outpatient,
Administration
100 9
C6 Within 12
weeks
Clinic Morrisville
1
IT staff,
Clinic Staff
Outpatient,
Administration
100 10
C7 Within 14 Clinic Garner 1 IT staff, Outpatient, 100 11
-
8/13/2019 u10a1 Hogan
12/34
HAPPY HEALTH SYSTEMS 12
weeks Clinic Staff Administration
C8 Within 16
weeks
Clinic Clayton 1 IT staff,
Clinic Staff
Outpatient,
Administration
100 12
C9 Within 18
weeks
Clinic Wake
Forest 1
IT staff,
Clinic Staff
Outpatient,
Administration
100 13
C10 Within 20
weeks
Clinic Zebulon 1 IT staff,
Clinic Staff
Outpatient,
Administration
100 14
R1 Within 24
weeks
Research
Facility
Raleigh 4 It Staff,
Research
Staff,
CEO, CIO
Administration,
Research
facilities
35 15
Business Architecture Design
The specific success conditions that Happy Health Systems have provided will
include multiple steps and processes. These processes will be outlined in a top-down view
including; network topology, device selection, placement and protocol, and implementation. It is
critical that the needs outlined be met for Happy Health Systems to continue to grow.
Hospital Network Topology
The following diagram shows that it will take 7 routers, with 15 hubs per router, to
accomplish the task of over 1000 users per hospital. Though the diagram is self-explanatory, it
does bear repeating that there will need to be a firewall at the source, and that the source
modem must be able to handle the capacity we are going to need from it. Because of the
availability of high-speed internet in this area, requesting a gigabit router would not be out of the
question. If this could not be accomplished, each router would need its own feed of at least 10
mbps up, 30 mbps down to accomplish the task. Please note that even at this low speed, the
-
8/13/2019 u10a1 Hogan
13/34
HAPPY HEALTH SYSTEMS 13
WAN that will be created will be taxed heavily, and that the gigabit modem is certainly the
preferred method given its superior speed and ability to give each router full bandwidth needs
on demand.
AzureCloud
Modem
Symbol Count Descript ion
1
3
9
1
7
3
15
Modem
Wireless
access point
Comm-link
Firewall
Router
Ethernet
Hub
Legend Subtitle
Legend
1 Cloud
Firewall
Router
Hub
Wireless
AccessPoint
Hub
Hub
Hub
Hub
Cat 5Eor Greater
Cat 5E
or Greater
Cat 5Eor Greater
Cat 5Eor Greater
Cat 5Eor Greater
Wireless
Access
Point
Hub
Hub
Hub
Hub
Hub
Cat 5Eor Greater
Cat 5Eor Greater
Cat 5Eor Greater
Cat 5E
or Greater
Cat 5Eor Greater
Wireless
Access
Point
Hub
Hub
Hub
Hub
Hub
Cat 5E
or Greater
Cat 5Eor Greater
Cat 5Eor Greater
Cat 5Eor Greater
Cat 5Eor Greater
Router Router Router Router Router
Each router will have the following configuration:
Route
Figure 2-Hospital Backbone Map
Since there will be 7 routers, each must have a range of IP addresses to utilize.
Reserving some of the addresses at the beginning and end for possible expansion, and for
maintenance, the following schema can be developed:
-
8/13/2019 u10a1 Hogan
14/34
HAPPY HEALTH SYSTEMS 14
Router will issue NAT for 192.168.10.0-192.168.44.255
Router will issue NAT for 192.168.45.0-192.168.167.255
Router will issue NAT for 192.168.80.0-192.168.114.255
Router will issue NAT for 192.168.115.0-192.168.149.255
Router will issue NAT for 192.168.185.0-192.168.220.255
Router will issue NAT for 192.168.150.0-192.168.184.255
Router will issue NAT for 192.168.185.0-192.168.219.255
Router 1
Router 2
Router 3
Router 4
Router 7
Router 5
Router 6
Figure 3- Routing Table for Hospital
-
8/13/2019 u10a1 Hogan
15/34
HAPPY HEALTH SYSTEMS 15
Each of the routers will then distribute the WAN to 12 port hubs, which will distribute as below:
Symbol Count Description
1
1
10
1
Hub
Multi-function
device
Terminal
Ethernet
Hospital Hub Layout
Legend
10
Hub
Multifunctional
Printer
Dell Terminal
Dell Terminal
Dell Terminal
Dell Terminal
Dell Terminal
Dell Terminal
Dell Terminal
Dell Terminal
Dell Terminal
Dell Terminal
User
User
User
User
User
User
User
UserUser
User
This is Bob. He likes to standon his computer
Figure 4-Hospital Ethernet to User
-
8/13/2019 u10a1 Hogan
16/34
HAPPY HEALTH SYSTEMS 16
Clinic and Research Facility Network Architecture Topography
Unlike the Hospital Network Architecture, the Clinic and Research Facilities dont require
a gigabit modem. A standard high-speed modem with 35 mbps down and 5 mbps up is
standard in these areas, and should work wonderfully. There is no need to route the IP
addresses beyond the standard 192.168.0.0-192.168.255.255 because there will not be that
many users involved here. As before, a firewall will prevent unauthorized intrusions, and using
the terminals will prevent unauthorized use by employees.
AzureCloud
ModemSymbol Count Descript ion
1
1
3
1
1
1
5
Modem
Wireless
access point
Comm-link
Firewall
Router
Ethernet
Hub
Legend Subtitle
Legend
1 Cloud
Wireless
Access
Point
Firewall
Router
Hub
Hub
Hub
Hub
Hub
Cat 5Eor Greater
Cat 5Eor Greater
Cat 5Eor Greater
Cat 5Eor Greater
Cat 5Eor Greater
Clinic Layout
Figure 5- Backbone to Hub Distribution
Information will travel both ways, utilizing the firewall as our safety net, and Azure as our last
effort if anything were to be compromised. Since there is no data stored on-site, the data would
be much harder to access than normal servers, though again- not impossible. Since users in
these areas would have to gain a login, and with the login passwords changing monthly, the
access is automatically lessened. In both the Hospital and the Clinic hub diagrams, a
multifunctional printer is available. Should there be a need for more printers, 2 additional ports
remain on each hub to connect them.
-
8/13/2019 u10a1 Hogan
17/34
HAPPY HEALTH SYSTEMS 17
Symbol Count Description
1
1
10
1
Hub
Multi-function
device
Terminal
Ethernet
Hospital Hub Layout
Legend
10
Hub
MultifunctionalPrinter
Dell Terminal
Dell Terminal
Dell Terminal
Dell Terminal
Dell Terminal
Dell Terminal
Dell Terminal
Dell Terminal
Dell Terminal
Dell Terminal
User
User
User
User
User
User
User
UserUser
User
This is Bob. He likes to standon his computer
Figure 6- Hub to Workspace Layout
DNS Naming Conventions
DNS, or the Domain Name System, helps us get connected to computers by using
names. For instance, going to Google.com in your web browser takes you to the Google home
page, but it is actually redirecting you to an IP address that Google has assigned to the name.
While this may not seem important to a network such as ours, its functionality will be key. Using
DNS name resolution, our system will know how to assign IP addresses based on their location
-
8/13/2019 u10a1 Hogan
18/34
HAPPY HEALTH SYSTEMS 18
within our system. Since we are going to have 7 routers at the hospital level, assigning groups
of IP addresses (as discussed earlier) to certain areas or floors will be necessary.
Router will issue NAT for 192.168.10.0-192.168.44.255
Router will issue NAT for 192.168.45.0-192.168.167.255
Router will issue NAT for 192.168.80.0-192.168.114.255
Router will issue NAT for 192.168.115.0-192.168.149.255
Router will issue NAT for 192.168.185.0-192.168.220.255
Router will issue NAT for 192.168.150.0-192.168.184.255
Router will issue NAT for 192.168.185.0-192.168.219.255
ER
Non EmergentFloors
Billing
Outpatient Clinics
NonessentialFunctions
OR
ICU/ CICU/ NICU/PACU
Figure 7- NAT Addressing for Hospital
As you can see, each router uses a block of IP addresses. Since the hospitals all
operate in similar manners, the emergent and critical areas will all have their own IP block from
which to be addressed. This will not be accessible from any unknown external sources, as the
Firewall we put in place will stop any potential intrusion. Naming in this way also allows us to
isolate any potential problems quickly, and be able to communicate with on-site staff in a more
friendly, non-technology laden conversation.
WINS Naming Conventions
-
8/13/2019 u10a1 Hogan
19/34
HAPPY HEALTH SYSTEMS 19
WINS, or Windows Internet Naming Service, is a system that determines the IP address
associated with a specific computer on a network. Further, it is a database that recognizes
names of computers, and assigns them with a given IP address in a network.(Technet n.d.) For
example, a computer named Research and Development and Julies Computer both request
an IP address from the WINS server. The WINS server then looks up each and assigns them
the specified IP address, or uses Dynamic Host Configuration Protocol to assign an IP from a
bank of unused IP addresses.
Raleigh 1 Raleigh 2 Durham 1 Cary 1
MS Exchange Server
Primary Data Server Cluster
(Details on Figure 1-2)
Zebulon 1 Raleigh 3
Pittsboro 1
Cary 3 Durham 2
Morrisville 1 Garner 1 Clayton 1 Wake Forest 1
Raleigh 4
MS Office Server
PeopleSoft ERT Server
EMR System
Apex 1
Figure 8-Site Map
-
8/13/2019 u10a1 Hogan
20/34
HAPPY HEALTH SYSTEMS 20
Because of the breadth of the scope of computers we are connecting, it would be
wise to assign naming conventions to assigned spaces. This convention will be the building
types letter (H for hospital, C for clinic and R for Research and Development), The Location
according to Fig 1, the physical floor number, suite, and wall jack plate number. This will then
give the WINS the precise locations that need an IP address, as well as giving the service
technicians an exact location, should there be a need for maintenance. The table below
outlines some examples of this naming convention:
Table 3- Site Naming Conventions
Building Location
(3Char)
Floor # Suite # Wall
Plate #
WINS Name
Hospital RA1 1 1000 1 H_RA1_1_1000_1
Hospital DU1 4 4321 64 H_DU1_4_4321_64
Clinic RA3 1 1432 12 C_RA3_1_1432_12
Clinic MO1 17 1749 6 C_MO1_17_1749_6
Research And
Development
RA4 6 90 14 R_RA4_6_90_14
As mentioned before, the computers used in each setting will be using DHCP. Each computer
will be assigned, according to their grouping in the table below, a unique IP address. This
address will be leased to the computer for 24 hours, minimizing the possibility of intrusion, and
allowing for computers to receive any updates through re-joining the network.
While this addresses the hospital functions, it does not directly address the clinical or research
DHCP. They shall be named as follows:
-
8/13/2019 u10a1 Hogan
21/34
HAPPY HEALTH SYSTEMS 21
Router will issue NAT for 192.168.10.0-192.168.44.255
Router will issue NAT for 192.168.45.0-192.168.167.255
Router will issue NAT for 192.168.80.0-192.168.114.255
Router will issue NAT for 192.168.115.0-192.168.149.255
Router will issue NAT for 192.168.185.0-192.168.220.255
Router will issue NAT for 192.168.150.0-192.168.184.255
Router will issue NAT for 192.168.185.0-192.168.219.255
Front Desk
Procedure Rooms
Billing
Records Room
Nonessential
Functions
Reserved forExpansion
Towed Patients
Figure 9- Clinic NAT Addressing
Since both the Clinics and the Research facility will have the functions above, they can share
the same addressing protocols. Unlike the Hospitals, these facilities will have a 48 hour lease
time, which will allow for the system to update appropriately, and minimize intrusion. The
reason for not renewing the lease more often is to allow the hospitals time to employ updates to
the NOS or for routine maintenance with minimal interruption to any of the facilities.
Network Management Technique
To determine the appropriate network management technique, we must review the structure of
the network we plan to have in place.
-
8/13/2019 u10a1 Hogan
22/34
HAPPY HEALTH SYSTEMS 22
AzureCloud
Modem
Symbol Count Description
1
3
9
1
7
3
15
Modem
Wireless
access point
Comm-link
Firewall
Router
Ethernet
Hub
Legend Subtitle
Legend
1 Cloud
Firewall
Router
Hub
Wireless
Access
Point
Hub
Hub
Hub
Hub
Cat 5Eor Greater
Cat 5Eor Greater
Cat 5Eor Greater
Cat 5Eor Greater
Cat 5Eor Greater
Wireless
Access
Point
Hub
Hub
Hub
Hub
Hub
Cat 5Eor Greater
Cat 5Eor Greater
Cat 5Eor Greater
Cat 5Eor Greater
Cat 5E
or Greater
Wireless
Access
Point
Hub
Hub
Hub
Hub
Hub
Cat 5Eor Greater
Cat 5E
or Greater
Cat 5Eor Greater
Cat 5Eor Greater
Cat 5Eor Greater
Router Router Router Router Router
Each router will have the following configuration:
Router
Figure 10- Network Backbone
Unlike most plans, we intend to use off-site servers to host the data, including programmatic
access. The methodology we used to arrive at the following Network Administration model was
based off of Ciscos ISO Network Management Profile. (Cisco)
-
8/13/2019 u10a1 Hogan
23/34
HAPPY HEALTH SYSTEMS 23
Windows Azure Server
Fault ManagementConfiguration Management Performance Management
Accounting Management
Log files
Figure 11- FCAPS Diagram
As you can see from the above, we have implemented a FCAPS approach.
Fault
o We have assigned a specific server to detect fault, isolate its cause, notify the
appropriate team for fault resolution, and finally to correct those faults.
o All actions from this server will be logged to the Log File Server.
Configuration Management
-
8/13/2019 u10a1 Hogan
24/34
HAPPY HEALTH SYSTEMS 24
o In addition to rolling out updates to workstations as needed, the configuration
server will also house the configuration files for same and maintain inventory of
NA related items.
o All actions from this server will be logged to the Log File Server.
Accounting Management
o This server will poll the log files for connection times, usage statistics, and lease
expirations.
o All actions from this server will be logged to the Log File Server.
Performance Management
o This server will measure performance overall for the network, and will ensure that
it remains at an acceptable level.
o All actions from this server will be logged to the Log File Server.
Security Management
o As you can see, there is no specific server dedicated to security. This is because
Microsoft Windows Azure provides security management as part of their service.
There would be no need to dedicate further servers to this cause.
o All potential security threats or intrusions will be logged by Windows Azure, and
will be published to the Log File Server.
In addition to the techniques addressed above, the cloud server will also assist the
routers with network traffic management. While the routers will be in direct control through
DHCP and a Firewall, the cloud will be able to annotate any and all calls to operate outside of
the parameters already established. An example would be someone attempting to access their
personal Facebook account. This is clearly outside of the networks intended function. The
access would be blocked through the Firewall, but the Azure server would also log that attempt.
-
8/13/2019 u10a1 Hogan
25/34
HAPPY HEALTH SYSTEMS 25
Repeated attempts to circumvent the established acceptable usage would trigger an alert to the
appropriate personnel for follow up action.
-
8/13/2019 u10a1 Hogan
26/34
HAPPY HEALTH SYSTEMS 26
Performance Management
To develop a cohesive strategy for addressing the performance of the network, the
following items need to be addressed:
Determining the specific data to collect
Interpreting that data
Disseminating and presenting that data
Windows Azure will work as the data collection service, once we outfit it with the specific
data we want. As mentioned before, we want all data traffic logged. This would normally be a
large item, but the Azure servers are more than capable of collecting that data. The data
though, is not in a vacuum. We must interpret it appropriately and that will require periodic
review. To ensure thoroughness, we will review the traffic logs once a week for anomalies.
Every quarter, we will delve deeper into what exactly is being transmitted, and will create a
repository for old logs that have been reviewed. This will also eliminate stress on the server by
not having years worth of log files active.
Each quarter, after the internal audit is complete, the engineers who have reviewed the
data will disseminate that information to the entire IT team, to include the CIO. This will ensure
that every person is aware of the performance of the network, and has an opportunity to
address any concerns they may have.
Security Management
Because there is no specific server dedicated to security, there is a belief that the server is less
secure. To address this specifically, we must address the following:
o Is there potential for threat?
o If so, does the potential come from external factors or internal factors?
o How will threat be mitigated?
o What happens when there is a verified breach?
-
8/13/2019 u10a1 Hogan
27/34
HAPPY HEALTH SYSTEMS 27
There is always a potential for threat to any system. Because our system is closed to
general internet usage, the threat is greatly minimized. The greatest threat to this system is
users attempting to circumvent the procedures and policies in place. While using the internet at
work may seem like a right, it is an unacceptable risk to patient privacy laws, and to the data we
will be storing for years to come.
If there is an unauthorized breach onto the internet through sites like Facebook,
Twitter, etc., the leadership will be required to take either remedial or punitive action. There is
little danger outside of circumvention, as the passwords used will be refreshed at regular
intervals (as previously noted), and again, the server is located off site, with Windows Azure
monitoring the data stream. Should there be an intentional attack on the data, the appropriate
law enforcement authorities will be notified.
Ethical Responsibilities of the IT Professional
An ethical IT professional shall:
Safeguard the identities of clients barring any law that forbids them from doing so.
This tenant of holding information as a sacred trust is not new. The Information Systems Audit
and Control Association, or ISACA, has in its code of ethics that an IT professional should
maintain the privacy and confidentiality of information obtained in the course of their activities
unless disclosure is required by legal authority.(ISACA n.d.) Naturally the intent is to maintain
anonymity and confidentiality of the users and employers of the IT professional, however there
needed to be a definitive line where the ethics must give way to established law. This is in
keeping with a culture of anonymity, as well as ensuring that a computerized invasion of privacy
remains a low threat from within the IT community.
Not use technology in an inappropriate manner or to do harm.
Harming others, such as destroying their physical belongs, is equally as destructive as if it
were to happen to digital belongings (Xanatomy) While this precept is defined under
-
8/13/2019 u10a1 Hogan
28/34
HAPPY HEALTH SYSTEMS 28
professional ethics, there are special circumstances that allow an IT professional greater access
to instruments of harm. Though an IT professional does not literally deal in life and death
scenarios like a doctor, they still must do good or do no harm.(Hippocrates 400 B.C) This is
clearly in line with the tenant of non-malfeasance.
Maintain strict confidentiality of personal and company information entrusted to them.
As discussed previously, the care of information is paramount to the IT profession as a
whole. As with the Hippocratic book, Epidemics, the IT professional signs an unwritten contract
with the user or company that he or she will do everything within their power to ensure
information is not only secure, but that there is a proactive approach to evaluating future threats
and possible intrusions. An IT professional must hold this duty to safeguard as they would hold
any idea to be sacred. As soon as the agreement is made, the IT professional owns the
information and must treat it accordingly.
Not access any information or resources without specific authorization.
Here again, modern medicine can play a role in helping define the ethics of the IT
professional. Borrowing from the HIPAA Act, an entity is permitted or required by the
rules to use or disclose protected health information without an individuals written
authorization. (Federal Register Vol. 65Dec. 2000) Clearly the idea of protecting information is
paramount in healthcare, and with the increase in utilizing IT in that field, there is doubly a need
to safeguard information.
High Level Technology Architecture
There are three main areas in which the technology architecture will be most affected;
the infrastructure requirements, the transmission of data and hardware specific requirements.
Infrastructure Requirements
The business architecture that has been proposed includes the need for multiple
persistent internet connections. Because of this, and the need for security, Windows Azure
-
8/13/2019 u10a1 Hogan
29/34
HAPPY HEALTH SYSTEMS 29
servers are the best solution for data management. With relatively low overhead and the
lowered need of staff to maintain servers and specific data points, the Windows Azure line of
data services offers the most support affordable. This data solution best fits our needs without
having to train and hire many staff members.
Transmission of Data
The primary focus of our transmission should be security. Because the servers are
housed off-site, there is a lesser chance of internal liability as well as a lessened chance of
internal security breaches. Windows Azure has multiple pricing plans, but their premium
database allows us the flexibility we would need for rapid deployment. This plan, if acted on
promptly, would also allow for a 50% reduction in cost, as part of the preview that Microsoft is
offering. (Windows Azure 2013) Azure offers two different types of storage, and the Locally
Redundant storage would fit Happy Healths need. This reflects a total cost of $0.007 per GB
per month.(Windows Azure2013) scalable.
Table 4- Azure Price Listing
STORAGE CAPACITY GEOGRAPHICALLY REDUNDANT LOCALLYREDUNDANT
First 1 TB1/ Month $0.095 per GB $0.07 per GB
Next 49 TB / Month $0.08 per GB $0.065 per GB
Next 450 TB / Month $0.07 per GB $0.06 per GB
Next 500 TB / Month $0.065 per GB $0.055 per GB
Next 4,000 TB / Month $0.06 per GB $0.045 per GB
Next 4,000 TB / Month $0.055 per GB $0.037 per GB
Over 9,000 TB / MonthContact us Contact us
mailto:[email protected]:[email protected]:[email protected]:[email protected] -
8/13/2019 u10a1 Hogan
30/34
HAPPY HEALTH SYSTEMS 30
* Based on 744 hours per month
1 1 TB = 1,024 GB.
Hospital
Clinic
Research Facility
MS Office Suite
EMR Server
PeopleSoft ERT
Image Server
Print Server
MS Exchange Server
Figure 12-Data Process UML
Hardware Specific Requirements
Because of the number of different systems in place, and the inadequate control
measures this presents, equipping every user base with similar workstations would be key.
Because of the nature of technology, it would be in Happy Health Systems best interest to
invest in workstations that will be scalable. The Intel Core i5 processor, while fast and
-
8/13/2019 u10a1 Hogan
31/34
HAPPY HEALTH SYSTEMS 31
moderately expensive, allows for expanding network to include future programs. The i5 is also
the mid-grade of current Intel Chips. There should not be a great need for memory above 4GB,
and since RAM is easily replaced, is adequate for future endeavors. Choosing a small form
factor will allow for ease of use, and not having it get in the way when navigating to patients.
There should be no need for a physical storage drive on these workstations, and the use of USB
devices should be restricted to ensure appropriate security. With Windows Azure using
Windows Server 2012 R2, workstations will be able to utilize Windows 7. While Happy Health
has requested that SpyBot be installed on each station, this is ill advised and duplicative.
Symantec offers Symantec cloud (Symantec.com 2013) which prevents any intrusion via
email, cloud, or unforeseen attack. Since the workstations will not have a physical drive to
install to, there is no need to protect the workstations from attack. A preliminary search of such
devices costs out at anywhere from $700-$850. (dell.com 2013) While this seems like a large
amount, purchasing in bulk, and for healthcare uses, will undoubtedly ensure a price break. In
addition to the workstations, the existing cabling of Cat5e would need to be inspected for
adequate throughput.
HIPAA Compliance
Ensuring privacy is paramount in this endeavor. To ensure HIPAA regulations are met,
the following review of systems must be done: (Milne, Michael)
Physical Security
o Can the data be physically be stolen?
User Security
o Is it easy to log in without a password?
o Is the data secure from guest accounts?
System Security
o What happens if there is an intrusion?
o What happens if there is a hardware failure?
-
8/13/2019 u10a1 Hogan
32/34
HAPPY HEALTH SYSTEMS 32
Network Security
o Can people not in the system access the data?
o Are there open ports?
The answers are fairly straightforward when dealing with a cloud structure. The data can
be physically stolen, but the likelihood of that happening is very low. A thief would have to know
which server housed the data, would have to gain entry into the Azure server locale, and be
able to physically access that server and steal the data. Given Microsofts history of having
secure and anonymous servers, this is an unlikely event. Using secure password authentication
will make entry into the server more difficult. Enabling a 60 day password change will assist in
regulating stolen passwords, forgotten passwords, and common passwords. This level of
security also denies the use of guest accounts. Should there be an intrusion, the Windows
Azure team will be able to assist us in the corrective action needed. As an added security, the
Professional Direct (Windows Azure) support feature of Azure includes a
-
8/13/2019 u10a1 Hogan
33/34
HAPPY HEALTH SYSTEMS 33
References
Brain, Marshall and Crawford, Stephanie. (n.d.)How Domain Name Servers Work. How Stuff
Works. Retrieved fromhttp://www.howstuffworks.com/dns.htm
Cisco (n.d.)Network Management System: Best Practices White Paper.Retrieved fromhttp://www.cisco.com/en/US/tech/tk869/tk769/technologies_white_paper09186a00800ae
a9c.shtml
Core System Engineering Team (13 Jun 2011) Core System Requirements Specification (SyRS).
Intelligent Transportation Systems Joint Program Office. Retrieved from
http://www.its.dot.gov/meetings/pdf/CoreSystem_SE_SyRS_RevA%20(2011-06-13).pdf
Dell.com (2013) Retrieved from
http://www.dell.com/us/business/p/desktops-n-
workstations.aspx?c=us&cs=04&l=en&s=bsd&ST=%20computer%20%20workstations
&dgc=ST&cid=265771&lid=4835267&acd=12309152537461020#!tabId=9A5EF418&f
acets=116823~0~3611731,51795~0~11401827&p=1
Federal Register Vol. 65 (Dec. 28,2000) Retrieved from
http://www.hhs.gov/ocr/privacy/hipaa/administrative/privacyrule/prdecember2000all8par
ts.pdf
US Departments of Health and Human Services (n.d.) Retrieved from
http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/index.html
Hippocrates (400 BC) Of The Epidemics. Retrieved fromhttp://www.grtbooks.com/exitfram.asp?idx=0&yr=-
460&aa=HI&at=AA&ref=hippocrates&URL=http://classics.mit.edu/Hippocrates/epidem
ics.html
ISACA(n.d.) Code of Professional Ethics. Retrieved from
http://www.isaca.org/Certification/Code-of-Professional-Ethics/Pages/default.aspx
http://www.howstuffworks.com/dns.htmhttp://www.howstuffworks.com/dns.htmhttp://www.howstuffworks.com/dns.htmhttp://ttp//www.cisco.com/en/US/tech/tk869/tk769/technologies_white_paper09186a00800aea9c.http://ttp//www.cisco.com/en/US/tech/tk869/tk769/technologies_white_paper09186a00800aea9c.http://ttp//www.cisco.com/en/US/tech/tk869/tk769/technologies_white_paper09186a00800aea9c.http://ttp//www.cisco.com/en/US/tech/tk869/tk769/technologies_white_paper09186a00800aea9c.http://www.its.dot.gov/meetings/pdf/CoreSystem_SE_SyRS_RevA%20(2011-06-13).pdfhttp://www.its.dot.gov/meetings/pdf/CoreSystem_SE_SyRS_RevA%20(2011-06-13).pdfhttp://www.dell.com/us/business/p/desktops-n-workstations.aspx?c=us&cs=04&l=en&s=bsd&ST=%20computer%20%20workstations&dgc=ST&cid=265771&lid=4835267&acd=12309152537461020#!tabId=9A5EF418&facets=116823~0~3611731,51795~0~11401827&p=1http://www.dell.com/us/business/p/desktops-n-workstations.aspx?c=us&cs=04&l=en&s=bsd&ST=%20computer%20%20workstations&dgc=ST&cid=265771&lid=4835267&acd=12309152537461020#!tabId=9A5EF418&facets=116823~0~3611731,51795~0~11401827&p=1http://www.dell.com/us/business/p/desktops-n-workstations.aspx?c=us&cs=04&l=en&s=bsd&ST=%20computer%20%20workstations&dgc=ST&cid=265771&lid=4835267&acd=12309152537461020#!tabId=9A5EF418&facets=116823~0~3611731,51795~0~11401827&p=1http://www.dell.com/us/business/p/desktops-n-workstations.aspx?c=us&cs=04&l=en&s=bsd&ST=%20computer%20%20workstations&dgc=ST&cid=265771&lid=4835267&acd=12309152537461020#!tabId=9A5EF418&facets=116823~0~3611731,51795~0~11401827&p=1http://www.dell.com/us/business/p/desktops-n-workstations.aspx?c=us&cs=04&l=en&s=bsd&ST=%20computer%20%20workstations&dgc=ST&cid=265771&lid=4835267&acd=12309152537461020#!tabId=9A5EF418&facets=116823~0~3611731,51795~0~11401827&p=1http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/index.htmlhttp://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/index.htmlhttp://ttp//www.grtbooks.com/exitfram.asp?idx=0&yr=-4http://ttp//www.grtbooks.com/exitfram.asp?idx=0&yr=-4http://ttp//www.grtbooks.com/exitfram.asp?idx=0&yr=-4http://ttp//www.grtbooks.com/exitfram.asp?idx=0&yr=-4http://ttp//www.grtbooks.com/exitfram.asp?idx=0&yr=-4http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/index.htmlhttp://www.dell.com/us/business/p/desktops-n-workstations.aspx?c=us&cs=04&l=en&s=bsd&ST=%20computer%20%20workstations&dgc=ST&cid=265771&lid=4835267&acd=12309152537461020#!tabId=9A5EF418&facets=116823~0~3611731,51795~0~11401827&p=1http://www.dell.com/us/business/p/desktops-n-workstations.aspx?c=us&cs=04&l=en&s=bsd&ST=%20computer%20%20workstations&dgc=ST&cid=265771&lid=4835267&acd=12309152537461020#!tabId=9A5EF418&facets=116823~0~3611731,51795~0~11401827&p=1http://www.dell.com/us/business/p/desktops-n-workstations.aspx?c=us&cs=04&l=en&s=bsd&ST=%20computer%20%20workstations&dgc=ST&cid=265771&lid=4835267&acd=12309152537461020#!tabId=9A5EF418&facets=116823~0~3611731,51795~0~11401827&p=1http://www.dell.com/us/business/p/desktops-n-workstations.aspx?c=us&cs=04&l=en&s=bsd&ST=%20computer%20%20workstations&dgc=ST&cid=265771&lid=4835267&acd=12309152537461020#!tabId=9A5EF418&facets=116823~0~3611731,51795~0~11401827&p=1http://www.its.dot.gov/meetings/pdf/CoreSystem_SE_SyRS_RevA%20(2011-06-13).pdfhttp://ttp//www.cisco.com/en/US/tech/tk869/tk769/technologies_white_paper09186a00800aea9c.http://ttp//www.cisco.com/en/US/tech/tk869/tk769/technologies_white_paper09186a00800aea9c.http://www.howstuffworks.com/dns.htm -
8/13/2019 u10a1 Hogan
34/34
HAPPY HEALTH SYSTEMS 34
Milne, Michael (10 Mar 2006)HIPAA in a Nutshell Guidelines for EMR and Paper Medical
Records Compliance. Ezine Articles. Retrieved from
http://ezinearticles.com/?HIPAA-in-a-Nutshell---Guidelines-for-EMR-and-Paper-
Medical-Records-Compliance&id=156737
Sessions, Roger. (May 2007)A Comparison of the Top Four Enterprise-Architecture
Methodologies. ObjectWatch, Inc. Retrieved from
http://msdn.microsoft.com/en-us/library/bb466232.aspx#eacompar_topic8
Symantec.com (2013) Retrieved from
http://www.symantec.com/products-solutions/families/?fid=symantec-cloud
TechNet (n.d.) What is WINS?Retrieved from
http://technet.microsoft.com/en-us/library/cc784180(WS.10).aspx
WebNMS.com (n.d.) 5.22 Introduction to Performance Management. Retrieved from
http://www.webnms.com/webnms/help/developer_guide/performance_management/perf_
overview.html
Windows Azure (n.d.) Retrieved from
http://www.windowsazure.com/en-us/pricing/details/storage/
Retrieved fromhttp://www.windowsazure.com/en-us/pricing/details/sql-
database/#service-premium
Azure Support Features.Retrieved from
http://www.windowsazure.com/en-us/support/plans/
http://ezinearticles.com/?HIPAA-in-a-Nutshell---Guidelines-for-EMR-and-Paper-http://www.symantec.com/products-solutions/families/?fid=symantec-cloudhttp://technet.microsoft.com/en-us/library/cc784180(WS.10).aspxhttp://technet.microsoft.com/en-us/library/cc784180(WS.10).aspxhttp://www.webnms.com/webnms/help/developer_guide/performance_management/perf_overview.htmlhttp://www.webnms.com/webnms/help/developer_guide/performance_management/perf_overview.htmlhttp://www.webnms.com/webnms/help/developer_guide/performance_management/perf_overview.htmlhttp://www.windowsazure.com/en-us/pricing/details/storage/http://www.windowsazure.com/en-us/pricing/details/storage/http://www.windowsazure.com/en-us/pricing/details/sql-http://www.windowsazure.com/en-us/pricing/details/sql-http://www.windowsazure.com/en-us/pricing/details/sql-http://www.windowsazure.com/en-us/support/plans/http://www.windowsazure.com/en-us/support/plans/http://www.windowsazure.com/en-us/support/plans/http://www.windowsazure.com/en-us/pricing/details/sql-http://www.windowsazure.com/en-us/pricing/details/storage/http://www.webnms.com/webnms/help/developer_guide/performance_management/perf_overview.htmlhttp://www.webnms.com/webnms/help/developer_guide/performance_management/perf_overview.htmlhttp://technet.microsoft.com/en-us/library/cc784180(WS.10).aspxhttp://www.symantec.com/products-solutions/families/?fid=symantec-cloudhttp://ezinearticles.com/?HIPAA-in-a-Nutshell---Guidelines-for-EMR-and-Paper-