u10a1 hogan

8/13/2019 u10a1 Hogan

1/34

8/13/2019 u10a1 Hogan

2/34

8/13/2019 u10a1 Hogan

3/34

HAPPY HEALTH SYSTEMS 3

Table of Contents

Proposal for Happy Health Systems ....................................................................................................... 1

Executive Summary ................................................................................................................................... 2

Table of Contents ....................................................................................................................................... 3

List of Figures ............................................................................................................................................. 5

List of Tables, Graphs, and Diagrams .................................................................................................... 6

Proposal for Happy Health Systems ....................................................................................................... 7

Approach ................................................................................................................................................. 8

Key Stakeholders ................................................................................................................................... 9

Requirements .......................................................................................................................................... 9

Business Architecture Design ............................................................................................................ 12

Hospital Network Topology ................................................................................................................. 12

Clinic and Research Facility Network Architecture Topography................................................... 16

DNS Naming Conventions .................................................................................................................. 17

WINS Naming Conventions ................................................................................................................ 18

Network Management Technique...................................................................................................... 21

Fault ............................................................................................................................................ 23

Configuration Management .................................................................................................... 23

Accounting Management ........................................................................................................ 24

Performance Management ..................................................................................................... 24

Security Management .............................................................................................................. 24

Performance Management ................................................................................................................. 26

Security Management .......................................................................................................................... 26

Ethical Responsibilities of the IT Professional................................................................................. 27

Safeguard the identities of clients barring any law that forbids them from doing so. .... 27

Not use technology in an inappropriate manner or to do harm......................................... 27

Maintain strict confidentiality of personal and company information entrusted to them.

28

Not access any information or resources without specific authorization. ........................ 28

High Level Technology Architecture.................................................................................................. 28

8/13/2019 u10a1 Hogan

4/34


Infrastructure Requirements ........................................................................................................... 28

Transmission of Data ....................................................................................................................... 29

Hardware Specific Requirements .................................................................................................. 30

HIPAA Compliance .............................................................................................................................. 31

References .................................................................................................................................................. 33

8/13/2019 u10a1 Hogan

5/34


List of Figures

FIGURE 1-OVERVIEW OF PROPOSED SYSTEM .............................................................................................. 7FIGURE 2-HOSPITAL BACKBONE MAP ............................................................................................................. 13

FIGURE 3- ROUTING TABLE FOR HOSPITAL.................................................................................................. 14

FIGURE 4-HOSPITAL ETHERNET TO USER .................................................................................................... 15FIGURE 5- BACKBONE TO HUB DISTRIBUTION ............................................................................................. 16FIGURE 6- HUB TO WORKSPACE LAYOUT ..................................................................................................... 17FIGURE 7- NAT ADDRESSING FOR HOSPITAL ............................................................................................... 18FIGURE 8-SITE MAP ............................................................................................................................................... 19FIGURE 9- CLINIC NAT ADDRESSING ............................................................................................................... 21FIGURE 10- NETWORK BACKBONE ................................................................................................................... 22FIGURE 11- FCAPS DIAGRAM ............................................................................................................................. 23FIGURE 12-DATA PROCESS UML ....................................................................................................................... 30

8/13/2019 u10a1 Hogan

6/34


List of Tables, Graphs, and Diagrams

TABLE 1-KEY STAKEHOLDERS ............................................................................................................................ 9TABLE 2- SITE IDENTIFICATION ......................................................................................................................... 10

TABLE 3- SITE NAMING CONVENTIONS........................................................................................................... 20

TABLE 5- AZURE PRICE LISTING ....................................................................................................................... 29

8/13/2019 u10a1 Hogan

7/34


Proposal for Happy Health Systems

Happy Health Systems consists of four hospitals, ten clinics, a research facility, and a

physicians practice that manages itself. They have a need to update its antiquated and varying

system with a unified EMR system, allowing their over 9000 users to access the system and

interact as their specific location requires. In addition to the EMR, each user must be able to

utilize a unique MS Exchange e-mail address, the MS Office suite, PeopleSoft ERP, Symantec

Security Suite, and Spybot Search and Destroy. While Happy Health desires Spybot Search

and Destroy, this proposal will outline why that would be duplicative.

Raleigh 1 Raleigh 2 Durham 1 Cary 1

MS Exchange Server

Primary Data Server Clust

(Details on Figure 1-2)

Zebulon 1 Raleigh 3

Pittsboro 1

Cary 3 Durham 2

Morrisville 1 Garner 1 Clayton 1 Wake Forest 1

Raleigh 4

MS Office Server

PeopleSoft ERT Server

EMR System

Apex 1

Figure 1-Overview of Proposed System

8/13/2019 u10a1 Hogan

8/34


Approach

The CEO and any designees will determine the exact state the business architecture is

in and will develop a realistic and measurable goal. Inclusion of State and Federal HIPAA laws

are required in this determination. This determination will also be made with the inclusion of all

departments that have been deemed essential by the CEO. The determination will be written,

and specific recommendations will be made in this proposal. The proposal follows a timeline

with specific milestones and goals:

Identify and quantify the success condition

While the CEO has affirmed certain needs for the company, certain restrictions

remain:

Budgetary

Time

Training involved with implementation

Maintenance after the fact

Milestone: All success conditions gathered, recorded, and approved by the

CEO.

Review all information

The CEO and team leaders will review the current state of the business

architecture and infrastructure, and will determine any changes, additions, or

subtractions that are required to support the new architecture and the success

condition

Milestone: A Unified Modeling Language (UML) diagram will be created

outlining information flow

Draft the preliminary proposal

8/13/2019 u10a1 Hogan

9/34


Milestone: Staffing needs, the UML process flow, and specific

infrastructure needs

Review and finalize the drafted proposal

Milestone: Hold meeting to review and finalize the proposal with the CEO,

CIO, Team Leaders, and any members crucial to the proposed process.

Key Stakeholders

The following table shows the key stakeholders for this proposal. While the CEO and

CIO will be the primary stakeholders, the current IT Team Leader will receive daily reports on

the status of the business architecture proposal.

Position Level

of

Interest

Level of

Influence

CEO High High

CIO High High

HR Team

Leader

High High

IT Team Leader High High

Marketing/Sales

Team Leader

Low Low

End User High High

Table 1-Key Stakeholders

Requirements

This section will document the core system requirements. These are divided by level

first, and then by system if needed. In developing these requirements, actual contracts from

8/13/2019 u10a1 Hogan

10/34


other vendors have been evaluated. The following requirements have been identified (Core

System Engineering Team 13 Jun 2011)

Data

o The data requirements define where the data is stored within the core system

Performance

o The quantifiable specifications of the core system

Functionality

o Specifically, what the core system will be doing

Non-Functionality

o The items relating to items not directly involved with operation of the core

system.

Limitations

o Items that the core system are not capable of

The information obtained throughout this process must be kept confidential. Employee

and patient sensitive information will be used in every record, and therefore, must have a senior

IT member with each transaction of data until the data is securely transferred onto the new

servers.

Table 2- Site Identification

Site ID Date Type Description Source of

Information

Locations # of

users

Priority

H1 Within 2

weeks

Hospital Raleigh 1 IT staff,

CEO, CIO

Corporate

offices,

Administration,

2000 1

8/13/2019 u10a1 Hogan

11/34


Treating,

Outpatient

H2 Within 4

weeks

Hospital Raleigh 2 IT staff,

CEO, CIO

Administration,

Treating,

Outpatient

2000 2

H3 Within 6

weeks

Hospital Durham 1 IT staff,

CEO, CIO

Administration,

Treating,

Outpatient

2000 3

H4 Within 8

weeks

Hospital Cary 2 IT staff,

CEO, CIO

Administration,

Treating,

Outpatient

2000 4

C1 Within 12

weeks

Clinic Raleigh 3 IT staff,

Clinic Staff

Outpatient,

Administration

100 5

C2 Within 14

weeks

Clinic Pittsboro 1 IT staff,

Clinic Staff

Outpatient,

Administration

100 6

C3 Within 18

weeks

Clinic Cary 3 IT staff,

Clinic Staff

Outpatient,

Administration

100 7

C4 Within 20

weeks

Clinic Durham 2 IT staff,

Clinic Staff

Outpatient,

Administration

100 8

C5 Within 22

weeks

Clinic Apex 1 IT staff,

Clinic Staff

Outpatient,

Administration

100 9

C6 Within 12

weeks

Clinic Morrisville

1

IT staff,

Clinic Staff

Outpatient,

Administration

100 10

C7 Within 14 Clinic Garner 1 IT staff, Outpatient, 100 11

8/13/2019 u10a1 Hogan

12/34


weeks Clinic Staff Administration

C8 Within 16

weeks

Clinic Clayton 1 IT staff,

Clinic Staff

Outpatient,

Administration

100 12

C9 Within 18

weeks

Clinic Wake

Forest 1

IT staff,

Clinic Staff

Outpatient,

Administration

100 13

C10 Within 20

weeks

Clinic Zebulon 1 IT staff,

Clinic Staff

Outpatient,

Administration

100 14

R1 Within 24

weeks

Research

Facility

Raleigh 4 It Staff,

Research

Staff,

CEO, CIO

Administration,

Research

facilities

35 15

Business Architecture Design

The specific success conditions that Happy Health Systems have provided will

include multiple steps and processes. These processes will be outlined in a top-down view

including; network topology, device selection, placement and protocol, and implementation. It is

critical that the needs outlined be met for Happy Health Systems to continue to grow.

Hospital Network Topology

The following diagram shows that it will take 7 routers, with 15 hubs per router, to

accomplish the task of over 1000 users per hospital. Though the diagram is self-explanatory, it

does bear repeating that there will need to be a firewall at the source, and that the source

modem must be able to handle the capacity we are going to need from it. Because of the

availability of high-speed internet in this area, requesting a gigabit router would not be out of the

question. If this could not be accomplished, each router would need its own feed of at least 10

mbps up, 30 mbps down to accomplish the task. Please note that even at this low speed, the

8/13/2019 u10a1 Hogan

13/34


WAN that will be created will be taxed heavily, and that the gigabit modem is certainly the

preferred method given its superior speed and ability to give each router full bandwidth needs

on demand.

AzureCloud

Modem

Symbol Count Descript ion

1

3

9

1

7

3

15

Modem

Wireless

access point

Comm-link

Firewall

Router

Ethernet

Hub

Legend Subtitle

Legend

1 Cloud

Firewall

Router

Hub

Wireless

AccessPoint

Hub

Hub

Hub

Hub

Cat 5Eor Greater

Cat 5E

or Greater

Cat 5Eor Greater

Cat 5Eor Greater

Cat 5Eor Greater

Wireless

Access

Point

Hub

Hub

Hub

Hub

Hub

Cat 5Eor Greater

Cat 5Eor Greater

Cat 5Eor Greater

Cat 5E

or Greater

Cat 5Eor Greater

Wireless

Access

Point

Hub

Hub

Hub

Hub

Hub

Cat 5E

or Greater

Cat 5Eor Greater

Cat 5Eor Greater

Cat 5Eor Greater

Cat 5Eor Greater

Router Router Router Router Router

Each router will have the following configuration:

Route

Figure 2-Hospital Backbone Map

Since there will be 7 routers, each must have a range of IP addresses to utilize.

Reserving some of the addresses at the beginning and end for possible expansion, and for

maintenance, the following schema can be developed:

8/13/2019 u10a1 Hogan

14/34


Router will issue NAT for 192.168.10.0-192.168.44.255







Router 1

Router 2

Router 3

Router 4

Router 7

Router 5

Router 6

Figure 3- Routing Table for Hospital

8/13/2019 u10a1 Hogan

15/34


Each of the routers will then distribute the WAN to 12 port hubs, which will distribute as below:

Symbol Count Description

1

1

10

1

Hub

Multi-function

device

Terminal

Ethernet

Hospital Hub Layout

Legend

10

Hub

Multifunctional

Printer

Dell Terminal

Dell Terminal

Dell Terminal

Dell Terminal

Dell Terminal

Dell Terminal

Dell Terminal

Dell Terminal

Dell Terminal

Dell Terminal

User

User

User

User

User

User

User

UserUser

User

This is Bob. He likes to standon his computer

Figure 4-Hospital Ethernet to User

8/13/2019 u10a1 Hogan

16/34


Clinic and Research Facility Network Architecture Topography

Unlike the Hospital Network Architecture, the Clinic and Research Facilities dont require

a gigabit modem. A standard high-speed modem with 35 mbps down and 5 mbps up is

standard in these areas, and should work wonderfully. There is no need to route the IP

addresses beyond the standard 192.168.0.0-192.168.255.255 because there will not be that

many users involved here. As before, a firewall will prevent unauthorized intrusions, and using

the terminals will prevent unauthorized use by employees.

AzureCloud

ModemSymbol Count Descript ion

1

1

3

1

1

1

5

Modem

Wireless

access point

Comm-link

Firewall

Router

Ethernet

Hub

Legend Subtitle

Legend

1 Cloud

Wireless

Access

Point

Firewall

Router

Hub

Hub

Hub

Hub

Hub

Cat 5Eor Greater

Cat 5Eor Greater

Cat 5Eor Greater

Cat 5Eor Greater

Cat 5Eor Greater

Clinic Layout

Figure 5- Backbone to Hub Distribution

Information will travel both ways, utilizing the firewall as our safety net, and Azure as our last

effort if anything were to be compromised. Since there is no data stored on-site, the data would

be much harder to access than normal servers, though again- not impossible. Since users in

these areas would have to gain a login, and with the login passwords changing monthly, the

access is automatically lessened. In both the Hospital and the Clinic hub diagrams, a

multifunctional printer is available. Should there be a need for more printers, 2 additional ports

remain on each hub to connect them.

8/13/2019 u10a1 Hogan

17/34



1

1

10

1

Hub

Multi-function

device

Terminal

Ethernet

Hospital Hub Layout

Legend

10

Hub

MultifunctionalPrinter

Dell Terminal

Dell Terminal

Dell Terminal

Dell Terminal

Dell Terminal

Dell Terminal

Dell Terminal

Dell Terminal

Dell Terminal

Dell Terminal

User

User

User

User

User

User

User

UserUser

User

This is Bob. He likes to standon his computer

Figure 6- Hub to Workspace Layout

DNS Naming Conventions

DNS, or the Domain Name System, helps us get connected to computers by using

names. For instance, going to Google.com in your web browser takes you to the Google home

page, but it is actually redirecting you to an IP address that Google has assigned to the name.

While this may not seem important to a network such as ours, its functionality will be key. Using

DNS name resolution, our system will know how to assign IP addresses based on their location

8/13/2019 u10a1 Hogan

18/34


within our system. Since we are going to have 7 routers at the hospital level, assigning groups

of IP addresses (as discussed earlier) to certain areas or floors will be necessary.








ER

Non EmergentFloors

Billing

Outpatient Clinics

NonessentialFunctions

OR

ICU/ CICU/ NICU/PACU

Figure 7- NAT Addressing for Hospital

As you can see, each router uses a block of IP addresses. Since the hospitals all

operate in similar manners, the emergent and critical areas will all have their own IP block from

which to be addressed. This will not be accessible from any unknown external sources, as the

Firewall we put in place will stop any potential intrusion. Naming in this way also allows us to

isolate any potential problems quickly, and be able to communicate with on-site staff in a more

friendly, non-technology laden conversation.

WINS Naming Conventions

8/13/2019 u10a1 Hogan

19/34


WINS, or Windows Internet Naming Service, is a system that determines the IP address

associated with a specific computer on a network. Further, it is a database that recognizes

names of computers, and assigns them with a given IP address in a network.(Technet n.d.) For

example, a computer named Research and Development and Julies Computer both request

an IP address from the WINS server. The WINS server then looks up each and assigns them

the specified IP address, or uses Dynamic Host Configuration Protocol to assign an IP from a

bank of unused IP addresses.

Raleigh 1 Raleigh 2 Durham 1 Cary 1

MS Exchange Server

Primary Data Server Cluster

(Details on Figure 1-2)

Zebulon 1 Raleigh 3

Pittsboro 1

Cary 3 Durham 2

Morrisville 1 Garner 1 Clayton 1 Wake Forest 1

Raleigh 4

MS Office Server

PeopleSoft ERT Server

EMR System

Apex 1

Figure 8-Site Map

8/13/2019 u10a1 Hogan

20/34


Because of the breadth of the scope of computers we are connecting, it would be

wise to assign naming conventions to assigned spaces. This convention will be the building

types letter (H for hospital, C for clinic and R for Research and Development), The Location

according to Fig 1, the physical floor number, suite, and wall jack plate number. This will then

give the WINS the precise locations that need an IP address, as well as giving the service

technicians an exact location, should there be a need for maintenance. The table below

outlines some examples of this naming convention:

Table 3- Site Naming Conventions

Building Location

(3Char)

Floor # Suite # Wall

Plate #

WINS Name

Hospital RA1 1 1000 1 H_RA1_1_1000_1

Hospital DU1 4 4321 64 H_DU1_4_4321_64

Clinic RA3 1 1432 12 C_RA3_1_1432_12

Clinic MO1 17 1749 6 C_MO1_17_1749_6

Research And

Development

RA4 6 90 14 R_RA4_6_90_14

As mentioned before, the computers used in each setting will be using DHCP. Each computer

will be assigned, according to their grouping in the table below, a unique IP address. This

address will be leased to the computer for 24 hours, minimizing the possibility of intrusion, and

allowing for computers to receive any updates through re-joining the network.

While this addresses the hospital functions, it does not directly address the clinical or research

DHCP. They shall be named as follows:

8/13/2019 u10a1 Hogan

21/34









Front Desk

Procedure Rooms

Billing

Records Room

Nonessential

Functions

Reserved forExpansion

Towed Patients

Figure 9- Clinic NAT Addressing

Since both the Clinics and the Research facility will have the functions above, they can share

the same addressing protocols. Unlike the Hospitals, these facilities will have a 48 hour lease

time, which will allow for the system to update appropriately, and minimize intrusion. The

reason for not renewing the lease more often is to allow the hospitals time to employ updates to

the NOS or for routine maintenance with minimal interruption to any of the facilities.

Network Management Technique

To determine the appropriate network management technique, we must review the structure of

the network we plan to have in place.

8/13/2019 u10a1 Hogan

22/34


AzureCloud

Modem


1

3

9

1

7

3

15

Modem

Wireless

access point

Comm-link

Firewall

Router

Ethernet

Hub

Legend Subtitle

Legend

1 Cloud

Firewall

Router

Hub

Wireless

Access

Point

Hub

Hub

Hub

Hub

Cat 5Eor Greater

Cat 5Eor Greater

Cat 5Eor Greater

Cat 5Eor Greater

Cat 5Eor Greater

Wireless

Access

Point

Hub

Hub

Hub

Hub

Hub

Cat 5Eor Greater

Cat 5Eor Greater

Cat 5Eor Greater

Cat 5Eor Greater

Cat 5E

or Greater

Wireless

Access

Point

Hub

Hub

Hub

Hub

Hub

Cat 5Eor Greater

Cat 5E

or Greater

Cat 5Eor Greater

Cat 5Eor Greater

Cat 5Eor Greater

Router Router Router Router Router

Each router will have the following configuration:

Router

Figure 10- Network Backbone

Unlike most plans, we intend to use off-site servers to host the data, including programmatic

access. The methodology we used to arrive at the following Network Administration model was

based off of Ciscos ISO Network Management Profile. (Cisco)

8/13/2019 u10a1 Hogan

23/34


Windows Azure Server

Fault ManagementConfiguration Management Performance Management

Accounting Management

Log files

Figure 11- FCAPS Diagram

As you can see from the above, we have implemented a FCAPS approach.

Fault

o We have assigned a specific server to detect fault, isolate its cause, notify the

appropriate team for fault resolution, and finally to correct those faults.

o All actions from this server will be logged to the Log File Server.

Configuration Management

8/13/2019 u10a1 Hogan

24/34


o In addition to rolling out updates to workstations as needed, the configuration

server will also house the configuration files for same and maintain inventory of

NA related items.


Accounting Management

o This server will poll the log files for connection times, usage statistics, and lease

expirations.


Performance Management

o This server will measure performance overall for the network, and will ensure that

it remains at an acceptable level.


Security Management

o As you can see, there is no specific server dedicated to security. This is because

Microsoft Windows Azure provides security management as part of their service.

There would be no need to dedicate further servers to this cause.

o All potential security threats or intrusions will be logged by Windows Azure, and

will be published to the Log File Server.

In addition to the techniques addressed above, the cloud server will also assist the

routers with network traffic management. While the routers will be in direct control through

DHCP and a Firewall, the cloud will be able to annotate any and all calls to operate outside of

the parameters already established. An example would be someone attempting to access their

personal Facebook account. This is clearly outside of the networks intended function. The

access would be blocked through the Firewall, but the Azure server would also log that attempt.

8/13/2019 u10a1 Hogan

25/34


Repeated attempts to circumvent the established acceptable usage would trigger an alert to the

appropriate personnel for follow up action.

8/13/2019 u10a1 Hogan

26/34


Performance Management

To develop a cohesive strategy for addressing the performance of the network, the

following items need to be addressed:

Determining the specific data to collect

Interpreting that data

Disseminating and presenting that data

Windows Azure will work as the data collection service, once we outfit it with the specific

data we want. As mentioned before, we want all data traffic logged. This would normally be a

large item, but the Azure servers are more than capable of collecting that data. The data

though, is not in a vacuum. We must interpret it appropriately and that will require periodic

review. To ensure thoroughness, we will review the traffic logs once a week for anomalies.

Every quarter, we will delve deeper into what exactly is being transmitted, and will create a

repository for old logs that have been reviewed. This will also eliminate stress on the server by

not having years worth of log files active.

Each quarter, after the internal audit is complete, the engineers who have reviewed the

data will disseminate that information to the entire IT team, to include the CIO. This will ensure

that every person is aware of the performance of the network, and has an opportunity to

address any concerns they may have.

Security Management

Because there is no specific server dedicated to security, there is a belief that the server is less

secure. To address this specifically, we must address the following:

o Is there potential for threat?

o If so, does the potential come from external factors or internal factors?

o How will threat be mitigated?

o What happens when there is a verified breach?

8/13/2019 u10a1 Hogan

27/34


There is always a potential for threat to any system. Because our system is closed to

general internet usage, the threat is greatly minimized. The greatest threat to this system is

users attempting to circumvent the procedures and policies in place. While using the internet at

work may seem like a right, it is an unacceptable risk to patient privacy laws, and to the data we

will be storing for years to come.

If there is an unauthorized breach onto the internet through sites like Facebook,

Twitter, etc., the leadership will be required to take either remedial or punitive action. There is

little danger outside of circumvention, as the passwords used will be refreshed at regular

intervals (as previously noted), and again, the server is located off site, with Windows Azure

monitoring the data stream. Should there be an intentional attack on the data, the appropriate

law enforcement authorities will be notified.

Ethical Responsibilities of the IT Professional

An ethical IT professional shall:

Safeguard the identities of clients barring any law that forbids them from doing so.

This tenant of holding information as a sacred trust is not new. The Information Systems Audit

and Control Association, or ISACA, has in its code of ethics that an IT professional should

maintain the privacy and confidentiality of information obtained in the course of their activities

unless disclosure is required by legal authority.(ISACA n.d.) Naturally the intent is to maintain

anonymity and confidentiality of the users and employers of the IT professional, however there

needed to be a definitive line where the ethics must give way to established law. This is in

keeping with a culture of anonymity, as well as ensuring that a computerized invasion of privacy

remains a low threat from within the IT community.

Not use technology in an inappropriate manner or to do harm.

Harming others, such as destroying their physical belongs, is equally as destructive as if it

were to happen to digital belongings (Xanatomy) While this precept is defined under

8/13/2019 u10a1 Hogan

28/34


professional ethics, there are special circumstances that allow an IT professional greater access

to instruments of harm. Though an IT professional does not literally deal in life and death

scenarios like a doctor, they still must do good or do no harm.(Hippocrates 400 B.C) This is

clearly in line with the tenant of non-malfeasance.

Maintain strict confidentiality of personal and company information entrusted to them.

As discussed previously, the care of information is paramount to the IT profession as a

whole. As with the Hippocratic book, Epidemics, the IT professional signs an unwritten contract

with the user or company that he or she will do everything within their power to ensure

information is not only secure, but that there is a proactive approach to evaluating future threats

and possible intrusions. An IT professional must hold this duty to safeguard as they would hold

any idea to be sacred. As soon as the agreement is made, the IT professional owns the

information and must treat it accordingly.

Not access any information or resources without specific authorization.

Here again, modern medicine can play a role in helping define the ethics of the IT

professional. Borrowing from the HIPAA Act, an entity is permitted or required by the

rules to use or disclose protected health information without an individuals written

authorization. (Federal Register Vol. 65Dec. 2000) Clearly the idea of protecting information is

paramount in healthcare, and with the increase in utilizing IT in that field, there is doubly a need

to safeguard information.

High Level Technology Architecture

There are three main areas in which the technology architecture will be most affected;

the infrastructure requirements, the transmission of data and hardware specific requirements.

Infrastructure Requirements

The business architecture that has been proposed includes the need for multiple

persistent internet connections. Because of this, and the need for security, Windows Azure

8/13/2019 u10a1 Hogan

29/34


servers are the best solution for data management. With relatively low overhead and the

lowered need of staff to maintain servers and specific data points, the Windows Azure line of

data services offers the most support affordable. This data solution best fits our needs without

having to train and hire many staff members.

Transmission of Data

The primary focus of our transmission should be security. Because the servers are

housed off-site, there is a lesser chance of internal liability as well as a lessened chance of

internal security breaches. Windows Azure has multiple pricing plans, but their premium

database allows us the flexibility we would need for rapid deployment. This plan, if acted on

promptly, would also allow for a 50% reduction in cost, as part of the preview that Microsoft is

offering. (Windows Azure 2013) Azure offers two different types of storage, and the Locally

Redundant storage would fit Happy Healths need. This reflects a total cost of $0.007 per GB

per month.(Windows Azure2013) scalable.

Table 4- Azure Price Listing

STORAGE CAPACITY GEOGRAPHICALLY REDUNDANT LOCALLYREDUNDANT

First 1 TB1/ Month $0.095 per GB $0.07 per GB

Next 49 TB / Month $0.08 per GB $0.065 per GB



Next 4,000 TB / Month $0.06 per GB $0.045 per GB

Next 4,000 TB / Month $0.055 per GB $0.037 per GB

Over 9,000 TB / MonthContact us Contact us
mailto:[email protected]:[email protected]:[email protected]:[email protected]

8/13/2019 u10a1 Hogan

30/34


* Based on 744 hours per month

1 1 TB = 1,024 GB.

Hospital

Clinic

Research Facility

MS Office Suite

EMR Server

PeopleSoft ERT

Image Server

Print Server

MS Exchange Server

Figure 12-Data Process UML

Hardware Specific Requirements

Because of the number of different systems in place, and the inadequate control

measures this presents, equipping every user base with similar workstations would be key.

Because of the nature of technology, it would be in Happy Health Systems best interest to

invest in workstations that will be scalable. The Intel Core i5 processor, while fast and

8/13/2019 u10a1 Hogan

31/34


moderately expensive, allows for expanding network to include future programs. The i5 is also

the mid-grade of current Intel Chips. There should not be a great need for memory above 4GB,

and since RAM is easily replaced, is adequate for future endeavors. Choosing a small form

factor will allow for ease of use, and not having it get in the way when navigating to patients.

There should be no need for a physical storage drive on these workstations, and the use of USB

devices should be restricted to ensure appropriate security. With Windows Azure using

Windows Server 2012 R2, workstations will be able to utilize Windows 7. While Happy Health

has requested that SpyBot be installed on each station, this is ill advised and duplicative.

Symantec offers Symantec cloud (Symantec.com 2013) which prevents any intrusion via

email, cloud, or unforeseen attack. Since the workstations will not have a physical drive to

install to, there is no need to protect the workstations from attack. A preliminary search of such

devices costs out at anywhere from $700-$850. (dell.com 2013) While this seems like a large

amount, purchasing in bulk, and for healthcare uses, will undoubtedly ensure a price break. In

addition to the workstations, the existing cabling of Cat5e would need to be inspected for

adequate throughput.

HIPAA Compliance

Ensuring privacy is paramount in this endeavor. To ensure HIPAA regulations are met,

the following review of systems must be done: (Milne, Michael)

Physical Security

o Can the data be physically be stolen?

User Security

o Is it easy to log in without a password?

o Is the data secure from guest accounts?

System Security

o What happens if there is an intrusion?

o What happens if there is a hardware failure?

8/13/2019 u10a1 Hogan

32/34


Network Security

o Can people not in the system access the data?

o Are there open ports?

The answers are fairly straightforward when dealing with a cloud structure. The data can

be physically stolen, but the likelihood of that happening is very low. A thief would have to know

which server housed the data, would have to gain entry into the Azure server locale, and be

able to physically access that server and steal the data. Given Microsofts history of having

secure and anonymous servers, this is an unlikely event. Using secure password authentication

will make entry into the server more difficult. Enabling a 60 day password change will assist in

regulating stolen passwords, forgotten passwords, and common passwords. This level of

security also denies the use of guest accounts. Should there be an intrusion, the Windows

Azure team will be able to assist us in the corrective action needed. As an added security, the

Professional Direct (Windows Azure) support feature of Azure includes a

8/13/2019 u10a1 Hogan

33/34


References

Brain, Marshall and Crawford, Stephanie. (n.d.)How Domain Name Servers Work. How Stuff

Works. Retrieved fromhttp://www.howstuffworks.com/dns.htm

Cisco (n.d.)Network Management System: Best Practices White Paper.Retrieved fromhttp://www.cisco.com/en/US/tech/tk869/tk769/technologies_white_paper09186a00800ae

a9c.shtml

Core System Engineering Team (13 Jun 2011) Core System Requirements Specification (SyRS).

Intelligent Transportation Systems Joint Program Office. Retrieved from

http://www.its.dot.gov/meetings/pdf/CoreSystem_SE_SyRS_RevA%20(2011-06-13).pdf

Dell.com (2013) Retrieved from

http://www.dell.com/us/business/p/desktops-n-

workstations.aspx?c=us&cs=04&l=en&s=bsd&ST=%20computer%20%20workstations

&dgc=ST&cid=265771&lid=4835267&acd=12309152537461020#!tabId=9A5EF418&f

acets=116823~0~3611731,51795~0~11401827&p=1

Federal Register Vol. 65 (Dec. 28,2000) Retrieved from

http://www.hhs.gov/ocr/privacy/hipaa/administrative/privacyrule/prdecember2000all8par

ts.pdf

US Departments of Health and Human Services (n.d.) Retrieved from

http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/index.html

Hippocrates (400 BC) Of The Epidemics. Retrieved fromhttp://www.grtbooks.com/exitfram.asp?idx=0&yr=-

460&aa=HI&at=AA&ref=hippocrates&URL=http://classics.mit.edu/Hippocrates/epidem

ics.html

ISACA(n.d.) Code of Professional Ethics. Retrieved from

http://www.isaca.org/Certification/Code-of-Professional-Ethics/Pages/default.aspx
http://www.howstuffworks.com/dns.htmhttp://www.howstuffworks.com/dns.htmhttp://www.howstuffworks.com/dns.htmhttp://ttp//www.cisco.com/en/US/tech/tk869/tk769/technologies_white_paper09186a00800aea9c.http://ttp//www.cisco.com/en/US/tech/tk869/tk769/technologies_white_paper09186a00800aea9c.http://ttp//www.cisco.com/en/US/tech/tk869/tk769/technologies_white_paper09186a00800aea9c.http://ttp//www.cisco.com/en/US/tech/tk869/tk769/technologies_white_paper09186a00800aea9c.http://www.its.dot.gov/meetings/pdf/CoreSystem_SE_SyRS_RevA%20(2011-06-13).pdfhttp://www.its.dot.gov/meetings/pdf/CoreSystem_SE_SyRS_RevA%20(2011-06-13).pdfhttp://www.dell.com/us/business/p/desktops-n-workstations.aspx?c=us&cs=04&l=en&s=bsd&ST=%20computer%20%20workstations&dgc=ST&cid=265771&lid=4835267&acd=12309152537461020#!tabId=9A5EF418&facets=116823~0~3611731,51795~0~11401827&p=1http://www.dell.com/us/business/p/desktops-n-workstations.aspx?c=us&cs=04&l=en&s=bsd&ST=%20computer%20%20workstations&dgc=ST&cid=265771&lid=4835267&acd=12309152537461020#!tabId=9A5EF418&facets=116823~0~3611731,51795~0~11401827&p=1http://www.dell.com/us/business/p/desktops-n-workstations.aspx?c=us&cs=04&l=en&s=bsd&ST=%20computer%20%20workstations&dgc=ST&cid=265771&lid=4835267&acd=12309152537461020#!tabId=9A5EF418&facets=116823~0~3611731,51795~0~11401827&p=1http://www.dell.com/us/business/p/desktops-n-workstations.aspx?c=us&cs=04&l=en&s=bsd&ST=%20computer%20%20workstations&dgc=ST&cid=265771&lid=4835267&acd=12309152537461020#!tabId=9A5EF418&facets=116823~0~3611731,51795~0~11401827&p=1http://www.dell.com/us/business/p/desktops-n-workstations.aspx?c=us&cs=04&l=en&s=bsd&ST=%20computer%20%20workstations&dgc=ST&cid=265771&lid=4835267&acd=12309152537461020#!tabId=9A5EF418&facets=116823~0~3611731,51795~0~11401827&p=1http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/index.htmlhttp://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/index.htmlhttp://ttp//www.grtbooks.com/exitfram.asp?idx=0&yr=-4http://ttp//www.grtbooks.com/exitfram.asp?idx=0&yr=-4http://ttp//www.grtbooks.com/exitfram.asp?idx=0&yr=-4http://ttp//www.grtbooks.com/exitfram.asp?idx=0&yr=-4http://ttp//www.grtbooks.com/exitfram.asp?idx=0&yr=-4http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/index.htmlhttp://www.dell.com/us/business/p/desktops-n-workstations.aspx?c=us&cs=04&l=en&s=bsd&ST=%20computer%20%20workstations&dgc=ST&cid=265771&lid=4835267&acd=12309152537461020#!tabId=9A5EF418&facets=116823~0~3611731,51795~0~11401827&p=1http://www.dell.com/us/business/p/desktops-n-workstations.aspx?c=us&cs=04&l=en&s=bsd&ST=%20computer%20%20workstations&dgc=ST&cid=265771&lid=4835267&acd=12309152537461020#!tabId=9A5EF418&facets=116823~0~3611731,51795~0~11401827&p=1http://www.dell.com/us/business/p/desktops-n-workstations.aspx?c=us&cs=04&l=en&s=bsd&ST=%20computer%20%20workstations&dgc=ST&cid=265771&lid=4835267&acd=12309152537461020#!tabId=9A5EF418&facets=116823~0~3611731,51795~0~11401827&p=1http://www.dell.com/us/business/p/desktops-n-workstations.aspx?c=us&cs=04&l=en&s=bsd&ST=%20computer%20%20workstations&dgc=ST&cid=265771&lid=4835267&acd=12309152537461020#!tabId=9A5EF418&facets=116823~0~3611731,51795~0~11401827&p=1http://www.its.dot.gov/meetings/pdf/CoreSystem_SE_SyRS_RevA%20(2011-06-13).pdfhttp://ttp//www.cisco.com/en/US/tech/tk869/tk769/technologies_white_paper09186a00800aea9c.http://ttp//www.cisco.com/en/US/tech/tk869/tk769/technologies_white_paper09186a00800aea9c.http://www.howstuffworks.com/dns.htm

8/13/2019 u10a1 Hogan

34/34


Milne, Michael (10 Mar 2006)HIPAA in a Nutshell Guidelines for EMR and Paper Medical

Records Compliance. Ezine Articles. Retrieved from

http://ezinearticles.com/?HIPAA-in-a-Nutshell---Guidelines-for-EMR-and-Paper-

Medical-Records-Compliance&id=156737

Sessions, Roger. (May 2007)A Comparison of the Top Four Enterprise-Architecture

Methodologies. ObjectWatch, Inc. Retrieved from

http://msdn.microsoft.com/en-us/library/bb466232.aspx#eacompar_topic8

Symantec.com (2013) Retrieved from

http://www.symantec.com/products-solutions/families/?fid=symantec-cloud

TechNet (n.d.) What is WINS?Retrieved from

http://technet.microsoft.com/en-us/library/cc784180(WS.10).aspx

WebNMS.com (n.d.) 5.22 Introduction to Performance Management. Retrieved from

http://www.webnms.com/webnms/help/developer_guide/performance_management/perf_

overview.html

Windows Azure (n.d.) Retrieved from

http://www.windowsazure.com/en-us/pricing/details/storage/

Retrieved fromhttp://www.windowsazure.com/en-us/pricing/details/sql-

database/#service-premium

Azure Support Features.Retrieved from

http://www.windowsazure.com/en-us/support/plans/
http://ezinearticles.com/?HIPAA-in-a-Nutshell---Guidelines-for-EMR-and-Paper-http://www.symantec.com/products-solutions/families/?fid=symantec-cloudhttp://technet.microsoft.com/en-us/library/cc784180(WS.10).aspxhttp://technet.microsoft.com/en-us/library/cc784180(WS.10).aspxhttp://www.webnms.com/webnms/help/developer_guide/performance_management/perf_overview.htmlhttp://www.webnms.com/webnms/help/developer_guide/performance_management/perf_overview.htmlhttp://www.webnms.com/webnms/help/developer_guide/performance_management/perf_overview.htmlhttp://www.windowsazure.com/en-us/pricing/details/storage/http://www.windowsazure.com/en-us/pricing/details/storage/http://www.windowsazure.com/en-us/pricing/details/sql-http://www.windowsazure.com/en-us/pricing/details/sql-http://www.windowsazure.com/en-us/pricing/details/sql-http://www.windowsazure.com/en-us/support/plans/http://www.windowsazure.com/en-us/support/plans/http://www.windowsazure.com/en-us/support/plans/http://www.windowsazure.com/en-us/pricing/details/sql-http://www.windowsazure.com/en-us/pricing/details/storage/http://www.webnms.com/webnms/help/developer_guide/performance_management/perf_overview.htmlhttp://www.webnms.com/webnms/help/developer_guide/performance_management/perf_overview.htmlhttp://technet.microsoft.com/en-us/library/cc784180(WS.10).aspxhttp://www.symantec.com/products-solutions/families/?fid=symantec-cloudhttp://ezinearticles.com/?HIPAA-in-a-Nutshell---Guidelines-for-EMR-and-Paper-

u10a1 hogan

Documents