U10a1 Hogan

HAPPY HEALTH SYSTEMS
Proposal for Happy Health Systems Gray Hogan IT3350
417 Hudson Woods Road Pittsboro, NC 27312 919.619.9808 GrayHogan@gmail.com Instructor: Professor Steve Klingaman

Executive Summary
This proposal will suggest, analyze, and recommend solutions for Happy Health Systems. using the Gartner method of ensuring deliverables are met in five areas; measurable, actionable, diagnostic, enabling and operational. (Sessions 2007) The proposal will define the scope and impact of implementing an electronic medical record (EMR) system, specific security software, Microsoft Exchange e-mail, and Microsoft Office Suite for each of the 2000 users throughout the hospital. Specific modules of this project will include, but are not limited to; patient privacy issues, scalability, legal ramifications, and topology selection.

Table of Contents
Proposal for Happy Health Systems ....................................................................................................... 1 Executive Summary ................................................................................................................................... 2 Table of Contents ....................................................................................................................................... 3 List of Figures ............................................................................................................................................. 5 List of Tables, Graphs, and Diagrams .................................................................................................... 6 Proposal for Happy Health Systems ....................................................................................................... 7 Approach ................................................................................................................................................. 8 Key Stakeholders ................................................................................................................................... 9 Requirements.......................................................................................................................................... 9 Business Architecture Design ............................................................................................................ 12 Hospital Network Topology ................................................................................................................. 12 Clinic and Research Facility Network Architecture Topography ................................................... 16 DNS Naming Conventions .................................................................................................................. 17 WINS Naming Conventions ................................................................................................................ 18 Network Management Technique ...................................................................................................... 21 Fault............................................................................................................................................ 23 Configuration Management .................................................................................................... 23 Accounting Management ........................................................................................................ 24 Performance Management ..................................................................................................... 24 Security Management .............................................................................................................. 24
Performance Management ................................................................................................................. 26 Security Management.......................................................................................................................... 26 Ethical Responsibilities of the IT Professional ................................................................................. 27 Safeguard the identities of clients barring any law that forbids them from doing so. .... 27 Not use technology in an inappropriate manner or to do harm. ........................................ 27 Maintain strict confidentiality of personal and company information entrusted to them. 28 Not access any information or resources without specific authorization. ........................ 28
High Level Technology Architecture.................................................................................................. 28
Infrastructure Requirements ........................................................................................................... 28 Transmission of Data ....................................................................................................................... 29 Hardware Specific Requirements .................................................................................................. 30 HIPAA Compliance .............................................................................................................................. 31 References .................................................................................................................................................. 33
List of Figures FIGURE 1-OVERVIEW OF PROPOSED SYSTEM ..............................................................................................7 FIGURE 2-HOSPITAL BACKBONE MAP .............................................................................................................13 FIGURE 3- ROUTING TABLE FOR HOSPITAL ..................................................................................................14 FIGURE 4-HOSPITAL ETHERNET TO USER ....................................................................................................15 FIGURE 5- BACKBONE TO HUB DISTRIBUTION .............................................................................................16 FIGURE 6- HUB TO WORKSPACE LAYOUT .....................................................................................................17 FIGURE 7- NAT ADDRESSING FOR HOSPITAL ...............................................................................................18 FIGURE 8-SITE MAP ...............................................................................................................................................19 FIGURE 9- CLINIC NAT ADDRESSING ...............................................................................................................21 FIGURE 10- NETWORK BACKBONE...................................................................................................................22 FIGURE 11- FCAPS DIAGRAM .............................................................................................................................23 FIGURE 12-DATA PROCESS UML.......................................................................................................................30

List of Tables, Graphs, and Diagrams
TABLE 1-KEY STAKEHOLDERS ............................................................................................................................9 TABLE 2- SITE IDENTIFICATION .........................................................................................................................10 TABLE 3- SITE NAMING CONVENTIONS ...........................................................................................................20 TABLE 5- AZURE PRICE LISTING .......................................................................................................................29

Proposal for Happy Health Systems Happy Health Systems consists of four hospitals, ten clinics, a research facility, and a
physicians practice that manages itself. They have a need to update its antiquated and varying system with a unified EMR system, allowing their over 9000 users to access the system and interact as their specific location requires. In addition to the EMR, each user must be able to utilize a unique MS Exchange e-mail address, the MS Office suite, PeopleSoft ERP, Symantec Security Suite, and Spybot Search and Destroy. While Happy Health desires Spybot Search and Destroy, this proposal will outline why that would be duplicative.
Raleigh 1
Raleigh 2
Durham 1
Cary 1 MS Exchange Server
Primary Data Server Cluster (Details on Figure 1-2) Zebulon 1 Raleigh 3 Cary 3 Durham 2
Apex 1
Morrisville 1
Garner 1
Clayton 1
Wake Forest 1
Pittsboro 1
MS Office Server
PeopleSoft ERT Server
Raleigh 4
EMR System
Figure 1-Overview of Proposed System

Approach
The CEO and any designees will determine the exact state the business architecture is in and will develop a realistic and measurable goal. Inclusion of State and Federal HIPAA laws are required in this determination. This determination will also be made with the inclusion of all departments that have been deemed essential by the CEO. The determination will be written, and specific recommendations will be made in this proposal. The proposal follows a timeline with specific milestones and goals: Identify and quantify the success condition While the CEO has affirmed certain needs for the company, certain restrictions remain: Budgetary Time Training involved with implementation Maintenance after the fact Milestone: All success conditions gathered, recorded, and approved by the CEO. Review all information The CEO and team leaders will review the current state of the business architecture and infrastructure, and will determine any changes, additions, or subtractions that are required to support the new architecture and the success condition Milestone: A Unified Modeling Language (UML) diagram will be created outlining information flow Draft the preliminary proposal

Milestone: Staffing needs, the UML process flow, and specific infrastructure needs Review and finalize the drafted proposal
Milestone: Hold meeting to review and finalize the proposal with the CEO, CIO, Team Leaders, and any members crucial to the proposed process. Key Stakeholders The following table shows the key stakeholders for this proposal. While the CEO and CIO will be the primary stakeholders, the current IT Team Leader will receive daily reports on the status of the business architecture proposal. Position Level of Interest CEO CIO HR Team Leader IT Team Leader Marketing/Sales Team Leader End User High High High Low High Low High High High High High High Level of Influence
Table 1-Key Stakeholders Requirements This section will document the core system requirements. These are divided by level first, and then by system if needed. In developing these requirements, actual contracts from

other vendors have been evaluated. The following requirements have been identified (Core System Engineering Team 13 Jun 2011) Data o
10
The data requirements define where the data is stored within the core system
Performance o The quantifiable specifications of the core system
Functionality o Specifically, what the core system will be doing
Non-Functionality o The items relating to items not directly involved with operation of the core system. Limitations o Items that the core system are not capable of
The information obtained throughout this process must be kept confidential. Employee and patient sensitive information will be used in every record, and therefore, must have a senior IT member with each transaction of data until the data is securely transferred onto the new servers.
Table 2- Site Identification Site ID Date Type Description Source of Information H1 Within 2 weeks Hospital Raleigh 1 IT staff, CEO, CIO Corporate offices, Administration, Locations # of users 2000 1 Priority

Treating, Outpatient
11
H2
Within 4 weeks
Hospital
Raleigh 2
IT staff, CEO, CIO
Administration, Treating, Outpatient
2000
H3
Within 6 weeks
Hospital
Durham 1
IT staff, CEO, CIO
2000
H4
Within 8 weeks
Hospital
Cary 2
IT staff, CEO, CIO
2000
C1
Within 12 weeks
Clinic
Raleigh 3
IT staff, Clinic Staff
Outpatient, Administration Outpatient, Administration Outpatient, Administration Outpatient, Administration Outpatient, Administration Outpatient, Administration Outpatient,
100
C2
Within 14 weeks
Clinic
Pittsboro 1
100
C3
Within 18 weeks
Clinic
Cary 3
100
C4
Within 20 weeks
Clinic
Durham 2
100
C5
Within 22 weeks
Clinic
Apex 1
100
C6
Within 12 weeks
Clinic
Morrisville 1
IT staff, Clinic Staff IT staff,
100
10
C7
Within 14
Clinic
Garner 1
100
11

weeks C8 Within 16 weeks C9 Within 18 weeks C10 Within 20 weeks R1 Within 24 weeks Research Facility Raleigh 4 Clinic Clinic Wake Forest 1 Zebulon 1 Clinic Clayton 1 Clinic Staff IT staff, Clinic Staff IT staff, Clinic Staff IT staff, Clinic Staff It Staff, Research Staff, CEO, CIO Administration Outpatient, Administration Outpatient, Administration Outpatient, Administration Administration, Research facilities 35 100 100 100
12
12
13
14
15
Business Architecture Design The specific success conditions that Happy Health Systems have provided will include multiple steps and processes. These processes will be outlined in a top-down view including; network topology, device selection, placement and protocol, and implementation. It is critical that the needs outlined be met for Happy Health Systems to continue to grow. Hospital Network Topology The following diagram shows that it will take 7 routers, with 15 hubs per router, to accomplish the task of over 1000 users per hospital. Though the diagram is self-explanatory, it does bear repeating that there will need to be a firewall at the source, and that the source modem must be able to handle the capacity we are going to need from it. Because of the availability of high-speed internet in this area, requesting a gigabit router would not be out of the question. If this could not be accomplished, each router would need its own feed of at least 10 mbps up, 30 mbps down to accomplish the task. Please note that even at this low speed, the

WAN that will be created will be taxed heavily, and that the gigabit modem is certainly the
13
preferred method given its superior speed and ability to give each router full bandwidth needs on demand.
Azure Cloud
Modem Firewall Router Router Router Router Router Router Router
Each router will have the following configuration:

Cat 5E or Greater
Hub
Cat 5E or Greater Cat 5E or Greater
Hub
Cat 5E or Greater
Wireless Access Point
Hub
Hub
Cat 5E or Greater
Hub
Cat 5E or Greater
Hub Legend
Legend Subtitle Symbol Count 1 Description Modem Wireless access point Comm-link Firewall Router Ethernet Hub Cloud
Hub
Cat 5E or Greater
3
9 1 7 3 15 1
Hub
Hub
Hub
Hub
Hub
Cat 5E or Greater
Hub
Hub
Cat 5E or Greater
Hub
Figure 2-Hospital Backbone Map Since there will be 7 routers, each must have a range of IP addresses to utilize. Reserving some of the addresses at the beginning and end for possible expansion, and for maintenance, the following schema can be developed:

Router 1
14
Router will issue NAT for 192.168.10.0-192.168.44.255

Router 2

Router 3

Router 4

Router 5

Router 6

Router 7

Figure 3- Routing Table for Hospital
15
Each of the routers will then distribute the WAN to 12 port hubs, which will distribute as below:
Hub
Legend
Hospital Hub Layout
Multifunctional Printer
Symbol
Count
1 1 10
Description
Hub Multi-function device Terminal
1 10
Ethernet
User
Dell Terminal
User
Dell Terminal
User
Dell Terminal
User
Dell Terminal
User
Dell Terminal
User
Dell Terminal
User
Dell Terminal
This is Bob. He likes to stand on his computer
User
User
Dell Terminal
Dell Terminal
User
Dell Terminal
Figure 4-Hospital Ethernet to User

Clinic and Research Facility Network Architecture Topography
16
Unlike the Hospital Network Architecture, the Clinic and Research Facilities dont require a gigabit modem. A standard high-speed modem with 35 mbps down and 5 mbps up is standard in these areas, and should work wonderfully. There is no need to route the IP addresses beyond the standard 192.168.0.0-192.168.255.255 because there will not be that many users involved here. As before, a firewall will prevent unauthorized intrusions, and using the terminals will prevent unauthorized use by employees.
Azure Cloud
Legend
Modem Router Firewall
Cat 5E or Greater Cat 5E or Greater Cat 5E or Greater Cat 5E or Greater
Legend Subtitle Symbol Count 1 1 3 Description Modem Wireless access point Comm-link
Hub
Hub
Cat 5E or Greater
1
1 1 5 1
Firewall
Router Ethernet Hub Cloud
Hub
Hub
Hub
Clinic Layout
Figure 5- Backbone to Hub Distribution Information will travel both ways, utilizing the firewall as our safety net, and Azure as our last effort if anything were to be compromised. Since there is no data stored on-site, the data would be much harder to access than normal servers, though again- not impossible. Since users in these areas would have to gain a login, and with the login passwords changing monthly, the access is automatically lessened. In both the Hospital and the Clinic hub diagrams, a multifunctional printer is available. Should there be a need for more printers, 2 additional ports remain on each hub to connect them.
17
Hub
Legend
Hospital Hub Layout
Multifunctional Printer
Symbol
Count
1 1 10
Description
Hub Multi-function device Terminal
1 10
Ethernet
User
Dell Terminal
User
Dell Terminal
User
Dell Terminal
User
Dell Terminal
User
Dell Terminal
User
Dell Terminal
User
Dell Terminal
This is Bob. He likes t o stand on his comput er
User
User
Dell Terminal
Dell Terminal
User
Dell Terminal
Figure 6- Hub to Workspace Layout DNS Naming Conventions DNS, or the Domain Name System, helps us get connected to computers by using names. For instance, going to Google.com in your web browser takes you to the Google home page, but it is actually redirecting you to an IP address that Google has assigned to the name. While this may not seem important to a network such as ours, its functionality will be key. Using DNS name resolution, our system will know how to assign IP addresses based on their location
18
within our system. Since we are going to have 7 routers at the hospital level, assigning groups of IP addresses (as discussed earlier) to certain areas or floors will be necessary.
ER

Non Emergent Floors

Billing

Outpatient Clinics

OR

ICU/ CICU/ NICU/ PACU

Nonessential Functions

Figure 7- NAT Addressing for Hospital As you can see, each router uses a block of IP addresses. Since the hospitals all operate in similar manners, the emergent and critical areas will all have their own IP block from which to be addressed. This will not be accessible from any unknown external sources, as the Firewall we put in place will stop any potential intrusion. Naming in this way also allows us to isolate any potential problems quickly, and be able to communicate with on-site staff in a more friendly, non-technology laden conversation. WINS Naming Conventions
19
WINS, or Windows Internet Naming Service, is a system that determines the IP address associated with a specific computer on a network. Further, it is a database that recognizes names of computers, and assigns them with a given IP address in a network.(Technet n.d.) For example, a computer named Research and Development and Julies Computer both request an IP address from the WINS server. The WINS server then looks up each and assigns them the specified IP address, or uses Dynamic Host Configuration Protocol to assign an IP from a bank of unused IP addresses.
Raleigh 1
Raleigh 2
Durham 1
Cary 1 MS Exchange Server
Primary Data Server Cluster (Details on Figure 1-2) Zebulon 1 Raleigh 3 Cary 3 Durham 2
Apex 1
Morrisville 1
Garner 1
Clayton 1
Wake Forest 1
Pittsboro 1
MS Office Server
PeopleSoft ERT Server
Raleigh 4
EMR System
Figure 8-Site Map
20
Because of the breadth of the scope of computers we are connecting, it would be wise to assign naming conventions to assigned spaces. This convention will be the building types letter (H for hospital, C for clinic and R for Research and Development), The Location according to Fig 1, the physical floor number, suite, and wall jack plate number. This will then give the WINS the precise locations that need an IP address, as well as giving the service technicians an exact location, should there be a need for maintenance. The table below outlines some examples of this naming convention:
Table 3- Site Naming Conventions Building Location (3Char) Hospital Hospital Clinic Clinic Research And Development RA1 DU1 RA3 MO1 RA4 1 4 1 17 6 1000 4321 1432 1749 90 Floor # Suite # Wall Plate # 1 64 12 6 14 H_RA1_1_1000_1 H_DU1_4_4321_64 C_RA3_1_1432_12 C_MO1_17_1749_6 R_RA4_6_90_14 WINS Name
As mentioned before, the computers used in each setting will be using DHCP. Each computer will be assigned, according to their grouping in the table below, a unique IP address. This address will be leased to the computer for 24 hours, minimizing the possibility of intrusion, and allowing for computers to receive any updates through re-joining the network.
While this addresses the hospital functions, it does not directly address the clinical or research DHCP. They shall be named as follows:

Front Desk
21

Procedure Rooms

Billing

Records Room

Reserved for Expansion

Towed Patients

Nonessential Functions

Figure 9- Clinic NAT Addressing Since both the Clinics and the Research facility will have the functions above, they can share the same addressing protocols. Unlike the Hospitals, these facilities will have a 48 hour lease time, which will allow for the system to update appropriately, and minimize intrusion. The reason for not renewing the lease more often is to allow the hospitals time to employ updates to the NOS or for routine maintenance with minimal interruption to any of the facilities. Network Management Technique To determine the appropriate network management technique, we must review the structure of the network we plan to have in place.
22
Azure Cloud
Modem Firewall Router Router Router Router Router Router Router
Each router will have the following configuration:

Cat 5E or Greater
Hub
Hub
Cat 5E or Greater
Hub
Hub
Cat 5E or Greater
Hub
Cat 5E or Greater
Hub Legend
Legend Subtitle Symbol Count 1 Description Modem Wireless access point Comm-link Firewall Router Ethernet Hub Cloud
Hub
Cat 5E or Greater
3
9 1 7 3 15 1
Hub
Hub
Hub
Hub
Hub
Cat 5E or Greater
Hub
Hub
Cat 5E or Greater
Hub
Figure 10- Network Backbone Unlike most plans, we intend to use off-site servers to host the data, including programmatic access. The methodology we used to arrive at the following Network Administration model was based off of Ciscos ISO Network Management Profile. (Cisco)
23
Windows Azure Server
Configuration Management
Fault Management
Performance Management
Accounting Management
Log files
Figure 11- FCAPS Diagram As you can see from the above, we have implemented a FCAPS approach. Fault o We have assigned a specific server to detect fault, isolate its cause, notify the appropriate team for fault resolution, and finally to correct those faults. o All actions from this server will be logged to the Log File Server.
Configuration Management

o
24
In addition to rolling out updates to workstations as needed, the configuration server will also house the configuration files for same and maintain inventory of NA related items.
All actions from this server will be logged to the Log File Server.
Accounting Management o This server will poll the log files for connection times, usage statistics, and lease expirations. o All actions from this server will be logged to the Log File Server.
Performance Management o This server will measure performance overall for the network, and will ensure that it remains at an acceptable level. o All actions from this server will be logged to the Log File Server.
Security Management o As you can see, there is no specific server dedicated to security. This is because Microsoft Windows Azure provides security management as part of their service. There would be no need to dedicate further servers to this cause. o All potential security threats or intrusions will be logged by Windows Azure, and will be published to the Log File Server. In addition to the techniques addressed above, the cloud server will also assist the
routers with network traffic management. While the routers will be in direct control through DHCP and a Firewall, the cloud will be able to annotate any and all calls to operate outside of the parameters already established. An example would be someone attempting to access their personal Facebook account. This is clearly outside of the networks intended function. The access would be blocked through the Firewall, but the Azure server would also log that attempt.
25
Repeated attempts to circumvent the established acceptable usage would trigger an alert to the appropriate personnel for follow up action.

Performance Management To develop a cohesive strategy for addressing the performance of the network, the following items need to be addressed: Determining the specific data to collect Interpreting that data Disseminating and presenting that data
26
Windows Azure will work as the data collection service, once we outfit it with the specific data we want. As mentioned before, we want all data traffic logged. This would normally be a large item, but the Azure servers are more than capable of collecting that data. The data though, is not in a vacuum. We must interpret it appropriately and that will require periodic review. To ensure thoroughness, we will review the traffic logs once a week for anomalies. Every quarter, we will delve deeper into what exactly is being transmitted, and will create a repository for old logs that have been reviewed. This will also eliminate stress on the server by not having years worth of log files active. Each quarter, after the internal audit is complete, the engineers who have reviewed the data will disseminate that information to the entire IT team, to include the CIO. This will ensure that every person is aware of the performance of the network, and has an opportunity to address any concerns they may have. Security Management Because there is no specific server dedicated to security, there is a belief that the server is less secure. To address this specifically, we must address the following: o o o o Is there potential for threat? If so, does the potential come from external factors or internal factors? How will threat be mitigated? What happens when there is a verified breach?
27
There is always a potential for threat to any system. Because our system is closed to general internet usage, the threat is greatly minimized. The greatest threat to this system is users attempting to circumvent the procedures and policies in place. While using the internet at work may seem like a right, it is an unacceptable risk to patient privacy laws, and to the data we will be storing for years to come. If there is an unauthorized breach onto the internet through sites like Facebook, Twitter, etc., the leadership will be required to take either remedial or punitive action. There is little danger outside of circumvention, as the passwords used will be refreshed at regular intervals (as previously noted), and again, the server is located off site, with Windows Azure monitoring the data stream. Should there be an intentional attack on the data, the appropriate law enforcement authorities will be notified. Ethical Responsibilities of the IT Professional An ethical IT professional shall: Safeguard the identities of clients barring any law that forbids them from doing so.
This tenant of holding information as a sacred trust is not new. The Information Systems Audit and Control Association, or ISACA, has in its code of ethics that an IT professional should maintain the privacy and confidentiality of information obtained in the course of their activities unless disclosure is required by legal authority.(ISACA n.d.) Naturally the intent is to maintain anonymity and confidentiality of the users and employers of the IT professional, however there needed to be a definitive line where the ethics must give way to established law. This is in keeping with a culture of anonymity, as well as ensuring that a computerized invasion of privacy remains a low threat from within the IT community.
Not use technology in an inappropriate manner or to do harm.
Harming others, such as destroying their physical belongs, is equally as destructive as if it were to happen to digital belongings (Xanatomy) While this precept is defined under
28
professional ethics, there are special circumstances that allow an IT professional greater access to instruments of harm. Though an IT professional does not literally deal in life and death scenarios like a doctor, they still must do good or do no harm.(Hippocrates 400 B.C) This is clearly in line with the tenant of non-malfeasance. Maintain strict confidentiality of personal and company information entrusted to them. As discussed previously, the care of information is paramount to the IT profession as a whole. As with the Hippocratic book, Epidemics, the IT professional signs an unwritten contract with the user or company that he or she will do everything within their power to ensure information is not only secure, but that there is a proactive approach to evaluating future threats and possible intrusions. An IT professional must hold this duty to safeguard as they would hold any idea to be sacred. As soon as the agreement is made, the IT professional owns the information and must treat it accordingly. Not access any information or resources without specific authorization. Here again, modern medicine can play a role in helping define the ethics of the IT professional. Borrowing from the HIPAA Act, an entity is permitted or required by the rules to use or disclose protected health information without an individuals written authorization. (Federal Register Vol. 65 Dec. 2000) Clearly the idea of protecting information is paramount in healthcare, and with the increase in utilizing IT in that field, there is doubly a need to safeguard information. High Level Technology Architecture There are three main areas in which the technology architecture will be most affected; the infrastructure requirements, the transmission of data and hardware specific requirements. Infrastructure Requirements The business architecture that has been proposed includes the need for multiple persistent internet connections. Because of this, and the need for security, Windows Azure

servers are the best solution for data management. With relatively low overhead and the
29
lowered need of staff to maintain servers and specific data points, the Windows Azure line of data services offers the most support affordable. This data solution best fits our needs without having to train and hire many staff members. Transmission of Data The primary focus of our transmission should be security. Because the servers are housed off-site, there is a lesser chance of internal liability as well as a lessened chance of internal security breaches. Windows Azure has multiple pricing plans, but their premium database allows us the flexibility we would need for rapid deployment. This plan, if acted on promptly, would also allow for a 50% reduction in cost, as part of the preview that Microsoft is offering. (Windows Azure 2013) Azure offers two different types of storage, and the Locally Redundant storage would fit Happy Healths need. This reflects a total cost of $0.007 per GB per month.(Windows Azure 2013) scalable. Table 4- Azure Price Listing STORAGE CAPACITY GEOGRAPHICALLY REDUNDANT LOCALLYREDUNDANT First 1 TB 1 / Month Next 49 TB / Month Next 450 TB / Month Next 500 TB / Month $0.095 per GB $0.08 per GB $0.07 per GB $0.065 per GB $0.07 per GB $0.065 per GB $0.06 per GB $0.055 per GB $0.045 per GB $0.037 per GB Contact us
Next 4,000 TB / Month $0.06 per GB Next 4,000 TB / Month $0.055 per GB Over 9,000 TB / Month Contact us

* Based on 744 hours per month
1
30
1 TB = 1,024 GB.
Hospital
MS Office Suite EMR Server PeopleSoft ERT Image Server Print Server
Clinic
MS Exchange Server
Research Facility
Figure 12-Data Process UML Hardware Specific Requirements Because of the number of different systems in place, and the inadequate control measures this presents, equipping every user base with similar workstations would be key. Because of the nature of technology, it would be in Happy Health Systems best interest to invest in workstations that will be scalable. The Intel Core i5 processor, while fast and
31
moderately expensive, allows for expanding network to include future programs. The i5 is also the mid-grade of current Intel Chips. There should not be a great need for memory above 4GB, and since RAM is easily replaced, is adequate for future endeavors. Choosing a small form factor will allow for ease of use, and not having it get in the way when navigating to patients. There should be no need for a physical storage drive on these workstations, and the use of USB devices should be restricted to ensure appropriate security. With Windows Azure using Windows Server 2012 R2, workstations will be able to utilize Windows 7. While Happy Health has requested that SpyBot be installed on each station, this is ill advised and duplicative. Symantec offers Symantec cloud (Symantec.com 2013) which prevents any intrusion via email, cloud, or unforeseen attack. Since the workstations will not have a physical drive to install to, there is no need to protect the workstations from attack. A preliminary search of such devices costs out at anywhere from $700-$850. (dell.com 2013) While this seems like a large amount, purchasing in bulk, and for healthcare uses, will undoubtedly ensure a price break. In addition to the workstations, the existing cabling of Cat5e would need to be inspected for adequate throughput. HIPAA Compliance Ensuring privacy is paramount in this endeavor. To ensure HIPAA regulations are met, the following review of systems must be done: (Milne, Michael) Physical Security o Can the data be physically be stolen?
User Security o o Is it easy to log in without a password? Is the data secure from guest accounts?
System Security o o What happens if there is an intrusion? What happens if there is a hardware failure?

Network Security o o Can people not in the system access the data? Are there open ports?
32
The answers are fairly straightforward when dealing with a cloud structure. The data can be physically stolen, but the likelihood of that happening is very low. A thief would have to know which server housed the data, would have to gain entry into the Azure server locale, and be able to physically access that server and steal the data. Given Microsofts history of having secure and anonymous servers, this is an unlikely event. Using secure password authentication will make entry into the server more difficult. Enabling a 60 day password change will assist in regulating stolen passwords, forgotten passwords, and common passwords. This level of security also denies the use of guest accounts. Should there be an intrusion, the Windows Azure team will be able to assist us in the corrective action needed. As an added security, the Professional Direct (Windows Azure) support feature of Azure includes a <1 hour response time, and unlimited phone support. This allows the IT team to work with the server hosts, ensuring a constant flow of information and minimum of downtime. The implementation of the servers will include the assignment of ports. These ports should not be common knowledge, and only the IT team and the Windows Azure team should have access to that information. Using these safeguards, we avoid the $100-$50,000 or more per violation of HIPAA (US Department of Health and Human Services)
HAPPY HEALTH SYSTEMS References
33
Brain, Marshall and Crawford, Stephanie. (n.d.) How Domain Name Servers Work. How Stuff Works. Retrieved from http://www.howstuffworks.com/dns.htm Cisco (n.d.) Network Management System: Best Practices White Paper. Retrieved from http://www.cisco.com/en/US/tech/tk869/tk769/technologies_white_paper09186a00800ae a9c.shtml
Core System Engineering Team (13 Jun 2011) Core System Requirements Specification (SyRS). Intelligent Transportation Systems Joint Program Office. Retrieved from http://www.its.dot.gov/meetings/pdf/CoreSystem_SE_SyRS_RevA%20(2011-06-13).pdf Dell.com (2013) Retrieved from http://www.dell.com/us/business/p/desktops-nworkstations.aspx?c=us&cs=04&l=en&s=bsd&ST=%20computer%20%20workstations &dgc=ST&cid=265771&lid=4835267&acd=12309152537461020#!tabId=9A5EF418&f acets=116823~0~3611731,51795~0~11401827&p=1 Federal Register Vol. 65 (Dec. 28,2000) Retrieved from http://www.hhs.gov/ocr/privacy/hipaa/administrative/privacyrule/prdecember2000all8par ts.pdf US Departments of Health and Human Services (n.d.) Retrieved from http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/index.html Hippocrates (400 BC) Of The Epidemics. Retrieved from http://www.grtbooks.com/exitfram.asp?idx=0&yr=460&aa=HI&at=AA&ref=hippocrates&URL=http://classics.mit.edu/Hippocrates/epidem ics.html ISACA(n.d.) Code of Professional Ethics. Retrieved from http://www.isaca.org/Certification/Code-of-Professional-Ethics/Pages/default.aspx
34
Milne, Michael (10 Mar 2006) HIPAA in a Nutshell Guidelines for EMR and Paper Medical Records Compliance. Ezine Articles. Retrieved from http://ezinearticles.com/?HIPAA-in-a-Nutshell---Guidelines-for-EMR-and-PaperMedical-Records-Compliance&id=156737 Sessions, Roger. (May 2007) A Comparison of the Top Four Enterprise-Architecture Methodologies. ObjectWatch, Inc. Retrieved from http://msdn.microsoft.com/en-us/library/bb466232.aspx#eacompar_topic8 Symantec.com (2013) Retrieved from http://www.symantec.com/products-solutions/families/?fid=symantec-cloud TechNet (n.d.) What is WINS? Retrieved from http://technet.microsoft.com/en-us/library/cc784180(WS.10).aspx WebNMS.com (n.d.) 5.22 Introduction to Performance Management. Retrieved from http://www.webnms.com/webnms/help/developer_guide/performance_management/perf_ overview.html
Windows Azure (n.d.) Retrieved from http://www.windowsazure.com/en-us/pricing/details/storage/ Retrieved from http://www.windowsazure.com/en-us/pricing/details/sqldatabase/#service-premium Azure Support Features. Retrieved from http://www.windowsazure.com/en-us/support/plans/

U10a1 Hogan

Transféré par

Informations du document

Titre original

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

U10a1 Hogan

Transféré par

Droits d'auteur :

Formats disponibles

HAPPY HEALTH SYSTEMS

Proposal for Happy Health Systems Gray Hogan IT3350

HAPPY HEALTH SYSTEMS

HAPPY HEALTH SYSTEMS

High Level Technology Architecture.................................................................................................. 28

HAPPY HEALTH SYSTEMS

HAPPY HEALTH SYSTEMS

HAPPY HEALTH SYSTEMS

HAPPY HEALTH SYSTEMS

Cary 1 MS Exchange Server

PeopleSoft ERT Server

Figure 1-Overview of Proposed System

HAPPY HEALTH SYSTEMS

HAPPY HEALTH SYSTEMS

HAPPY HEALTH SYSTEMS

Performance o The quantifiable specifications of the core system

Functionality o Specifically, what the core system will be doing

HAPPY HEALTH SYSTEMS

IT staff, CEO, CIO

Administration, Treating, Outpatient

IT staff, CEO, CIO

Administration, Treating, Outpatient

IT staff, CEO, CIO

Administration, Treating, Outpatient

IT staff, Clinic Staff

IT staff, Clinic Staff

IT staff, Clinic Staff

IT staff, Clinic Staff

IT staff, Clinic Staff

IT staff, Clinic Staff IT staff,

HAPPY HEALTH SYSTEMS

HAPPY HEALTH SYSTEMS

Modem Firewall Router Router Router Router Router Router Router

Each router will have the following configuration:

Cat 5E or Greater Cat 5E or Greater

Wireless Access Point

Cat 5E or Greater Cat 5E or Greater

Wireless Access Point

Cat 5E or Greater Cat 5E or Greater

Wireless Access Point

HAPPY HEALTH SYSTEMS

Router will issue NAT for 192.168.10.0-192.168.44.255

Router will issue NAT for 192.168.45.0-192.168.167.255

Router will issue NAT for 192.168.80.0-192.168.114.255

Router will issue NAT for 192.168.115.0-192.168.149.255

Router will issue NAT for 192.168.150.0-192.168.184.255

Router will issue NAT for 192.168.185.0-192.168.220.255

Router will issue NAT for 192.168.185.0-192.168.219.255

HAPPY HEALTH SYSTEMS

This is Bob. He likes to stand on his computer

Figure 4-Hospital Ethernet to User

HAPPY HEALTH SYSTEMS

Wireless Access Point

HAPPY HEALTH SYSTEMS

This is Bob. He likes t o stand on his comput er

HAPPY HEALTH SYSTEMS

Router will issue NAT for 192.168.10.0-192.168.44.255

Router will issue NAT for 192.168.45.0-192.168.167.255

Router will issue NAT for 192.168.80.0-192.168.114.255

Router will issue NAT for 192.168.115.0-192.168.149.255

Router will issue NAT for 192.168.150.0-192.168.184.255

Router will issue NAT for 192.168.185.0-192.168.220.255

Router will issue NAT for 192.168.185.0-192.168.219.255