The Deployment, Step by Step
Samaritan Regional Health System is a community-based health care system that has been serving residents in Ashland, Ohio, and surrounding counties for nearly 100 years. The system depends on technology to support health care professionals in their efforts to diagnose, treat and heal their patients.
Until recently, Samaritan’s network infrastructure was hindering that work. To resolve this critical problem, the health system deployed a backbone upgrade to facilitate secure wired and wireless access, along with a new VOIP telephony system. Network Administrator Mike Miller describes the deployment and its results.
In IT, we hear the term “business critical” often, but in the IT department of a hospital, those words take on a new meaning. In our industry, infrastructure failure can truly be a life-or-death situation. Technology is crucial for handling privacy issues surrounding patient data, as well as cost-containment efforts to rein in operational expenses while keeping the quality of patient care high.
The administrators, doctors and nurses at Samaritan and at our affiliated physician practice offices have long wanted to leverage the best, most forward-thinking technology to help them diagnose, treat and heal their patients. Until recently, our IT network was hampering that progress.
Our legacy backbone equipment was not up to the job of basic connectivity, let alone the newer technologies our staff wanted to implement. Our network infrastructure was best described as the Wild West, and it was becoming more difficult to predict where the next network failure would occur.
Inconsistent and unreliable, the network of end-of-life switches offered limited visibility into access policies. With more than 750 employees across seven locations constantly touching the network, we had little insight regarding who was logging in and out, and what they were using for resources.
Our staff spent most of their time responding to trouble tickets and trying to resolve the same old issues. The flat, static nature of our infrastructure made it impossible to direct or prioritize network resources to support more critical applications or devices. We quickly realized that we lacked the resources needed to become a proactive, strategic IT organization.
Asking the Right Questions
We started reviewing our IT goals and mapping them back to the hospital’s patient care objectives. We asked ourselves:
• What are the most critical applications and services our staff uses daily, and how can we prioritize them?
• Will we have to do a complete rip-out and forklift upgrade, or can we salvage any of our existing infrastructure?
• If we can preserve any existing infrastructure, will it be compatible with whatever we deploy next?
• How can we oversee a network upgrade, learn about our new network technology and then manage a new network each day without adding more IT operations staff?
• How can we use technology to foster true collaboration between physicians, nurses, administrators and patients?
• Is there a security solution that will automate access policies based on user ID, so we can finally get a handle on network compliance?
We wanted to offer our staff quick, easy access to other caregivers and employees in the hospital network to support collaboration and information sharing. We planned to do that by consolidating the telephony system the hospital and its satellite practice offices used.
We also wanted to streamline data across departments and locations, without compromising the data’s integrity and safety. Too often, one department updated a patient’s record, but a lag in infrastructure stopped that information from getting to other staff members who needed it. Further, we needed to build a network that would allow us to use state-of-the-art, wire-free patient-monitoring devices. Also, we wanted a secure connection so patients and visitors could access the Internet safely.
Solution Wish List
After looking over our network needs, we created a list of criteria for each one. A robust, unified backbone that would give us the ability to build out compatible VOIP and wireless devices on our own timetable was a must. We also required a simple, centralized management system.
In addition, we needed a solution with built-in security that would allow us to create and maintain access policies that complied with the Health Insurance Portability and Accountability Act (HIPAA). All this had to come at a price
we could justify to the hospital’s administration.
After evaluating leading infrastructure and security vendors, we went with Siemens Enterprise Communications and its network and security infrastructure division, Enterasys. We felt they had the standards-based architecture, interoperability, security, reliability and cost-performance ratio to deliver what we needed. The bonus: All the company’s networking components are certified to be compatible with Dräger wireless patient monitors, including their heart monitors, which will be the first wire-free patient devices to be integrated into the new infrastructure.
The deployment was relatively painless because Siemens’ engineering and support team led us step by step through each phase of the deployment and empowered us to take ownership of the network once the install was finished.
The switches we chose to serve as the backbone of the net-
work provide scalable, wire-rate support for environments like ours, which require complete multilayer switching capabilities. Support for high-density 10/100/1000 Ethernet ports,
10 Gigabit Ethernet ports and dynamic routing capabilities was essential. With so many medical devices touching our network, we needed the ability to push GbE to the ports that needed them.
We also saw great value in the flow-based policy built into the switches. For the first time, our network has complete visibility. The IT staff has total control of individual users and can set up role-based access to all the voice/video/data applications.
The next step involved wireless and telephony. The wireless component was a crucial ingredient because it would drive both the wireless patient zone and the hospital’s Internet connection for visitors. We chose HiPath Wireless controllers and access points for remote connectivity.
With wireless, caregivers can securely check on a patient’s progress, regulate medication or add patient notes anywhere, anytime. The wireless software, controllers and access points gave us a cost-effective way to deploy 802.11a/b/g across the hospital, delivering wired/wireless integration, while supporting mobile voice, data and location-based applications.
For the telephony portion of the upgrade, we chose the HiPath 4000 VOIP solution. It united the previously fragmented phone system and has already reduced the cost of interdepartmental phone calls between the hospital’s facilities.
To manage the data, wireless and telephony infrastructure, we use NMS Policy Manager. This software allows my staff to automatically centralize all role-based access policies for users, applications, protocols, virtual LANs, ports and data flows.
A final piece of our network puzzle is the Plixer Scrutinizer. So far, this tool has worked seamlessly with our Siemens hardware and software. Scrutinizer conducts sFlow and NetFlow traffic analysis to tell us which users are demanding the most bandwidth and to help us remove any latency to improve VOIP voice quality. We can also receive trending reports and set up alarms on any high-risk activity, such as internal network SYN, NULL, FIN, XMAS Scans, RST/ACK worms, P2P, ICMP Unreach-able, illegal IP addresses, excessive Multicast traffic or known compromised Internet hosts.
Reduced Frustration, Higher ROI
Since implementing the Siemens Enterprise Communications solution, we have seen a significant increase in network efficiency, coupled with a decrease in help desk tickets throughout the hospital. While the troubleshooting versus proactive-planning ratio was once about 80 percent to 20 percent, we have completely flipped that ratio.
Instead of spending most of the day answering phone calls and responding to issues, we can plan for future processes, technologies and applications. As a result, our hospital user-satisfaction rate increased in the last year.
It wasn’t until the VOIP solution was up and running that we realized the sheer number of interdepartmental phone calls that occur each day—and the thousands of dollars per month the hospital is now saving with our new system. In addition to the modern VOIP features, the staff likes being able to call anyone within the hospital network by just pushing a button, instead of having to memorize a list of phone numbers. For the VOIP telephony segment of the deployment, we expect a full ROI in less than five years, which pleases the hospital’s administration.
And because of NMS and Plixer’s Scrutinizer, we now have unprecedented visibility into the network, which has enabled us to create and enforce compliance policies that are crucial in the health care industry. We’ve also seen a decrease in the costs associated with the hospital’s energy consumption, tech support and maintenance. Another bonus: Enterasys switches come with a lifetime warranty, so we don’t have to allocate funds to replace failed switches.
It’s been fairly easy to implement, configure and manage the network. Today, my staff of two administrators can focus on helping our caregivers in the hospital instead of troubleshooting the network. We no longer hear the phrase, “That’s a network issue.”
Mike Miller, network administrator for Samaritan Hospital, has 13 years of IT experience and manages the network infrastructure.