Voice of Experience: Healthy Dose of ControlBy Baselinemag | Posted 2006-02-07 Email Print
Modernizing Authentication — What It Takes to Transform Secure Access
Stephen Morenzoni, senior network engineer at Lake Forest Hospital north of Chicago, avoided paying $100,000 for a system to transmit radiology images by using a Web-based remote access appliance instead.Stephen Morenzoni
Lake Forest Hospital
Senior Network Engineer
Lake Forest, Ill.
MANAGER'S PROFILE: Head of data network services for 243-bed hospital in the northern Chicago suburbs, with $311 million in 2005 revenue.
ALL OR NOTHING: In 2001, the hospital deployed IPSec virtual private network equipment from Cisco Systems, to give doctors and staff remote access to patient information, a transcription system, a fetal-heart-monitoring system and other applications. The trouble with IPSec, Morenzoni says, is that the protocol opens a full-blown network connectionand the hospital needed more fine-grained control over the resources employees were allowed to access.
PRIVATE EYES: One of the hospital's chief concerns was providing easy access to data over the Internet, while complying with the federal Health Insurance Portability and Accountability Act, which prohibits disclosure of patient records. Plus, notes Morenzoni, doctors are inclined to protect their fiefs. One example: "The maternity doctors don't want the radiology doctors to even see their applications," he says.
HIS PROJECT: Morenzoni in 2004 deployed F5 Networks' FirePass 4100, which uses the SSL protocol to encrypt data. The system allows him to specify exactly which programs or files any individualincluding specialists at other hospitalsmay access, and to log all activity. "It's like I suddenly closed a bunch of holes that IPSec would have left open," he says.
X-RAY VISION: Lake Forest Hospital paid $24,000 for a FirePass 4100 with 250 user licenses. The payback? For Morenzoni, the big line-item saving was not having to purchase a $100,000 proprietary system from General Electric for sending radiology images over private networks. Instead, the hospital distributes X-rays and other images via Emageon's Web-based medical imaging system, with access control and encryption provided by the FirePass appliance.