• Hey Webmasters! New Photo Album Service Launched - Check it out!

Ralph Beckon

Development of a Proposal for the Implementation of a Medical Technology Wireless Data Network for St. Mary Hospital

Week 1: August 14, 2005

Tasks

Provide the status of each task. If stalled or changed, state why.

Task 1: Research basic wireless networking technology theories.(Completed).

This week I completed research on basic wireless technologies. I learned that to implement a basic wireless network you need the networking operating system (NOS), a wireless router or an access point, and each computer will need a wireless network adaptor. In addition to this there are also data security issues and solutions as well as interference concerns.

Hardware options include access points or routers that have additional capabilities such as a firewall and internet sharing capabilities. A wireless internal PCI adaptor is more expensive that a USB wireless adapter but USB devices can be more complicated to configure and will increase the load on your power supply and system, a real concern when using a battery operated laptop.

Wireless standards are important to consider when configuring a wireless network. There are currently three major wireless data standards IEEE 802.11 known as WI-FI that is used in modern devices.

802.11b is the mainstream method for transferring wireless data. 802.11b offers a good range, wide compatibility with current devices and low pricing. 802.11b has a range of between 70 and 150 feet and transmits up to 11Mbps at 2.4GHz radio spectrum.

802.11b is slow compared to the 100Mbps found in a common Ethernet connection. Disadvantages include that the access points are manually configured, have a maximum of three distinct channels and have potential interface with cell phones and microwaves

802.11a uses 5Ghz and transfers data at 54Mbps. 802.11a uses 8 channels which is better for larger high capacity networks. The disadvantages of this standard are that it is not directly compatible with 802.11b and the equipment has a higher cost.

802.11g uses the 2.4Ghrz and offers a data transfer speed of 54 Mbps; could be considered the best of 802.11a and 802.11b.

Security issues are a concern because on a wireless network your data transmission is wide open to anyone with the right equipment. To secure you network two basic methods are used MAC filtering and WEP.

MAC address filtering requires manually entering a list of addresses found on you local network and configuring a router to allow a wireless connection only to these specific addresses.

WEP is a wireless encryption protocol and uses a shared key between the access-point and the client computer.

Source:

Pc Stats.com (2005). Beginners Guides: Wireless home networking

Retrieved August 2005 from:

http://www.pcstats.com/articleview.cfm?articleID=1428

The major accomplishment of this task is that I have learned about new technology, standards and security issues. These ideas will now allow me to complete my project proposal with the latest information available.

Task 2: Research security issues and HIPAA policies. (Completed).

This task deals with the physical security issues outside of the network data transmissions discussed in task one. Since a big part of the HIPPA policies revolve around patient privacy this is included in this task.

Physical security starts with simple measure like locking the MTS laptops down to the carts, facing the screens away from unauthorized observers, and using paperless processes. In addition to this policies should reflect not leaving a laptop unattended and password protection for all devices.

HIPAA is the Health Insurance Portability and Accountability Act of 1996 that is a government mandate document that provides both protection and security of patient information. Information that need to be protected includes patient names, room numbers, test results, type equipment used and any other information that may be connected to a specific patient.

My research suggests that the simplest rule in relation to this project is that patient information and privacy must be protected at all costs. Since the devices used to input data may include this information, specific procedures and policies must be developed to support the HIPAA guidelines.

Sources:

AAMC. (2001) The Guidelines for Academic Medical Centers on Security and Privacy: Practical Strategies for Addressing the Health Insurance Portability and Accountability Act (HIPAA)

Retrieved August 2005 from:

http://www.aamc.org/members/gir/gasp/

University of Chicago . (2000). NSC: Physical Security.

Retrieved August 2005 from:

http://security.uchicago.edu/docs/physicalsec.shtml

The major accomplishments associated with this task are that I have a greater understanding for the need of a high level of security that will protect patient's rights and promote compliance of the HIPAA guidelines.

Task 3: Research existing infrastructure and available wireless technologies. (Completed).

I found out that the Hospital is completely configured with 96 percent connectivity access. What this means is that there is sufficient access points throughout the desired area of coverage. We use devices that are compatible with the 802.11b wireless standard and use WEP data encryption for security.

The Major accomplishment associated with this task is that because the tasks in weeks two and three are dependant on this task; I can use these specifications to build and complete my project proposal.

Sources:

Tom Hargin, MCSE; IT specialist.

Keith Miller, BMET; Telemetry specialist.

Decisions

1) What came up that needed to be addressed? How did you solve it?

One problem that came up during the first week was possible dead zones for wireless transmissions. Stairwells and a few hallways have intermittent wireless connections but these are non-equipment areas and will not affect the specific MTS program. The Area's of concern are Radiology and Nuclear Medicine area where thick lead-filed may not pass radio frequencies.

For the policy portion of this project this is noted, from an implementation perspective an access point directly outside these areas will improve transmission.

2) What important decisions did you make this week that impacted your project?

The key decision made is that the 802.11b wireless standard must be used and that all proposed devices must adhere to this standard.

Learning

1) What helpful feedback did you get in the class (instructor, classmates) and outside the class (user, stakeholder, beneficiary, mentor, expert advisor, others)? What did you gain from this feedback?

I received significant feedback from Keith Miller concerning wireless interference and physical security measures that must be implemented in a wireless system.

I learned that hospital medical equipment uses special frequencies that no other devices can use, this should eliminate and interference issues between the wireless network and our patient connected medical devices.

2) What resources did you use this week (e.g., people, money, equipment, systems, or software)? Did you add new resources? What was your learning?

I used all the resources listed the task 1 resources of my project plan and the additional ones listed here:

Keith Miller has introduced me to a new resource in our IT department Paul Mioduszewski. Paul taught me about the dead zones, access points, our wireless technology and standards.

The University of Chicago was another additional resource for physical security measures.

3) What research did you perform this week that was assisting and/or literature based? What was your learning?

When I started the basic wireless research I did not know anything about wireless technology. PC Stats provided a very good article on basic wireless networks and I learned about standards, security and basic hardware.

I also researched the HIPAA standards and learned about the basic meaning behind these guidelines. I leaned that the HIPAA guidelines were created to ensure the privacy, security and confidentiality of patient information. Confidentiality is a concept similar to privacy except that it adds conditions where those who have access to the information do not share that information. Sharing patient information should not be permitted to anyone; including family members or 3 rd party companies without patient consent. The typical common sense approach is based on the need to know concept. For the MTS staff we will only need to know the patient name, room number and any information that may compromise our personal safety. Another example is if you are a blood-drawer. You will not need to known the patients history or medical condition unless it affects your safety or the level of care you can give.

I learned some simple physical security measures from University of Chicago that preventing computers from being stolen is as important as preventing access to the operating system. This information helped me with my project by making me aware that the laptops on mobile carts will require hardware locks to reduce the possibility of their theft.

Cisco's Wireless LAN Security White Paper and my MCSE Windows 2000 Designing books helped me understand encryption protocols.

Indicators

1) How well did you stick to your project schedule?

I was able to stick to my project schedule as planned. In the initial stage of week one I did not run into any problems that could not be solved.

2) How prepared are you to conclude your project in Unit 10 as required in this course?

I have gathered all my source materials and forged relationships with mentors and advisors, I am confident that I will be able to complete this project as scheduled.

3) How likely is it that you will need to resort to your contingency plan?

I think it is unlikely that I will need to resort to your contingency plan.

Other

I am ready to continue on weeks to analysis phase.