Technology Considerations | The Business Case for Enterprise-Class Wireless LANs

Although the overall strategic technology plan was developed in 1997 with wireless in mind, the actual wireless selection began mid-year 2000. The process included an extensive review of all WLAN providers that existed at the time. Subsequently, the enterprise-wide deployment began in August 2001 and took about six months.

Architectural Principles

One of the guiding principles to making the WLAN successful was the understanding that people in healthcare cannot be tethered, lest they lose efficiency and time. The idea is to bring the computing environment to the end user. If physicians and clinicians must search out systems, they will be less inclined to use the applications as part of their daily work. This fact led to the other principles that would challenge Lifespan. It had to change the culture.

The advancement of technology meant that devices, applications, and attitudes were changing. For a physician to adopt the use of a laptop or tablet PCat the point of carethe design had to be friendly. According to Hemendinger, "We had to have the technology and the application as comfortable to use as a telephone."

The value was that as physicians used the technology, it reduced clinical errors and provided enhanced decision support functions, immediate identification, and course of care.

The WLAN was built in phases with the intention of being deployed ubiquitously, the initial phase being delivered to maximize coverage. Follow-on phases amended the original architecture to allow for higher throughput and higher densities and to support functions of evolving technology such as voice and video. The initial two phases were designed for patient data only. The scope of the deployment was broken into two phases:

Phase 1 All clinical spaces (Intensive Care Units, medical space floors, emergency department, etc.)
Phase 2 Operating rooms and administrative spaces

Now that the WLAN has been deployed, it covers over one million square feet of clinical space. This coverage enables physicians to access patient information during rounds anywhere in the clinical space on or across the campus. WLAN coverage extends to physicians' lounges, cafeterias, libraries, and parking lots. This coverage allows physicians to access the network and the applications they need to perform their job: Provide the best healthcare possible.

Over time, the need for additional bandwidth became evident to accommodate the addition of high-consumption applications. Although the original use for the WLAN focused on providing low-end data access, diagnostic imaging and other advanced medical uses drove the bandwidth and density (coverage) needs up. Moving forward, Lifespan will look to provide pervasive patient monitoring, patient tracking, and VoIP capabilities. Figure 10-1 illustrates how support for additional locations and services increased bandwidth and density needs. Each grouping represents the location, data type, and time frame.

Figure 10-1. Locations and Services Directly Impact Bandwidth and Density

WLAN Design

Since the initial deployment, the WLAN design has gone through some major changes to adapt to the needs outlined in the architecture. The first products deployed were the Cisco AP340 and AP350 series access points. As expected, over time newer Cisco products emerged, in parity with the maturing WLAN and WiFi standards. Lifespan has undergone numerous WLAN upgrades and now employs the Cisco AP1200 series access points running 802.11a/b/g across the enterprise.

The WLAN grew over time from 350 to 500 APs and continues to grow as higher WLAN densities are required. The WLAN now stretches from the clinical areas to operating rooms and administration spaces. The density has also increased the access point count to accommodate the additional services provided over the WLAN, such as location-based services and VoIP.

Lifespan also uses Cisco 1400 series bridges to give it flexibility and cost control in the campus metro. These bridges act as both the primary and secondary building interconnections at many Lifespan locations. The use of the bridge for MAN connectivity was a more economical solution than running copper and fiber throughout the campus. Hemendinger said, "When you need to dig up roads to route fiber and copper or manage long-term agreements with vendors for fiber connectivity, it becomes very expensive to provide high-bandwidth connectivity; the wireless bridges have allowed us to provide better service at lower cost."

Guest Networking

Lifespan is one of the most progressive and true early adopters of WLANs. One area of note is that they provide full wireless guest access for patients in their rooms at Hasbro Children's Hospital. More important, at the time of this writing, they do not charge for this service.

Imagine being able to send pictures of your new baby to relatives, updating people on your family's condition, or passing the idle time you have in the hospital room by surfing the Internet.

Hemendinger recalled a quote recorded from a patient's family member that demonstrates the value of this service:

"During the course of our son's multiyear treatments, we had numerous overnights and several lengthy stays. Having direct high-speed wireless access to the Internet from my son's room was critical in supporting many aspects of his treatment program. In addition to my son's usage, I was able to spend quality time with him and, at the same time, keep up with my ongoing work and e-mail. This enabled me to limit the number of vacation days needed, given that I was still able to be productive. Without the wireless access, I would have been using extensive vacation time and/or had to leave my son alone at the hospital during working hours. Simply stated, it made the whole experience much easier for all of us. A must for all hospital stays."

Technically, the setup is simple. Guests are provisioned onto a separate part of the network with open security. Lifespan provides this as a best-effort service, and as long as your wireless device software supports profiles or autoconfiguration, patients can discover the Service Set Identifier (SSID) and off they go. Additionally, some level of proxy and firewalling is provided.

RF and Interference

Interference is a true nuisance in the wireless world. In the medical arena, the U.S. Federal Communications Commission (FCC) and U.S. Food and Drug Administration (FDA) have produced frequency standards that all medical devices must adhere. Medical frequency bands are confined to 900 MHz and 1.4 GHz. Lifespan has performed frequency analysis and frequency interference mapping in many locations throughout the enterprise. This data provides network engineers with optimal antenna placement to minimize interference.

Disaster Recovery

The WLAN is designed to be highly available and is correspondingly treated as a primary method of access at Lifespan. However, individual APs within the enterprise WLAN might go down sometimes. During a simple outage where only a single AP is down, the WLAN is designed to allow users to seamlessly access the network at another AP.

"We also designed the WLAN in such a way that if you lose one or two APs on a floor, most users would never even know it. There might be slight performance degradation, but for [the] most part, users would not notice it," says Hemendinger.

In the case of a catastrophic event resulting in complete failure of the WLAN, patient care is not compromised and neither is the access to critical clinical data. To support this principle, Lifespan did not remove the wired infrastructure that allows some clinical systems to be used over the wired network. As a tertiary precaution, the PDAs that physicians and clinicians carry also act as a backup during a complete network failure because some critical data is stored locally on the devices.

Note

According to law in Rhode Island, physicians or clinicians must record all patient information or care results destined for the medical record on a paper chart.

Network Management

Management of the access point infrastructure has been satisfactory. On the other hand, software for client cards and adapters via automatic push remains problematic to Lifespan's IT department. In practice, the department uses an 80/ 20 rule, where the aim is to manage 80 percent of the clients using an automated method for software management. Hemendinger explains that if need be, it can settle for a manual intervention for up to 20 percent of the clients: "If I can centrally push and capture 80 percent, then I can handle hitting the streets for the remaining 20 percent."

The mix of hardware11,000 client devicesin the Lifespan network puts client software management on the forefront of issues that concern the company today. For Hemendinger and his IT teams, pushing software to the client is significantly complex. "Push and end up with half the environment down or not. I must mitigate risk to the best of our ability; we thoroughly test all updates. I must have staff that is dedicated to crossing Ts and dotting Is prior to push; we are talking critical life-saving clinical systems," said Hemendinger.

The crux of Lifespan's client management problems lies in the fact that it supports a variety of WLAN clients. Even knowing that it would be better to support only a limited number of devices and clients, Hemendinger must put his customer first. The device must fit into the physician's daily work style as opposed to having the physician learn to work with the device. This point reemphasizes that ease of use drives high adoption. Today you will find several devices used in the enterprise:

Vocera for VoIP
Carts on wheels 700+
Tablet PCs
WLAN-enabled laptops
Thousands of PDAs

To alleviate many possible problems, there is a current standard. All clients currently use Cisco PCMCIA or PCI bus adaptors. Going forward, Lifespan's standard includes using Cisco Compatible Extension (CCX) products in the WLAN enterprise.

Note

The Cisco Compatible Extension (CCX) program is an initiative to help to ensure that client device or silicon manufactures are interoperable with a Cisco WLAN infrastructure and can take advantage of Cisco innovations for enhanced security, mobility, quality of service (QoS), and network management. To learn more, visit http://www.cisco.com/en/US/partners/pr46/pr147/partners_pgm_concept_home.html.

Lifespan employs several automated products to provide robust client software push. Some tools include off-the-shelf products like EPO by Network Associates. However, like many early adopters, Lifespan has developed many tools (scripts) in-house.

Security

Lifespan is a Cisco SAFE Blueprint adopter. In its security solution, you will find the use of Cisco-EAP (LEAP) and Cisco Access Control Server (ACS), which are standard recommendations for a robust and secure WLAN infrastructure. More information about Cisco SAFE Blueprint can be found at http://www.cisco.com/go/safe.

Looking beyond the authentication and encryption of APs and clientsas part of the security architectureLifespan must contend with device-level security for the variety of devices they support. Device-level security is a great concern because most are small handheld devices (PDAs), many of which can have more than one user.

Physical security of the device, although a concern, is not as important as maintaining the integrity and confidentiality of the data on the device. Device-level security stemmed from the need to protect sensitive data, as required by the Health Insurance Portability and Accountability Act (HIPAA) and SarbanesOxley Act (SOX), from being accessed by unauthorized personnel. To combat this problem, third-party software was installed in the PDA devices that would essentially eradicate the data after three failed login attempts.

Note

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) amended the Internal Revenue Code of 1986 to improve portability and continuity of health insurance coverage in the group and individual markets; to combat waste, fraud, and abuse in health insurance and healthcare delivery; to promote the use of medical savings accounts; to improve access to long-term care services and coverage; to simplify the administration of health insurance; and for other purposes. To learn more, visit http://www.cms.hhs.gov/hipaa/.

The Sarbanes-Oxley Act of 2002 (SOX) mandated several reforms to enhance corporate responsibility, enhance financial disclosures, and combat corporate and accounting fraud. It created the "Public Company Accounting Oversight Board," also known as the PCAOB, to oversee the activities of the auditing profession. A PDF download of SOX can be found at http://www.sec.gov/about/laws/soa2002.pdf.