Wireless networks are all the rage in and beyond healthcare. And why not? Wireless is economical compared to cabled networks, and can yield tremendous improvements in healthcare by providing real-time information to decision-makers, thus reducing time to diagnosis and treatment. There's more. Wireless also can facilitate efficiency and decrease errors by streamlining paper-intensive tasks. But, to be successful, the wireless team needs to prepare for some common challenges.
Consider these options:
- Wireless should not be installed by one department alone. The IT team, in cooperation with the department leaders, is integral to successful deployment and maintenance of the network.
- Security is an ongoing challenge. Wireless sites need a proactive security plan, and they need to constantly assess the success of that plan.
- Communication is key. What do wireless users need from IT and vice versa? Equally important, establish and communicate your objectives with vendors.
- Plan for realistic capacity from the start. Wireless will be a hit, and users will clamor for more devices and applications.
Healthcare is rapidly unwiring. Mobile healthcare decision-makers are increasingly demanding wireless access anywhere in the facility - via laptop, tablet PC or even PDA. And IT is complying because wireless can provide broadband access to locations where DSL or cable modems can't and is often more cost-effective in providing network access when running cable or fiber is too expensive or even impossible because of building logistics.
Wireless network use in healthcare is growing. According to market watcher Frost & Sullivan's report on U.S. Emerging Wireless Markets for Patient Care, wireless revenues will increase from $330 million in 2003 to $637.3 in 2007. Hospitals are tapping into wireless to enhance productivity and improve patient care by providing decision-makers with immediate, real-time access to patient data.
The results can be quite impressive. Take for example, NorthEast Medical Center in Concord, N.C. The hospital implemented a digitized heart imaging system. The wireless solution transmits EKGs from the ambulance to the cardiologist and reduced the 'door-to-dilation' response time from 93 minutes to 33 minutes. Other hospitals are recovering revenue with wireless. St. Mary's Hospital in Evansville, Ind., reports a 30 percent boost in daily billings for respiratory therapists after implementing wireless patient care documentation. And Upland, Calif.'s San Antonio Community Hospital is banking that a second-generation wireless network will enhance productivity and patient care in the ER.
What does it take to become a wireless success story? Tips to succeed.
- A clear project vision, goal and a plan authored by IT and the department. Yes, wireless is cool, but how can it be deployed to improve healthcare? NorthEast Medical Center followed this rule to the letter and tapped into wireless for clear results.
- Allow clinical and staff needs to drive wireless, not vice versa. See how St. Mary's Hospital did it.
- Collaborate and communicate-among staff and with vendors. Some vendors will go the extra mile to ensure success. Medical Research Labs developed custom software to get the NorthEast Medical Center project off the ground.
- Find a solution that answers the three critical wireless needs-mobility, security and scalabilty. San Antonio Community Hospital used its generation one wireless experience as a springboard to develop a comprehensive second-generation wireless solution.
St. Mary's Hospital Real-time Access for Improved Patient Care
St. Mary's Hospital started down the wireless path late in 2002 and installed wireless networks on its clinical floors. The hospital was moving to an Electronic Medical Record (EMR) environment; however, nurses reported a significant hitch in implementing the EMR. That is, there weren't nearly enough PCs or terminals for nurses to input patient data. Wireless presented a cost-effective solution to the PC/terminal shortage and also enabled mobility among healthcare providers. The hospital opted for an enterprise-wide Proxim 802.11a network and adopted a phased approach to wireless projects. This phased approach helped ensure a smooth implementation, explains CIO Dennis DeMasie.
The IS team first concentrated on a respiratory therapist project. This was a priority project because the team recognized that the small project could be successful and also demonstrate an immediate financial benefit. The inaugural project paired McKesson's Care Manager workflow software tool with wireless carts or COWs (Computer On Wheels). St. Mary's COWs come in two flavors - desktops built into the monitor and PC tablets. Therapists connect the wireless device to the server and patient monitoring system and automatically capture readings to document patient care. DeMasie explains, "We chose a small group for our first rollout of clinical documentation because it was very controllable. Going wireless requires changing processes and changing cultures." And change can be more manageable in a small, controllable environment.
DeMasie reports a corollary benefit. "It really got the nurses' attention and paved the way for nursing to adopt the COWs." The clean, efficient wireless patient care documentation was a stark contrast to the traditional manual, paper-intensive charting process.
St. Mary's uses the wireless carts on all general, medical-surgical and intensive care floors. The carts can be used to electronically capture patient care data and transmit it to physicians throughout the hospital, and they also can serve an extra terminal to facilitate workflow at the nursing station.
Bedside clinical documentation was followed with another wireless endeavor. Several years ago St. Mary's deployed an enterprise-wide PACS. Today emergency physicians use wireless devices to share images with patients as part of the education process. Like its respiratory therapy predecessor, the ER project is paving the way for another undertaking. The hospital is testing wireless transmission of images from the cath lab to share with patients for cardiology education. Although user resistance can be a barrier to wireless, DeMasie says clinicians and nurses are embracing wireless. "Cardiologists want wireless capability before IT can get it there." Nurses and clinical staff are continually brainstorming new wireless applications and even devised one of the most successful projects - wireless patient registration in the ER.
There can be some downsides to the popularity of wireless. As wireless use at St. Mary's grew, the IT staff realized it needed more bandwidth for PACS and in specific areas such as the ER and cath lab. Its solution was to replace its 802.11a network with Cisco 802.11b and g.
And while clinical staff have latched onto the new wireless freedom and efficiency, the IT department has the awesome responsibility of wireless security. The current security plan is a two-pronged approach. It restricts access to the wireless network by MAC addresses and employs WEP (Wired Equivalent Privacy). The wireless network is on a separate WLAN, which allows the IT staff to manage communication in and out of the network. Still, security is an ongoing process. Scott Krodel, director of management information systems, says, "We're constantly reviewing security to make sure we meet HIPAA requirements." St. Mary's is considering bolstering its wireless security with Cisco's LEAP and WLSE products. LEAP ties into the authentication system and randomly changes the WEP key every few minutes to thwart hackers. WLSE manages access points (APs) as they are deployed and also monitors for rogue APs.
Monitoring for rogue APs is crucial because physicians at hospitals across the country have established their own wireless networks within the hospital without IT oversight. Rogue APs can leave the entire system vulnerable if they are not properly password-accessed. In addition to setting out a welcome mat for hackers, the hospital may receive a hefty fine for failing to secure healthcare data.
(NEEDS) An inadequate number of terminals and devices for nurses and other clinical staff to electronically document patient care
(PROJECTS) Bedside clinical documentation, patient education, patient registration
(SOLUTIONS) McKesson's Horizon Clinicals, Motion Computing/Gateway tablet PCs, Mercury MD's MData Enterprise System, Palm Tungsten C handhelds for physician use
(OBSTACLES) None reported
(RESULTS) 30 percent increase in daily revenue billing for respiratory therapists; reduced charting time for nurses
NorthEast Medical Center Wireless Cuts Time to Cath Lab
In healthcare, time can be absolutely critical. This is especially apparent in myocardial infarction cases. Typically, paramedics transport patients to the hospital, capturing and transmitting EKG data en route to the ER, and the cardiologist becomes involved in the case after ER physicians evaluate the EKG. The result is an average 'door to dilation' time, or time between a patient's arrival at the cath lab and angioplasty completion, of 104 minutes. The National Registry of Myocardial Infarction set a door-to-dilation goal of less than 90 minutes.
Paul Campbell, MD, cardiologist at NorthEast Medical Center, explains, "Meeting this goal meant changing the system of getting people into the hospital. We need to involve the cardiologist upfront to activate the system." An earlier research project demonstrated that cardiologists could accurately interpret EKG data from a handheld computer, and Campbell had heard about wireless EKG transmission project in Europe. So he set out to establish a similar program in rural North Carolina.
The project entailed connecting the 12-lead EKG on county ambulances to a Hewlett-Packard iPAC and sending the signal through the public cell phone network to a receiving computer in the hospital ER for physician review. The ER physician can forward the data to the cardiologist on call, who reads the EKG on an iPAC. The redesigned process enables timely EKG review by the cardiologist to determine if the patient is a candidate for the cath lab. If the patient meets cath lab criteria, the cardiologist activates a call team and a coronary care unit nurse. The patient is prepped for the cath lab immediately on arrival, while the cath lab team drives to the hospital. This direct admittance from the ambulance to the cath lab shaves critical door-to-dilation time from the procedure.
The project required considerable collaboration among hospitals, paramedics and vendors. Moreover, the hospital had to contend with two main technical issues. The EKG system on the ambulance, manufactured by Welch Allyn subsidiary Medical Research Labs, was not equipped to send data to handhelds. Medical Research Labs agreed to devise a solution and developed the electronic circuitry and proprietary software necessary to send EKG files to a handheld. The second technical challenge came via the local cell phone network. The IS team realized that the rural county did not have full coverage through the carrier it initially planned to use. The IS team criss-crossed the county checking signal strength from various carriers and eventually decided to use Verizon because it seemed to provide the best local coverage. Verizon agreed to boost signal strength in weak areas, but Campbell admits coverage is not perfect in all pockets of the county.
In addition to the technical challenge, the project also presented an educational challenge. Campbell explains, "We're not just implementing a new technology. We're changing systems for EMS, in the ER, cardiology and the hospital." The hospital addressed the human resources aspect of the equation by holding comprehensive team trainings in the year prior to the project implementation. The project successfully reduced door-to-dilation time to 33 minutes, and over the next year Campbell plans to collect clinical data to compare the wireless approach to the previous system.
The wireless security plan for the EKG transmission project is two-pronged. First, all information sent from the ambulance is de-identified, so it cannot be linked to a patient. Secondly, data is encrypted and cannot be read without the proprietary software. On the enterprise level, the hospital uses WEP to encrypt data and boosts its power through other in-house mechanisms. Lisa Sykes, IS security manager for NorthEast Medical Center, says the human element of security is just as important as the technical component. She addresses topics such as physical security, passwords and suspicious activity through regular employee training programs.
(NEEDS) Reduce door-to-dilation time to potentially improve post-MI patient outcomes
(PROJECTS) Wireless ambulance-to-ER-to-cardiologist EKG transmission
(SOLUTIONS) Medical Research Labs EKG, HP iPAC, Verizon cell phone network
(OBSTACLES) First U.S. project, no mechanism to transmit EKG data to handheld computer, spotty cell phone network
(RESULTS) Two-thirds reduction in door-to-dilation time to a low of 33 minutes
San Antonio Community Hospital Deploying Cost-Effective Second-Generation WLAN to Improve Emergency Care
San Antonio Community Hospital (Upland, Calif.) was an early wireless local area network (WLAN) adopter and found that life on the cutting edge of technology can be somewhat challenging. The hospital installed zones of 802.11b wireless in its ER, OR and IS departments in 2001 with a fairly ambitious plan to enable secure mobility for its healthcare staff and enhance efficiency and patient care. But it quickly encountered a few common problems associated with first-generation wireless networks - questionable security associated with static WEP, failed APs and "bug lights," a strong radio signal but open data link - leading to wireless down time. Despite these problems, the hospital completed a comprehensive site survey with a plan to install wireless across the entire campus. It found that 802.11b did not transmit PACS images; a second survey would be required for 802.11a. The hospital began searching for another solution.
San Antonio Community Hospital Senior Network Consultant Jan Snyder was charged with finding a new solution that could meet the hospital's security, mobility and financial requirements. The hospital needed a HIPAA-compliant WLAN to route PACS images and patient records. It wanted a scalable solution that could be deployed throughout the hospital and supported at a low maintenance cost. Finally, the hospital expected to integrate the new WLAN with its existing switched Layer 3 PACS network infrastructure. The answer was to use Trapeze Networks WLAN Mobility System, a second-generation wireless network, as the building block of an enterprise-wide wireless implementation.
The second-generation wireless overlays the Layer 3 PACS network, allowing staff to roam throughout the hospital. User-IDs and authentication remains on wireless devices, following users' throughout the hospital and eliminating the need to re-login from PACS subnet to subnet. Moreover, security is robust and comprehensive. Dynamic WEP encryption and mutual authentication and enforcement of network authorization protects wireless data by setting up an access control list for specific users. For example, the ER group can access its ibex Healthdata Systems data entry software and PACS images; users cannot access finance, other servers or hospital administration resources. Finally, Snyder reports that Trapeze Ringmaster WLAN is quite cost-effective. It eliminates the site survey cost by using an AutoCAD to design wireless. The design configuration is uploaded onto switches and AP radios, saving 90 percent of the cost of individual radio configuration. Each AP is dual-homed to two switches providing redundant data signal and power. If an AP fails, a new AP can be plugged in, powered and uploaded with the original configuration. Snyder estimates that Trapeze Ringmaster allowed San Antonio Community Hospital to design, deploy and support 802.11a, b and g wireless for half the cost of its first-generation solution.
While cost-effectiveness is important, security is an overriding concern with wireless. Snyder admits, "Everyone's big fear is that the wireless network will not be secure, but security is the least of my worries. Our security engineer says our wireless network is now more secure than our wired network." That confidence stems from dynamic WEP, which is enabled by second-generation radios equipped with more horsepower than first generation radios. WEP also allows rolling keys; the IT department changes them every few minutes to foil hackers. Snyder believes the hospital has found a security solution for the future as the second-generation radios will be able to handle new security options such as WPA (Wi-Fi Protected Access) and 802.11i. Ultimately, security is a financial issue as well. If the APs on the network do not have the processing power to handle anything beyond static WEP, they will need to be replaced with more powerful radio that can support advanced security.
Improving Patient Care
The ultimate test of wireless in healthcare is not whether or not an IT department can install, deploy and maintain a secure wireless network, but whether or not wireless improves patient care and efficiency. Anecdotal observations at San Antonio Community Hospital indicate that the second-generation WLAN is improving patient care and efficiency on a number of fronts. Steven Ernst, MD, emergency department medical director, explains, "We're using a wireless system for documentation and tracking patient care in the ER. The wireless system gives everyone access to the patient records, treatments and results." Physicians no longer need to run back and forth to the nursing station between patients but rather order tests wirelessly from the patient's bedside before moving on to the next case. Ernst also can view the status of all patients in the ER, two geographically separate urgent care clinics and in the lobby from one wireless screen. He notes, "That's very handy for triaging patients."
The department relies on ibex Healthdata Systems data entry software to streamline patient care. The template system lists more than 100 patient complaints and provides both pre-formatted charts and space for free text. The ibex template reminds physicians to consider certain diagnoses, with evidence-based risk prompts adding another layer of security. Microsoft Ink allows physicians to handwrite notes on tablet PCs, which expedites note-taking by automatically transcribing handwritten notes into print. Voice dictation is converted into text using the Dragon voice recognition system. The hospital recently added wireless notebooks and tablet PCs to its wireless arsenal. ER staff use the new devices to document patient history and share lab results and PACS images with patients. The same mobile PCs are used in surgery and allow neurosurgeons to view CT images on the display system. The hospital ensured the success of high-speed image downloads by reserving the 802.11a standard for imaging data and using 802.11b and 802.11g for other wireless data.
San Antonio Community Hospital has not yet documented wireless time-savings; however, anecdotal evidence indicates that wireless has enhanced physician productivity in the ER by saving time and steps. The hospital also plans to analyze overall quality improvement by reviewing 72-hour patient returns.
(NEEDS) Enterprise-wide, secure wireless network
(PROJECTS) Wireless data entry and image review
(SOLUTIONS) Toshiba M200 Tablet PCs, Microsoft Ink, Dragon voice recognition, ibex data entry software, Trapeze WLAN Mobility System
(OBSTACLES) Selling computerized documentation to physicians, training users, initial rovers (desktop PCs on wheels) were inconvenient for physicians
(RESULTS) Immediate retrieval and access to patient charts, instant transcription
Designing for Success: Advice From the Trenches
Wireless networks can be tricky. A number of early adopters ran into security and coverage snags, leaving both IT and clinical staff with a bad taste in their mouths. But wireless can be implemented successfully with numerous benefits. Early adopters offer some words of wisdom:
COMPLETE A SITE SURVEY
Pre-planning saves time and money by locating access points as needed and eliminating dropped connections and signal loss. An alternate to the site survey is opting for a vendor that offers software simulation for wireless design. Make sure the network is in place well in advance of the first planned application. NorthEast Medical Center had its full coverage tested and in place 6 months before its first application. This provides key troubleshooting time for the network and a timeframe for staff education programs.
DO NOT OVERLOOK SECURITY
Keith Mattes, senior technology consultant with Summit Technologies (Middlebury, Vt.), says, "Part of a successful Wi-Fi implementation is security. Security should fit the wireless network and be compatible with existing infrastructure." Hospitals that plan and design for security can eliminate many headaches down the road.
HOW DO YOU MAKE WI-FI MORE SECURE?
Start by considering a virtual private network (VPN), even within your firewall. Then, be sure not to put any important server or client on a wireless LAN and turn on WEP security with 128-bit encryption. Also, insist from vendors on newer, robust security offerings such as TKIP (Temporal Key Integrity Protocol), AES (Advanced Encryption Standard) and EAP (Extensible Authentication Protocol). And consider using only static IP addresses for wireless clients. Do not use the "default" Extended Service Set Identifier (ESSID) and consider using MAC address access only. Consider WPA, which will become 802.11i, when it becomes available later this year. Paul Chang, MD, director of Division of Radiology Informatics at University of Pittsburgh School of Medicine, says WPA is a huge improvement over earlier security mechanisms and addresses authentication and encryption. On the downside, WPA does require sophisticated infrastructure - 3rd party authentication servers - which are not available in all hospitals. And like VPNs, the WPA encryption mechanism does take some bandwidth, so network performance will drop slightly.
REMEMBER SECURITY IS AN ONGOING PROCESS
The most secure sites are constantly evaluating new products and solutions to improve security. Some of the solutions that may hit the market in the next year include:
- Devices to automatically detect and deny access to unauthenticated wireless devices
- Handhelds embedded with biometrics scanning devices