ORLANDO—Despite the regulatory and technical challenges, hospitals should install and maintain a wireless network for their patients and staff, according to an e-session presentation by Kevin McKeand of Wayport Healthcare and Hospitality in Austin, Texas, at the 2008 HIMSS conference.
McKeand, vice president and general manager at Wayport, questions whether a facility is ready to offer fast, reliable access to the internet and email, enhanced security and an easy connection process through a wireless network. Hospitals or medical practices need the proper tools and software to integrate new and existing application over a wireless environment, and the proper network for HIPAA compliance.
Wireless networks hold the promise to transform the healthcare industry from shared service applications, such as electronic medical records (EMR), PACS, and computerized provider order entries (CPOE), to applications that provide for greater patient-focused care, such as voice over internet protocol networks, radio-frequency identifications (RFID), bedside charting and mobile patient monitoring, according to McKeand.
He said that hospital environments need to recognize that the average patient is accustomed to using wireless networks to communicate and search for information in every environment. As a result, McKeand said that innovative hospitals are beginning to offer guest wi-fi services to differentiate themselves from their competitors and improve their brand image.
Properly managing all the wireless services requires a clear dividing line between public applications, such as guest wi-fi, and private applications, such as EMRs. McKeand said that most hospital IT staff have expertise in managing the private applications, and less experience in RF engineering, network equipment configuration management and monitoring and maintenance of wireless networks.
Network compliancy is one of the challenges that face hospitals, which wish to transition to a wireless environments. In addition to HIPAA compliancy, a hospital providing guest wi-fi also must be compliant with the Digital Millennium Copyright Act, or DMCA, and the Communications Assistance for Law Enforcement Act, or CALEA. If a hospital fails to adhere to these regulatory standards, the hospital runs the risk of certain liabilities.
The DMCA of 1998 was created as a “safe-harbor” limitation of liability for internet service providers (ISPs). The ISPs are required to:
- Offer a public process to comply with “take down” notifications;
- Promptly comply with “take down” notifications of copyright infringement; and
- Block access to, or remove infringing material promptly.
CALEA compliance allows communications to be “tapped and traced” in response to subpoenas. “Tap and trace” provides real-time data within eight seconds of verification of the subpoena, and the facility must provide a feed to law enforcement with real-time data of only the person/computer-specified in the subpoena.
Both of these laws require processes, procedures and technical measures to ensure that the ISP is able to comply, but compliance can sometimes cost hundreds of thousands of dollars.
The technical challenges are oftentimes most obvious to the guest users, who connect to the network, and the hospital also will want to make sure the users are protected from any viruses if using a guest laptop, according to McKeand.
The best practices for installing a wireless network and ensuring security quality of service (QoS) require network element configuration, monitoring and managing throughout the infrastructure. To protect the network, each wireless access point should be configured with SSIDs, QoS and security parameters, and advanced monitoring system software should be installed, along with various alarming systems.
The key elements of high performance of a successfully deployed wireless network: QoS management; bandwidth shaping and management; packet/application prioritization; and proper RF coverage, he said.
McKeand added the hospital must utilize a vendor, who can “merge the art and science of creating a wireless network through thoughtful design, planning and RF surveying.” Guest wi-fi should be included in the network requirements, so the vendor can properly architect the network for capacity and security purposes.
He said that the focus of the hospital IT staff should be on administration on clinical application support, and not on guest wi-fi users. However, he added that guest