The world is gradually becoming a knowledge society. It is critically important for all the organizations, whether commercial organizations or social welfare institutes, or whatsoever, to leverage upon the technology in order to be efficient in its operations and gain competitive edge over its competitors. This may be one of the reasons to call the technology as one of the most significant drivers of change in the new millennium. The need to be efficient has been there ever since the science of management exists. However, technology has changed the benchmarks of efficiency. In every industry, technology has elevated the benchmark for operational excellence to an extent where no one can reach without leveraging upon technology. The healthcare setting is no exception. The importance of the use of information technology in the healthcare setup is also growing at rapid pace due to the fact that the compromise in the healthcare setup might mean the death of an individual. This paper will present one of the aspects of technology (networking) and its implementation in a hospital.
AIMS AND OBJECTIVES
As indicated in the given scenario, the management of the hospital has set following goals for the purpose of implementation of technology in the organization.
First of all, the organization wants the efficiency in the office administration. This means that the organization wants its office operations to be most productive and fruitful.
Secondly, the organization wants its systems to be compliant to various laws and regulations
Last but not the least; the organization wants its system to be disaster resistant in a sense that in case of any disaster, there should not only be a disaster recovery plan, but also the business continuity plan.
Before moving to the proposed solution, it is important to scan the internal and external environment of the organization so that the resulting system is capable of solving the challenges the organization currently face, grabbing the opportunities it may encounter and meet the constraints binding the organization.
Currently, there are three doctors’ offices in the organization spread across the rural areas of the county of Oklahoma. In total, there are 15 physicians and 100 support staff. The practice serves around 2000 customers. At the moment, each office has three computers. Two of them are used by the doctors while the third one is used for the administrative tasks. So far, there is no interconnectivity of these computers. Medical records are maintained in paper files, manually. However, the internet is provided to them through dial up.
BRIEF OVERVIEW OF THE PROPOSED SOLUTIONS
Given the situation mentioned above, the most viable solution is to create an intranet to connect all the three offices. Briefly stating, the network would be a combination of internet and intranet. Since the distance between the offices is too much to setup a virtual private network, what can be done is to connect the branches through internet and the PCs in each of the office through intranet. Although, using the internet may result in a number of security issues, however, those can be resolved. In doing so, one of the three PCs in each office would be the server connected to the internet. Rest of the two computers would be connected to that server. This way, all three servers would be connected to the internet. However, there would be a PC dedicated as data server (any PC other than branch server), where all the data would be stored. This way, even if some unauthorized person tries to access the branch server, the data server is different, so using honey pots, anti viruses, intrusion prevention services and intrusion detection services etc. Thus, the data would be in demilitarized zone.
Once the branches are connected, the expertise of doctors as well as other important data as well as knowledge may be transferred, stored and shared electronically.
KEY FEATURES OF THE PROPOSED SOLUTION
Following are the key features of the proposed solution:
Building a secure and effective Intranet
The purpose of building this network is to ensure efficiency and effectiveness in the operations of the organization. Many of the tasks are to be done at a central location and since medical records are paper based, so a delay in their arrival may delay many financial and other tasks.
Moreover, the knowledge of the doctors is the key intellectual asset to the organization, which it leverages to generate the revenue. If all the doctors in each branch are connected to each other, their knowledge and expertise can be shared, thus the expertise can be pooled up virtually, despite the fact that the intellectual assets are widespread.
The network would be highly secure using latest SSL encryption techniques. Moreover, all the crucial data would be kept in the demilitarized zone, so any unauthorized access would not succeed in getting to the crucial data. Above all, anti intrusion systems like IPS, IDS, antivirus etc. will be installed and deployed.
Legal and regulatory compliance and Privacy of patient information
The data about the patients is very critical and it needs to be protected from unauthorized access. Using the abovementioned systems and technologies, it would be ensured that no data is proliferated. Other legal requirements related to data security and safety precautions in data transfer would also be ensured.
There are two important aspects of data storage. It includes the medium in which data would be stored and how it would be backed up. The data would be stored on hard disks, however, the incremental backup on optical disks would be taken, besides sending it to the central location (central data server) using highly encrypted path. The backup would be placed at the respective branch, central location as well as a separate off site location.
Business continuity / Disaster recovery
In order to ensure the business continuity in case of some disaster, two plans would be developed: the business continuity plan and the disaster recovery plan. The business continuity plan would demonstrate that in case of any disaster, how the business operations will remain continued. This would be done through training the staff for increasing their awareness with these plans telling what to do in case of a disaster. The staff can be trained through drills. Alternative sites as well as alternative plans for keeping the business continue and recovering the lost data would be identified beforehand.
The proposed solution would ensure the increase in effectiveness and efficiency in the organization. Moreover, if this plan is implemented, the organization would be able to leverage upon technology, not only in its normal business operations, but also in case of some disaster.
Kurose, J., & Ross, K. (2007). Computer Networking: A Top-Down Approach (4th Edition). Toronto: Addison Wesley.
Tomsho, G. (2006). Guide to Networking Essentials. Cambridge: Course Technology.