An intranet is a small version of the Internet inside an office. An intranet offers the connectivity of several private computers within a wide or on the same geographical area. The geographical position determines the type of Network scope to be laid down.
A Private Metropolitan Area Network (MAN) will serve well to those computers on the same geographical position while a Wide Area Network (WAN) will serve intranets across a larger geographical area.
The main purpose of an intranet is to facilitate working in groups but most important to enhance sharing of information and computing resources among employees. It uses Internet protocols that make it look like a private version of the Internet. It allows for special encryption/decryption mechanisms where private messages can be send though public network by use of security safeguards to connect one part of the intranet to another. This kind of connection is referred to as tunneling (Janczewski, 2000).
We recognize that good health does not just happen. Rather, it is a habit of smart choices and sound clinical care. It has been well established that good care is vital and can only be possible in presence of proper compliance with the health care technology. A company’s technology plan is absolutely essential for analysis, growth and development. (Mosenkis, 2005). Intranet should not have impotent powerful unused tools. It should be easy to implement, simple to use, cost-effective to maintain, and offer each individual user the power to post, access and use content in a way that serves their specific needs that is one that assures broad-based participation. In short, the intranet must have value to everyone. The interface and navigation ought to be consistent with their use and environment they control. Any new technology should encourage and interest every one in the system to using it. It must be user-friendly where employees use, trust, rely on, and revisit.
High appreciation of the intranet allows organizations to create management information system that supports their operational, tactical and strategic decision-making. (HKUST Cyberspace Center, 1997). One is that it allows more storage and quicker access to information; secondly it enables users to understand technology especially at their level of application. Thirdly it permits distributed analysis, which enhances management of business needs and available opportunities. Intranet brings about interconnected strategic frameworks for managers to synthesize any available diverse opportunities. Lastly it facilitates excellent speaking, writing and leadership skills by enhancing and generating credibility among participants at all levels
Building a secure and effective Intranet
In reference to Rick Mosenkis of web-based solutions in 2005, Intranet Implementation and networking needs assessment. First one needs to assess the user population, which include doctors, administrators, clerical staffs and support personnel. Secondly is building Statistics, Thirdly is the number of resources available. Last but not list is assessing the long inventory of the required components mainly computers, printers, servers, and most important is connectors.
At the moment the organization has a dial up modem to establish the connection, incase of inefficiency with this dial up modem depending on the speed needed, the organization can opt for ISDN lines that transfer information at hire speed than modems. The rate of data transfer on an ISDN line is the same to that of receiving but the speed is usually faster than that of a modem.
Asymmetric digital subscribers line (ADSL) is another service that can transfer information at a much faster rate. It is a high – speed connection to the Internet that uses regular telephone lines, which allow one to receive message at a higher speed. Satellites are good choice for big companies with need of high connectivity and can be considered in future development of the organization
(HKUST Cyberspace Center, 1997)
Secure and effective intranets
The security of information is a very important aspect of protecting corporate, employee, and customer confidential information, integrity of controls and financial reporting applications. A secure intranet infrastructure supports: Secure business connectivity, user verification and strong password enhancement. (Janczewski, 2000)
Security can be archived though use of smart cards to supports strong authentication, an internal Public Key Infrastructure, automated and manual tracking, monitoring and response to active threats to the network and lastly though customized programs or special software such as firewalls that inform network clients about security threats, risks, policies, and even good practices.
To enhance secure and effective intranets Firewall programs will be used, this protects a private network from unauthorized access between networks by monitoring both inbound traffic (entering the network) and outbound traffic (leaving the network). They can be configured to prevent other intranets within the organization for example; marketing department does not access physician’s information. Typically, larger enterprises allow users within their intranet to access the public Internet through firewall servers that have the ability to screen messages in both directions so that company security is maintained. According to Mosenkis (2005), when part of an intranet is made accessible to customers, partners, suppliers, or others outside the company, that part becomes part of an extranet.
Legal and Regulatory compliance
The Healthcare Insurance Portability and Accountability Act of 1996 requires that security standards are adopted to control who can access health information so as to provide audit trails for computerized record systems and to meet the needs and capabilities of small and rural healthcare providers. Health information will be physically, electronically, and administratively safeguarded to ensure the confidentiality of data. Security policy on the intranet pertaining what the different personnel should view will be applied by ensuring doctors have administrative rights while the support staff only have access to patient information that pertain their operation and guidelines incases of emergencies. In line with Anton(n.d.) the
Legal and regulatory compliance initiatives covers: Security, Privacy, Data protection and Accountability, Backup and record retention procedures.
Privacy and Patient Information
Privacy is defined as the rights and responsibilities of an individual or organization with respect to the collection, use, retention, and disclosure of personal data. The organization collects sensitive personal data that is private and policies ought to define and govern how it must be handled and protected. Individuals should be empowered to control the collection, use, and distribution of their personal information.
According to Anton (n.d.), the least visible but most valuable asset in any organization is working knowledge which encompasses stored information that is communicated in the form of processes, standard operating procedures, corporate policies and other structured documents.
In most especially health organizations, critical operating knowledge is locked up in the heads of a few subject matter experts like physicians. This becomes a problem especially in their absence. The best way to safeguard crucial knowledge is to effectively capture it and distribute it over the organization’s Intranet. This information can be protected by provision of access from the administrative point of control so only authorized access is permitted. As said by Anton, (n.d.), data protection policies should apply to everyone who has access to the organizations’ information regardless of its location, the form it takes, the technology used to handle it, or the purpose it serves. The organization ought to identify and classify important or critical data. LAN will improve the efficiency of the doctors and improve on the integrity of information and date of use. These will also reduce on redundancy of information within this intranet. Use of security policy on the intranet pertaining what the different personnel should view will be applied by use of network policies. For example doctors should have administrative rights while the support staff should only have access to patient information that pertain their operation and guidelines for emergencies.
Business continuity/ Disaster recovery
For continuity, there has to exist a backup process for line-of-business (LOB) applications just in case a disaster occurs. Record Retention programs retain relevant information for a specified period. Backing up of the data will be facilitated from the central server of each system on each of the LAN and be stored on a tape drive. This will be done at the end of a certain period and information stored on the tape kept in safes for recovery incase of any disaster.
For continuity of the operation of the organization the implementation of the new system will be carried out in parallel so that the policies and regulation followed are compared with those that will be facilitated by the new system. The older system should be dropped once the new system proves to be reliable.
. Security is the key to continuity. User accounts provide access to, and security for, corporate resources. System accounts are accounts used to perform services, such as for SQL Server, information exchange, backups, or scheduled scripts in a similar way as user accounts for security purposes. (Janczewski, 2000).
Anton, K., (n.d.) Effective Intranet: Intranet journal from Comprose Inc Retrieved July 5, 2008, from: http://www.intranetjournal.com/features/critknow-1.shtml
HKUST Cyberspace Center, (1997) Intranet Planning and Implementation
Retrieved July 5, 2008, from: http://www.cyber.ust.hk/handbook3/04_hb3.html
Janczewski, L. (2000). Internet and Intranet Security Management: Risks and Solutions. Idea Group Inc (IGI). Pp 38
Mosenkis, R. (2005 December 14). Intranet Implementation. Retrieved July 5, 2008, from: http://ezinearticles.com/?Intranet-Implementation:-The-Advantages-of-a-Web-based-Solution&id=113114