Final Analysis
ceaukis28c
ConnieFarris_IT1401_IP4.docxMEDICAL FACILITY ANALYSIS 2
MEDICAL FACILITY ANALYSIS 13
Information Technology Architectures
Running head: MEDICAL FACILITY ANALYSIS 1
Table of Contents
Project Outline………………………………………………………………………...3
System Requirements …………………………………………………………………3
Architecture Selection………………………………………………………………….5
Resources and Timeline……………………………………………………………….7
Security…………………………………………………………………………………12
Final Analysis and Recommendations………………………………………………….15
References……………………………………………………………………………….17
Project Outline
Health care delivery systems are complex sociotechnical systems, characterized by dynamic interchanges with their environments (e.g., markets, payers, regulators, and consumers) and interactions among internal system components. These components include people, physical settings, technologies, care processes, and organization (e.g., rules, structure, information systems, communication, rewards, work flow, culture). ("Agency for Healthcare Research and Quality,", 2012) A local medical facility has requested an analysis to determine what will be required to update the current system and include video consults for the patients. This company has locations in 7 states of the southeastern part of the US. The process will be implemented at 21 locations. Over the next few weeks I will research the details which will include software, hardware, cost for equipment upgrades, and other extra cost that may be involved according to system requirements listed below. Network configuration will be discussed in the functions of the system. The need for the time frame for the project will also be considered. The main concern is to deliver a quality system. The final product will include a system where patients will be able to have face to face consultations with the doctor or PA through video capability.
System Requirements
. The first step is that the operating systems be updated with Microsoft 64 or 32-bit Windows 10 Pro, Windows 8 Pro, or Windows 7 Professional for best performance. Systems utilizing the architecture will have processors that are Intel Core i5-3470 3.2GHz LGA 1155 77W Quad-Core Desktop Processor equivalent or higher. The architecture requires 6 GB DDR3 RAM for memory and 250 GB of free space or higher for the hard drive. Uninterruptible Power Supply (UPS) is required for the client’s Information Technology (IT) professional to install. The HP LaserJet 3000 or 4000 Series printers are recommended. Broadband internet connections (specifically Cable) are recommended. For the 21 locations Logitech Meetup 4K HD Video Conference Camera with Integrated Audio will be purchased and installed. ("Hardware Specifications - American Medical Software", 2018)
The Functions of the System
The functions of this system will be to perform the basic functions of any medical offices. The system will be able to book appointments, retain patient records, update system to reflect appointments, billing, transfer information from one location to another location across the country and should be able to handle the load for all the facilities across the country. The main addition to the system will be to allow video transmission for consultations between doctor and patient.
This system will use a client-server, using a 100 Mbps Network Interface Card able to support full-duplex operation. All workstations absolutely need Full Control NTFS permissions and Full Control share permissions to the AMS data folder. Administrators should only user routers that have WPA2 encryption capabilities. WPA2 has the necessary security to ensure PHI will not be compromised (i.e. 256-bit AES encryption, SHA-1 hashing, password/key authentication). We will be using Windows 7 32-bit Client Engine Server. Telemedicine software is needed for this project also, the technical infrastructure consists of access to broadband internet, imaging technology or peripherals since these devices are the backbone of telehealth, access to technical support staff for any questions and staff training to teach staff how to use telehealth technology.
This will target two classes of users: approved users and public users. The element management and conservation subsystems are just public to the approved users. Approved clients are assigned to System directors or supervisors. The main concern right now is the cost of the new hardware and the time required to get all locations up and running in a reasonable amount of time and keep with the original requirements for this project. With a budget of $125.000 and a time frame of two weeks for implemation. If everything goes as planned the new infrastructure will be able to perform as planned.
Architecture Selection
For this area the architectures, I am comparing are Client/Server Architectural, Service-Oriented Architectural Style, and N-Tier / 3-Tier Architectural. Starting with client-server, the most common distributed system architecture. It can be classified into a thin client or thick client. The main advantages are the simplicity of the design and use of resources very effective with a high-performance server. (" Distributed Architecture", 2017) Example
Service-Oriented Architecture is well-defined and self-contained, independent and is a client-server design. It provides, reusability, interoperability, composability is a distributed deployment. This is an example of SOA (" Distributed Architecture", 2017)
N-Tier / 3-Tier Architectural
This architectural deployment style describes the separation of functionality into segments in much the same way as the layered style, but with each segment being a tier that can be located on a physically separate computer. This architecture provides Maintainability scalability, flexibility and availability ("Architectural Patterns and Styles", 2016)
Client-Server
My choice out of the above will be the client-server because this server is formed to make the best of your employees’ productivity using enhanced security, reliability, and accessibility features. The server is always-on, always available, files and applications are available at any time. Client-server network also acts like a centralized hub that stores and shares files. This architecture can be configured to automatically backup files and restore data on the back up images in case of hard drive crashes. Detecting and correcting memory errors can protect critical date automatically. Client-Server architecture will also work well with the telehealth software provided by Virtumedix. This software will be one of the vital parts of this project since it is one of the main elements to support video consultations by providing transrating, a function available on the video conferencing bridge that permits conferences among site and locations with different bandwidths. ("The Security Rule", 2017)
Resources and Timeline
Resources required
Software requirement for implementation of client-server architecture include .Net Framework, windows PowerShell, internet explorer software, and windows 2012 R2 server software. Other software required are windows seven, SQL server, SharePoint server, and print server (Stanek, 2013) The Virtumedix software will be incorporated after the all major software is installed since it depends on the other software to perform the critical functions it was designed to perform.
Before implementing client-server architecture, it is very important to consider hardware requirements. The table below lists hardware requirement for deployment of client-server architecture
Table 1: Hardware requirement
|
Component |
Minimum |
Recommended |
|
Processor |
2.5GHz |
Dual core processor each 3GHz |
|
RAM |
1 GB |
4 GB |
|
Hard-disk |
NTFS file-system with 32GB free space |
NTFD file-system with 40 GB free space |
|
Drive |
DVD-ROM drive |
DVD-ROM drive |
|
Display |
1024 by 768 super VGA |
1024 by 768 or a higher resolution XGA monitor |
|
Network |
56 Kbps connection between server and client computers |
100Kpbs or a faster connection between server and client computers |
Table 2: Software requirements
|
Component |
Recommendation |
|
Operating system |
Windows 7 32 bit |
|
Web browser |
Chrome, internet explorer |
|
Document management |
Microsoft Office 2007 or 2013, Adobe reader, and open office |
To deploy client server architecture, the project manager needs to organize his deployment team and assign a specific role to every team member. Table three below lists deployment team for client-server architecture with their respective responsibilities.
Table 3: Personnel requirements
|
Team |
Roles |
|
Project sponsor |
This is the person who fund the whole project |
|
Information security analyst |
This is the person who develops standards for extranet, internet, domain security |
|
Infrastructure designer |
This person addresses the domain model. Local Area network issues, global file access, remote access, Domain Name system |
|
Network administrators |
Develops directory-enable networking solutions for the organization. Additionally, makes sure that all the cabling is well done |
|
System administrator |
Tests and resolves software related issues, upgrade and migration issue |
|
Steering lead member |
This a strategic member from the organization. They also perform all other teams to perform overall communication and coordination. The person also supports and training issues (Minasi, 2014). |
Other requirements and their roles include
|
Server |
Role |
Edition |
|
Server 1 |
Printing and file sharing |
Data center edition |
|
Server 2 |
Application services |
Standard edition |
|
Server 3 |
Back-up |
Data center edition. |
Cost
To go by the budget for this health care facility, I would recommend standard server and data center edition. This is featured by two virtual OSE. The licensing model is processor+. The server pricing for this edition goes for $890. Data center edition goes for $1000. Hardware requirement as listed above will account up to $1000 while software requirement will go up to $500. High cost will be experienced in the personnel needed for the implementation will likely increase to $2000. The $900 a year for the telehealth software will also be allotted in the cost. This will keep us well within the $125,000 for the budget listed in the contract.
Project Timeline
Project timeline communicates the important milestones for a certain project. For this project, the important milestones are installation of client computers with windows seven, server 2012 R2 installation and installation of all health care application services. I believe with this time schedule we are sure to meet the requested two-week time frame stated as the major agreement.
Major project deliverable
The primary goals for this project is to deliver a system that captures organization goals. Deploying client/server architecture can be an overwhelming task. The primary deliverable for this project is to deliver a quality client-server system. The client system must support some services are billing transfer of information from one location to another, allow video transmission, and be able to book appointments. Additionally, all the workstations must be connected to the central computer.
Duration to complete each task
The table shows project plan for full implementation of client-server architecture
|
Task name |
Duration |
|
Initial Planning |
Three days |
|
Windows 7 deployment to desktops |
Five days |
|
Windows server Installation |
Two days |
|
Install windows server updates |
One day |
|
Install virtual server |
Two days |
|
Install windows 7 updates |
One day |
|
Install Virtumedix. |
One day |
|
Customize client computers |
One day |
|
Create application packages |
Two days |
|
Test windows 7 deployment |
One day |
|
Test Virtumedix |
One day |
|
Configuration of client computers with server |
Two days |
|
Documentation |
One day |
|
Testing of whole client/server system |
Two days |
|
Finalize and deliver documentation |
Two days |
|
|
Gantt Chart |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Duration in Days |
|||||||||||||||||||
|
Initial Planning |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Windows 7 deployment to desktops |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Windows server Installation |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Install windows server updates |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Install virtual server |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Install windows 7 updates |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Install Virtumedix. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Customize client computers |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Create application packages |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Test windows 7 deployment |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Test Virtumedix |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Configuration of client computers with server |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Documentation |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Testing of whole client/server system |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Finalize and deliver documentation |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Chart to display timelines
The following diagram is Gantt chart for the health project
Security
IT Security risks/threats
Distributed systems are more vulnerable than before to external risks and threats which include phishing attacks, threats, and viruses. The table below shows some of the common security threats and security risks that may be faced by a distributed system.
Common security risks and threats
|
Security Risk/Threats |
Description |
|
Spam |
A security threat which is widely known as email spam in one email inbox. This type of threat contains links to other sites which are malicious. |
|
Phishing |
This is a type of threat where cybercriminals try to obtain private information. Attackers design messages that appear to be designed from legitimate sources which |
|
Rootkit |
Type of security risk that is used to obtain administrator-level access to an organization network or organization computers. |
|
Trojan horse |
A type of virus that disguises itself like legitimate software thus able to gain access to distributed systems. |
|
Computer worm |
This is a type of security threat that copies itself from one computer to another without any human intervention. |
|
Rogue software |
This is a security threat that pop-up which advertises for a security update. It appears like a security update it is designed to lure people into downloading and clicking malicious software |
This security threats enables a hacker to spy on organizations, steal organization sensitive data, and gain control of the organization system. Other actions performed by these security threats include deleting organization data, modifying data, copying data, Denial of Service disrupting the performance of the system and network the table below analyzes the four security risks.
|
Security risk |
Likelihood |
Impact |
|
Spam |
Low |
Slows down organization systems as it takes hard disk space |
|
Phishing |
High |
Theft of confidential identity that results in financial losses. |
|
Rootkit |
Medium |
The security risks conceal activities of the organization system |
|
Trojan horse |
High |
Steal organization data |
Risk identification ought to be an ongoing process within an organization. For this reason, organizations should know the order in which security risks are addressed. They should also prepare an action plan. The following table shows the order in which security risks identified in table one is addressed. High risks are on top of the lists while the low risks are below the table:
|
Order |
Security risks |
Security risk level |
Detail |
|
1 |
Phishing |
High |
Theft of confidential identity. It results to financial losses. |
|
2 |
Trojan Horse |
High |
Trojan horse creates backdoor on user’s computers. They steal user computer data |
|
3 |
Computer Worm |
High |
Worms replicate themselves in the computer hard-disk occupying available space |
|
4 |
Rootkit |
Medium |
This security risk runs on the target system without restrictions. They can hide themselves behind antivirus. |
|
5 |
Spam |
Low |
Take-up server’s storage space |
|
6 |
Rogue software |
Low |
This security risks disrupts the normal running of a computer |
An action plan outlines organizational strategies to prevent or minimize security risks. Some organization refers to it as a roadmap for risk reduction. The following is a risk plan.
|
Security risk |
Proposed action |
Responsible person |
|
Phishing |
Educating computer users on social engineering and evil twin Wi-Fi attack |
Chief Information Officer |
|
Trojan Horse |
Using firewall. Educating computers on executing malicious programs Scanning system computer drives Installing computer anti-virus |
Network administrator |
|
Computer worm |
Installing firewall Installing anti-virus |
Network administrator |
|
Rootkit |
Installing intrusion detection system |
|
|
Spam |
Educating computer users |
Chief Information Officer |
|
Rogue software |
Installing security shield Installing detection systems Installing prevention systems (Ramachandran, 2002) |
System administrator |
We will assure all The HIPAA Security Rules meet national standards that will protect individuals’ electronic personal health information created, received and used by a covered entity. The Security Rule requires proper administrative, physical and technical safeguards to guarantee the confidentiality, integrity, and security of electronic protected health information. ("The Security Rule", 2017)
References
Agency for Healthcare Research and Quality, (2012). Ahrq.Gov, System Design: AHRQ Resources. Retrieved from System Design: AHRQ Resources. Content last reviewed January 2015. Agency for Healthcare Research and Quality, Rockville, MD.
Architectural Patterns and Styles. (2016). msdn.microsoft.com. Retrieved 23 February 2018, from https://https://msdn.microsoft.com/en-us/library/ee658117.aspx#ClientServerStyle Architectural Patterns and Styles
client/server (client/server model, client/server architecture). (2008). techtarget.com. Retrieved 12 February 2018, from http://searchnetworking.techtarget.com/definition/client-server
Distributed Architecture. (2017). tutorialspoint.com. Retrieved 15 February 2018, from http://www.tutorialspoint.com/software_architecture_design/distributed_architecture.htm
Hardware Specifications - American Medical Software. (2018). American Medical Software. Retrieved 20 February 2018, from http://americanmedical.com/hardware-specifications
McDunnigan, M. Advantages & Disadvantages of Distributed Systems. techwalla. Retrieved 3 February 2018, from https://www.techwalla.com/articles/advantages-disadvantages-of-distributed-systems
Minasi, M. (2014). Mastering Windows Server 2012 R2. Indianapolis: Sybex.
Stanek, W. R. (2013). Microsoft Windows server 2012 inside out. Redmond, Wash: Microsoft Press.
The Security Rule. (2017). HHS.Gov. Retrieved 6 March 2018, from https://www.hhs.gov/hipaa/for-professionals/security/index.html.
What are the technical infrastructure requirements of telehealth. (2014). healthit.gov. Retrieved 22 February 2018, from http://www.healthit.gov/providers-professionals/faqs/what-are-technical-infrastructure-requirements-telehealth
