Presentation by Ofer Shimrat Preparing to Practice Computers & IT November 22, 2008
Mar 28, 2015
Presentation by Ofer Shimrat
Preparing to Practice
Computers & IT
November 22, 2008
HIPAA Compliance
Introduction
Medical Applications
Network Topology
Wired or Wireless
Desktop H/S
Server H/S
Network H/S
Security H/S
Backup & DR
Insurance
Conclusion
Productivity
2
Introduction
Health Insurance Portability & Accountability ActMedical Applications determine your needsNetwork Architecture & Types of NetworksWired Network or Wireless NetworkDesktop Hardware & Software RecommendationsServer Hardware & Software RecommendationsNetwork Hardware & Software RecommendationsNetwork and Computer SecurityBackup Strategies and Disaster RecoveryInsurance to protect your computer assetsProductivity and Feature-Rich EnhancementsComputer Best Practices and Conclusion
HIPAA Compliance
Introduction
Medical Applications
Network Topology
Wired or Wireless
Desktop H/S
Server H/S
Network H/S
Security H/S
Backup & DR
Insurance
Conclusion
Productivity
3
HIPAA Compliance
Health Insurance Portability and Accountability ActEnacted August 21, 1996Applies to Health Plans, Providers & ClearinghousesProtects all “individually identifiable health information”Mandates patient record privacy in any transaction– Electronic– Paper– Oral
Requires written security standards & proceduresStaff must understand security logic“Minimum necessary” use & disclosureAppointment of a security managerInventory and catalog all “exposed” IT componentsSanctions for security policy violationsOnly as effective as your weakest link
HIPAA Compliance
Introduction
Medical Applications
Network Topology
Wired or Wireless
Desktop H/S
Server H/S
Network H/S
Security H/S
Backup & DR
Insurance
Conclusion
Productivity
4
Software determines hardware - IntegrationSmall or Solo PracticeMedium Size PracticeLarge PracticeElectronic Health Record (EHR) or EMR systemMedical management systemsMedical equipment applicationsMedical imaging applicationsAppointment Scheduling systemsElectronic patient charts & scanningBilling applicationsOffice productivity applicationsWireless hardware applications
Medical Software Applications
HIPAA Compliance
Introduction
Medical Applications
Network Topology
Wired or Wireless
Desktop H/S
Server H/S
Network H/S
Security H/S
Backup & DR
Insurance
Conclusion
Productivity
5
Network Topology
Less expensiveNot scalableSlowerNo central controlMore maintenanceFragmented Backup
More expensiveScalableFasterCentral managementLess maintenanceCentralized Backup
Peer-To-Peer Network Client/Server Network
HIPAA Compliance
Introduction
Medical Applications
Network Topology
Wired or Wireless
Desktop H/S
Server H/S
Network H/S
Security H/S
Backup & DR
Insurance
Conclusion
Productivity
6
Wired or Wireless
Wired– Faster (10/100/1000/10000 Mbps)– More secure– Always on and connected but more preparation– Professionally installed same time as Telco wiring– Use CAT 5e, CAT 6 or CAT 7 Ethernet cabling– Concentrate to patch panel and label clearly– Wire enough drops for the future office needs– Diagram & document your office wiring
Wireless– Slower (11/22/54/108/125/240 Mbps)– Less secure– May have blind spots but more convenient– Wi-Fi 802.11 a / b / g / n / i standard– Bluetooth standard– Use encryption with password protection
HIPAA Compliance
Introduction
Medical Applications
Network Topology
Wired or Wireless
Desktop H/S
Server H/S
Network H/S
Security H/S
Backup & DR
Insurance
Conclusion
Productivity
7
Desktop Hardware & Software
YES NO
MS Windows XP Professional SP3 MS Windows XP Home Edition
MS Windows Tablet PC Edition SP3 MS Windows XP Media Center Edition
MS Windows Vista Business or Ultimate SP1 MS Windows Vista Home (any)
MS Office 2003 SP3 or MS Office 2007 SP1 Open Source, Star Office, Corel
Commercial software with tech support Unsupported shareware without help
Intel Core 2 Duo or Core 2 Quad processor Intel P4 or slower AMD processors
2,048 MB (=2 GB) of RAM or more 512 MB of RAM or less
SATA II hard drive >= 80 GB PATA or EIDE hard drive of any size
TFT flat screen >= 19 inch diagonal CRT monitor of any size
USB 2.0, 3.0 or Firewire 400/800 ports USB 1.1 ports or No USB ports
Power Supply >= 410 watts V 2.2 Power Supply < 250 watts
DVD-RW dual layer and CD-RW CD ROM
3 or more expansion slots 1 or no expansion slots
Extended parts/labor warranty No warranty or closeout sale
HIPAA Compliance
Introduction
Medical Applications
Network Topology
Wired or Wireless
Desktop H/S
Server H/S
Network H/S
Security H/S
Backup & DR
Insurance
Conclusion
Productivity
8
Server Hardware & Software
The heart of your network & greatest IT assetProfessionally installed/configured/maintained64 bit server grade hardware componentsServer grade chassis & expansion slotsRedundant power supplies and cooling fansRedundant Array of Independent Disks (RAID)Extended warranty & replacement serviceMS Windows 2003/2008 Server (various editions)
MS Exchange 2003/2007 (various editions)
MS Small Business Server 2003/2008 (2 editions)
MS Essential Business Server 2008 (2 editions)
Intranet, Internet & ExtranetRemote login, security groups & privileges
HIPAA Compliance
Introduction
Medical Applications
Network Topology
Wired or Wireless
Desktop H/S
Server H/S
Network H/S
Security H/S
Backup & DR
Insurance
Conclusion
Productivity
9
Network Hardware & Software
YES NO
Smart or Managed Switch Hub
Separate Wired/Wireless devices All-In-One Wired/Wireless device
UPS Battery Backup with USB connection Surge Protector or plain power strip
Laser printer with network connectivity Inkjet printer with local connectivity
Cable modem, DSL modem, T1 Dial Up account or ISDN
Document Scanner/Fax with ADF tray Portable single sheet scanner
Network based fax for all users Single line modem for one user
Hardware Firewall or UTM appliance Software Firewall or No Firewall
128 bit wireless encryption with passkey No wireless encryption and no passkey
Change default passwords & document Leave default passwords or no document
Fill out warranty registration & send Throw away warranty cards or ignore
Professionally installed cabling with jacks Cables on floor or hanging from ceiling
Air conditioned facilities & air flow Heaters next to computer equipment
HIPAA Compliance
Introduction
Medical Applications
Network Topology
Wired or Wireless
Desktop H/S
Server H/S
Network H/S
Security H/S
Backup & DR
Insurance
Conclusion
Productivity
10
Security Hardware & Software
Firewall or Unified Threat Management (UTM)Anti-Virus software or hardware equivalentAnti-Spam software or hardware equivalentAnti-Spyware software or hardware equivalentAuthenticated user security & passwordsEncryption software or hardware equivalent
INTERNET
Anti-Virus
Anti-Spam
Anti-Spyware
SERVER
Firewallor
UTM
HIPAA Compliance
Introduction
Medical Applications
Network Topology
Wired or Wireless
Desktop H/S
Server H/S
Network H/S
Security H/S
Backup & DR
Insurance
Conclusion
Productivity
11
Backup & Disaster Recovery
Data as your most important assetNightly Backups with verify logsFull, Differential, Incremental backupsRotation of backup devicesOn-line, On-Site and Off-Site rotationRecommend external USB/eSATA drivesBackup or Image Backup SoftwareVolume Shadow CopyOperational Backups & RestoresDisaster RecoveryBackup, Backup, Backup
HIPAA Compliance
Introduction
Medical Applications
Network Topology
Wired or Wireless
Desktop H/S
Server H/S
Network H/S
Security H/S
Backup & DR
Insurance
Conclusion
Productivity
12
Insurance
Inventory & catalog all IT components (HIPAA)
Send copy to Insurance Agent/Head OfficeInland Marine CoverageFlood InsuranceFiled class and Non-filed class coverageBusiness Interruption CoverageSprinkler Systems & Smoke AlarmsTheft versus BurglaryUser alarm codes and monitoringUmbrella Policies
HIPAA Compliance
Introduction
Medical Applications
Network Topology
Wired or Wireless
Desktop H/S
Server H/S
Network H/S
Security H/S
Backup & DR
Insurance
Conclusion
Productivity
13
Productivity and IT
P – Purpose of the communicationA – Action and dues datesS – Supporting documentationS – Summary in subject
• Delete It• Do It• Delegate It• Defer It
• Voice-Mail • E-Mail • Meetings• Memos • Phone calls
• Communication channels (devices) employed in the organization • The preferred communication method for specific scenarios • The type of information appropriate for each channel (device) • Response time guidelines, base on the communication method
Adapted fromMcGhee Productivity Solutions
HIPAA Compliance
Introduction
Medical Applications
Network Topology
Wired or Wireless
Desktop H/S
Server H/S
Network H/S
Security H/S
Backup & DR
Insurance
Conclusion
Productivity
14
Be HIPAA compliantSoftware determines what hardwareUnderstand your network topologyChoose hardware with the future in mindBackup, be secure, redundant & insured
Conclusion
Ofer Shimrat
TEL: (858) 569-0300
FAX: (858) 569-0303
EML: [email protected]
URL: www.soundoffcomputing.com