E N A B L E D H E A L T H C AR E W I- F I Ali Youssef • Douglas McDonald II Jon Linton • Bob Zemke • Aaron Earle ˚ Wi-Fi Enabled Healthcare Ali Youssef, Douglas McDonald II, Jon Linton, Bob Zemke, Aaron Earle Print ISBN 9781466560406 (C) 2014 Taylor & Francis LLC
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
EN
ABLED HEALTHCAREWI-FI
Ali Youssef • Douglas McDonald IIJon Linton • Bob Zemke • Aaron Earle
Wi-Fi Enabled Healthcare Ali Youssef, Douglas McDonald II, Jon Linton, Bob Zemke, Aaron Earle Print ISBN 9781466560406 (C) 2014 Taylor & Francis LLC
Ali Youssef • Douglas McDonald IIJon Linton • Bob Zemke • Aaron Earle
Wi-Fi Enabled Healthcare Ali Youssef, Douglas McDonald II, Jon Linton, Bob Zemke, Aaron Earle Print ISBN 9781466560406 (C) 2014 Taylor & Francis LLC
Wi-Fi Enabled Healthcare Ali Youssef, Douglas McDonald II, Jon Linton, Bob Zemke, Aaron Earle Print ISBN 9781466560406 (C) 2014 Taylor & Francis LLC
K15890.indb 12 11/26/13 3:05 PM
Wi-Fi Enabled Healthcare Ali Youssef, Douglas McDonald II, Jon Linton, Bob Zemke, Aaron Earle Print ISBN 9781466560406 (C) 2014 Taylor & Francis LLC
xiii
Foreword
Rapidadvancements inwireless technologiesare transforminghowhealthcare is delivered, extending care and access to critical healthdataanywhere,anytime.Thistransformationpresentshealthsystemsandcareproviderswithahostofopportunitiesandchallengesinsideandoutsidetheirfacilitywalls.Theunprecedentedspeedwithwhichthesewirelessandtelecommunicationsadvancementshaveconvergeduponhealthsystemshasledtoanurgentneedforinformationtech-nology, biomedical, and telecommunication professionals to under-standwirelessarchitecturesandthetechnical,regulatory,fiscal,andpolicyimplicationsforimplementingwirelessnetworksinhealthcaretodayand tomorrow.Aswireless technologyandprocessing speedscontinue toevolve,healthcareproviderscanexpect thedemand foranduseofmoresophisticateduntetheredcaresolutionstoincrease.Afocusoninfrastructuretoprovideasolid,safe,securefoundationfor thesenewcaresolutions iscritical.Thisbookseekstoclosetheknowledgegaponwirelessinfrastructureandprovidepracticaltech-nical guidance forhealth systemsproviders to ensure their systemsprovidereliable,end-to-endcommunicationsnecessarytosurmounttoday’schallengesandcapitalizeonnewopportunitiesasthistech-nologyevolves.
Highlights of wireless opportunities for healthcare providersincludeimprovementsin
K15890.indb 13 11/26/13 3:05 PM
Wi-Fi Enabled Healthcare Ali Youssef, Douglas McDonald II, Jon Linton, Bob Zemke, Aaron Earle Print ISBN 9781466560406 (C) 2014 Taylor & Francis LLC
xiv Foreword
• Workflow: point-of-care delivery and workflow enhance-mentsprovide remote andbedside registration,diagnostics,andtreatment,aswellasstaffandpatienttracking.
• Communications: real-time connectivity between nurse,staff,andpatients.
• Transportation:real-timeconnectivitytoemergencymedicalservices and transport services, allowing for the transfer ofcriticalinformationwhilepatientsareinroutebetweencaresettingsordepartments,orinthehome.
• Consumer engagement: consumers and care providers maynowinteractthroughremotecommunicationsandmonitor-ingdevices,enablingcliniciansandpatientstocommunicatetimely health information, reminders, and support to eachotherinrealtime,changingpatient–caregiverrelationships.
• Workforce shortages: provides infrastructure for new caremodelsandaflexiblemobileworkforce.
• Assetmanagement:providesnewtoolsforassettracking.• Data access: allows for the ability to collect, analyze, and
share critical patient data, including access to electronichealthrecordsandhealthinformationexchange.
• Usability: provides introduction to consumer-based deviceswith a high level of user-centered design, improving ergo-nomics,anduserinterfaceflexibility.
• Innovation:providesthefoundationfornewapplicationssuchasBodyAreaNetworks,deployingbodysensors,untetheringpatients from monitoring devices, diagnostic testing equip-ment,andtheneedtoremainintraditionalhealthfacilitiesforobservationandtreatment.
• Regulatory requirements: federal, state, local, and institu-tionalregulationsmaybenonexistentand/ormayvarywithregard to definitions of mobile medical device applications,physician and provider licensure and liability for use, etc.,effectinghowthesetoolsaretobedeployedandused.
K15890.indb 14 11/26/13 3:05 PM
Wi-Fi Enabled Healthcare Ali Youssef, Douglas McDonald II, Jon Linton, Bob Zemke, Aaron Earle Print ISBN 9781466560406 (C) 2014 Taylor & Francis LLC
xvForeword
• Infrastructure coexistence: very few healthcare providershave the luxury of building wireless infrastructure fromscratch. A multitude of applications exist inside facilities,suchaswirelessLAN,telemetry,cellularandpublicWi-Fi,withhundreds ifnot thousandsofuntethereddevicespro-ducinginterferenceandsecuritychallenges.Leadwalls,ele-vatorshafts,andhistoricalpiecemealconstructionchallengeessentialreliablecoverage.
• New infrastructure: staying abreast and understanding thetechnical,policy,andproceduralrequirementsofnewpoliciessuchasmBANspectrumcapacityandallocationisessential,butcanbedaunting.
Surpassingthesechallengesandcapitalizingoncurrentandfutureopportunities will require a solid understanding of wireless infra-structure.Thesharedexperienceandlessonslearnedfromtheauthorsprovide essential guidance for large and smallhealthcareorganiza-tionsintheUnitedStatesandglobally.
Edna BooneOffice of National Coordinator of Health (ONC)
K15890.indb 15 11/26/13 3:05 PM
Wi-Fi Enabled Healthcare Ali Youssef, Douglas McDonald II, Jon Linton, Bob Zemke, Aaron Earle Print ISBN 9781466560406 (C) 2014 Taylor & Francis LLC
K15890.indb 16 11/26/13 3:05 PM
Wi-Fi Enabled Healthcare Ali Youssef, Douglas McDonald II, Jon Linton, Bob Zemke, Aaron Earle Print ISBN 9781466560406 (C) 2014 Taylor & Francis LLC
ThebackgroundsoftheauthorsvaryfromnetworkengineeringtoIT security, to biomedical engineering. Our knowledge is foundedupon formal studyandgraduate studies,butwhatwehave toofferthatisuniquecomesfrommanyhoursspentinthetrenchesofhealth-careIToperations.Whatweallhaveincommonisthataswebegandesigning, deploying, and supporting wireless networks for varioushealthcareaccounts,wesoonlearnedthatthesetypesofinpatientandoutpatient facilities have unique mobility requirements that lead tointerestingchallenges.DuringtheearlyyearsofWLANdeploymentsat the turn of the twenty-first century,most organizations that wejokinglyreferredtoas“cubelands”hadrelativelysimplerequirementsofemployeelaptopconnectivityinconferenceroomsandworkspaces.Seamlessroaming,handhelddevices,guestaccess,andmobilemedicaldeviceswereyearsawayfrombecomingmainstream.Wewerefortu-natetobeworkinginacomplexenvironmentthatfromthebeginninghadgreaterdemandformobility,complexuserrequirements,uniqueradio frequency challenges, and a plethora of use cases for mobiledevices. Whitepapers on best practices for design and support did
K15890.indb 17 11/26/13 3:05 PM
Wi-Fi Enabled Healthcare Ali Youssef, Douglas McDonald II, Jon Linton, Bob Zemke, Aaron Earle Print ISBN 9781466560406 (C) 2014 Taylor & Francis LLC
Whatwasouttherewasvendor-specificmarketingfocusedaroundhow their technology could solve all of our mobility aspirations.Soundsfamiliar?Asourprojectsgrewinscope,complexity,andout-rightquirkinesswebegantodocumentoperationalrunbooksfortheteams.Technologychoicesareonlyasmallcomponentoftheoper-ational support challenges that await anetworkdeployment.Theseopsmanualsbecomethebasisforourarchitecturestandardsandbestpracticesguidelines for support.Lessons learned in the trenches sotospeak.Asthewirelessstandardsevolvedfrom802.11bto802.11n,andmobiledevicesgrewfromahandfulofMicrosoftPDAstothou-sandsofIOSclients,sohaveouropsmanuals.Theoneconstantwehaveseen is thatdependencyandmissioncriticalityof thewirelessnetworkisgrowingwithnosignsofslowingdown.Withthisinmindtheteamthoughtwewouldshareourexperiencesandlessonslearned,andprovideaguide thatwecouldhavemadeuseofwhenwefirstembarkedonourwirelessjourneyinoneofthelargesthealthcaresys-temsinthecountry.Wehopeitwillbeofhelp.
K15890.indb 18 11/26/13 3:05 PM
Wi-Fi Enabled Healthcare Ali Youssef, Douglas McDonald II, Jon Linton, Bob Zemke, Aaron Earle Print ISBN 9781466560406 (C) 2014 Taylor & Francis LLC
Wirelesstechnologyhasplayedasignificantroleinreshapinghealth-careover the last twodecades.Wi-Fibegan to impact the clinicalworkflowinasignificantwaystartingin1999.ThetwokeycatalyststhathavepropelledincreasedadoptionwithinhealthcareinstitutionsareFCCregulations,aswellastheevolutionoftheIEEEstandards,andincreasingmaturityoftheWi-FiAlliance.TheothertwomajororganizationsthathavehelpedpushadoptionaretheFoodandDrugAdministration(FDA),andtheAssociationfortheAdvancementofMedicalInstrumentation(AAMI).Recentfederalgovernmentman-dateslikethepushtoattainmeaningfulusehavealsocontributedtodrivingincreasedadoption.Manyareashavebeenimpactedbymobil-ity, includingdevices supportingvoice andvideo,but thearea thathas seen themostdramaticworkflow improvements is themedicaldevicearena.Withwirelessmedicaltelemetrysystems(WMTS)onthedecline,usingWi-Fiasameansoftransportingdatafrommedi-caldevicestothenetwork,andbetweensensorsandmedicaldevices,hasbeenagrowingfield.MedicaldevicevendorscontinuetostruggletointegrateWi-Fiintotheirdevices,withhit-and-missresults.Priortodivingintospecificusecases,thefollowingsectionwilladdresstherolesthatthevariousgovernmentandregulatoryagencieshaveplayedinshapingtheWi-Fi-centricmHealtharena.
TheFDAisheavilyinvolvedwithclearingdifferenttypesofmedi-caldevicestobeintroducedtotheU.S.market.TheMedicalDeviceAmendmentsActof1976laysthefoundationforthe510(k)process,whichisusedtoclearupwardsof90percentofmedicaldevicestobesold in theU.S.market.Thankfully thisprocess isnotas stringentas the processes that are used to introduce a new drug to market.Medicaldevicesareclassifiedintooneofthreeclassesasfollows.
K15890.indb 145 11/26/13 3:06 PM
Wi-Fi Enabled Healthcare Ali Youssef, Douglas McDonald II, Jon Linton, Bob Zemke, Aaron Earle Print ISBN 9781466560406 (C) 2014 Taylor & Francis LLC
146 wi-Fi enabled HealtHCare
Class I: Devices that are not intended to sustain life do notrequireundergoingthe510(k)processorclearancebutneed-ing to followgeneral controls.Tonguedepressors and latexglovesareexamplesofClassIdevices.
Class II: Devices that need to meet minimal performancerequirements andneed tobe cleared for safety and efficacyusingthe510(k)process.IVPumpsareaClassIIdevice.
Class III:Thisclassofdevicesisnecessarytosustainlife,andmust undergo the 510(k) premarket approval process, andareoftenusedinclinicaltrialspriortorelease.Theseincludedevicessuchasdefibrillatorsandimplantedmedicaldevices.
GenerallyonlyClassIIandClassIIIdeviceswillrequirenetworkconnectivityandthuscanpotentiallyleverageWi-Fi.The510(k)pro-cessisoftenlengthyandinvolvessubstantialtestingwhichisgener-allyfocusedaroundpatientsafetyandtheefficacyofagivendevice.Network communications capabilities are often taken for grantedandareanafterthought.AreaslikehowadevicewillfunctioninadenseWi-Fienvironment,preferredfrequencybands,andsupportedauthenticationandencryptionschemesaregenerallyfarmedouttothemanufacturerofthewirelesscardbeingused,withlittleconsiderationforwirelessbestpractices.Thelineofdemarcationbetweenregulat-ingadeviceasamedicaldeviceandregulatingitasacommunicationsdevicehaspromptedtheFDAtoworkcloselywiththeFCCwhendealing with wireless medical devices. In 2011, the FDA releaseddraftguidanceonmobiledeviceapplications(MedicalDeviceDatasystemsrule).Theintegrationbetweenthesetwoorganizationsiscru-cialforthesuccessofthemHealthspace.
Wi-Fi Enabled Healthcare Ali Youssef, Douglas McDonald II, Jon Linton, Bob Zemke, Aaron Earle Print ISBN 9781466560406 (C) 2014 Taylor & Francis LLC
147Mobile MediCal deviCes
standards, security, orbandwidth availability.By the time adevicemakes it to themarket, the integratedWi-Fi capabilities are oftenoutdated.Thedevicecanhavealifecyclespanningupwardsof5years,or longer in some instances. It is crucial for these typesofmedicaldevices to have a flexible networking architecture that allows forupgradingdriversandevenhardwareifneeded,withminimalscru-tinyfromtheFDA.IfthesolefunctionalitybeingimpactedisWi-Fifunctionality,itwouldbebeneficialtohaveaseriesofhigh-levelwire-lessteststhatcanbeconductedtoclearthefirmware,orevenhard-wareupgradepath.
We only touch the tip of the iceberg when discussing medicaldevices. A new type of medical device that integrates with smartphonesandtabletsisreallypushingthetraditionalboundarieswiththeFDA.Thisarea,compoundedbytheexplosivegrowthofhealth-care-relatedmobileapplications,hasbeenforcingtheorganizationtorethinkandreinventitsreviewmechanisms.
In June of 2013 the FDA released a draft guidance pertainingto the cybersecurity of medical devices. The target audiences wereprimarilymedicaldevicemanufacturers,andthedocumententitled“Contentofpremarketsubmissionsformanagementofcybersecurityinmedicaldevices” calls attention to intentional threats tomedicaldevices. These range from Malware and viruses infecting medicaldevicestoorganizedpenetrationandDenialofServiceattacks.Therulingurgesmedicaldevicemanufacturerstodevelopasetofsecuritycontrolstoassuremedicaldevicesmaintaininformationconfidential-ity,integrity,andavailability.Inpart,thismeansimplementingtwofactor authentication mechanisms including passwords, biometricidentifiers,orsmartcardsinordertorestrictthenumberofindividu-alscapableofinteractingwiththeproduct.
The AAMI has always been a fundamental player in medicaldeviceinnovationanddesign.Theorganizationhasbeendevelopingstandards for medical device design for decades. Wireless medicaldeviceshavetraditionallybeenviewedlikeanyothermedicaldevice.ThetypicalAAMIaudiencesareclinicalorbiomedicalengineerswhogenerallydealwiththemaintenanceandrepairofmedicaldevices.AsmedicaldevicesbecomemoredependentonnetworksandmakeuseofEthernetandWi-Fi,theorganizationhasbeenpromotingtheneedforcollaborationbetweenITandclinicalengineering.Manyhealth-care institutions have taken this mantra to heart, and have shiftedtheirreportingstructuresothatclinicalengineeringstaffreportstoITleadership.ThisisaninevitablestepgiventhegrowthofWi-Fi-capablemedicaldevices.
By leveraging Wi-Fi, medical device manufacturers have ven-tured into a sharedmedium that is outsideof their control.Whenone also considers that many medical devices leverage fairly wide-spread core operating systems, like Windows, the number of vari-ablesthatcancausedatatransmissionissuesgrows.AAMIreleasedtheIEC800001-1seriesofstandardsbetween2008and2012.Theseare intended toapplyappropriate riskmanagement to ITnetworksthat support medical devices. This is in line with ISO 14971. Thestandardsaddresssafety,systemsecurity,andeffectiveness,whicharegenerallyregardedasnecessitiesforpatientwell-being.Itincorporatesbestpracticesforriskmanagementaswellaschangereleasemanage-ment.These are in linewith ITIL is themostpopular andwidelyacceptedapproachtoservicemanagement.ItstandsforinformationtechnologyinfrastructurelibrarymethodologywhichiswelladoptedinthepureITarena.“AccordindingtotheAAMI(AssociationfortheAdvancement ofMedical Information) IEC80001-1 it definesresponsibilities for parties such as medical device manufacturers,
K15890.indb 148 11/26/13 3:06 PM
Wi-Fi Enabled Healthcare Ali Youssef, Douglas McDonald II, Jon Linton, Bob Zemke, Aaron Earle Print ISBN 9781466560406 (C) 2014 Taylor & Francis LLC
149Mobile MediCal deviCes
non-medical device manufacturers, the responsible organization,IT-networkintegrator,andpotentiallyothers,engagedininstalling,using, configuring,maintaining anddecommissioning IT-networksincorporatingmedicaldevices.”Therearefourkeyareasthatthestan-dardhighlights:
TheAAMIhaspavedthewayforhealthcareITstafftobeabletoreachouttomedicaldevicemanufacturersdirectlyandworkonfinetuningthenetworkperformanceofagivendevice.Someexamplesofthisarehighlightedintheusecasesectionofthischapter.Theorga-nization continues to provide best practices for managing wirelessmedical devices in their publication Biomedical Instrumentation and Technology.Inaddition,theAAMIestablishedtheWirelessStrategyTaskForce(WSTF)in2013.Thegroup,comprisedofmanufactur-ers, regulators,usersof technology,andother interestedparties—isdevelopingeducationalresourcesandtoolsandsharingbestpracticestoaddresswirelesschallengesinhealthcare.Groupprioritiesincludeclarifyingrolesandresponsibilities inthewirelessarena,managingspectrum to improve safety and security, designing wireless infra-structureforhighreliability,learningfromotherindustries,managingriskandpreventingfailure.Thegroupreleasedaspecialcompilationofarticlesin2013entitled“GoingWireless”,whichisagreatresourceforanyoneworkingwithmobilemedicaldevices(https://www.aami.org/hottopics/wireless/AAMI/Going_Wireless_2013.pdf).
Therearemanyotherorganizationsthatcanbementionedinthesesections,suchastheNationalInstituteofStandardsandTechnology(NIST), the Healthcare Information and Management Systems
K15890.indb 149 11/26/13 3:06 PM
Wi-Fi Enabled Healthcare Ali Youssef, Douglas McDonald II, Jon Linton, Bob Zemke, Aaron Earle Print ISBN 9781466560406 (C) 2014 Taylor & Francis LLC
150 wi-Fi enabled HealtHCare
Society (HIMSS)and itsmobile initiativemHIMSS,and the fed-eralgovernment,butthelastonethatwillbediscussedistheWi-FiAlliance.Thebackgroundofthisorganizationwasdiscussedintheintroduction,butforthepurposesofthischapter,itisimportanttonote that the Wi-Fi Alliance has been instrumental in publishingguidelinesfordeploying,securing,andleveragingWi-Fiinhealthcare.
Newwirelessmedicaldevicesareablessing;theycanalsobediffi-culttotroubleshoot,asmanylargemedicaldevicemanufacturerssuchas GE, Medtronic, Philips, Baxter, and CareFusion, are designingand adapting medical devices for use on unlicensed radio frequen-cies.Often,manufacturerswill cut costsbyusingnoncompliantorout-of-datewirelessdevices(adapters,bridges,etc.)embeddedinthemedicaldevices.Thisefforttoreducecostandtogainmarketsharehasbeenagrowingchallengefornetworkadministratorsinhealth-care.Fromdiagnosticsandmonitoring,totheoperatingtheatreandmanaging patient medical records, demand on wireless technologyismorecomplexandmissioncritical in thehealthcare industry.Asmedicaldevicemanufacturersracetointroducenewdevices,inmanycasestheymustadheretoHIPAA-HITECHrequirementsandtheFDA’s510(k)approvalprocess.Healthcareorganizationsoften facealackofcentralcontroloverprocurementbecausedepartmentshavetheir own budgets and purchasing power. As ubiquitous Wi-Fi isbecomingareality,itisincreasinglychallengingtomanageexistingand legacy wireless medical devices while continuing to drive for-wardandutilizethelatestavailabletechnology.Oftenmanufacturerswilltakeshortcutsbyintroducinganadd-onWi-Fiintegrationusingwirelessbridges,orwillopttoutilizelower-end,cheapwirelesscardsin their equipment.Thismakesmanagingwirelessmedicaldevicesa challenge requiring a closeworking relationshipbetween clinicalengineeringandIT.
Whenitcomestopatientdata,securingmedicaldevicesandtheirdata isvital toprovidingsafeandeffectivehealthcare.AsWi-Fi isgrowing the risks associated with the technology are inherent andare becoming more lucrative for hackers to try and take advantageof.Someoftheserisksareassociatedwithsecurity,availability,qual-ityofservice(QoS),andprivacy.Asthehealthcareindustrycontin-ues toexpandandenter theever-growingwireless space, includingpatient monitoring equipment, physicians’ PDAs and laptops, and
K15890.indb 150 11/26/13 3:06 PM
Wi-Fi Enabled Healthcare Ali Youssef, Douglas McDonald II, Jon Linton, Bob Zemke, Aaron Earle Print ISBN 9781466560406 (C) 2014 Taylor & Francis LLC
151Mobile MediCal deviCes
wireless-enabledmedicaldevices,therisksassociatedwiththeirusealsorise.Somehealthcareorganizationshavestayedaheadbydeploy-ingsecuredwirelessnetworks for theirmedicaldevices.Theyoftenhavetotweaktheirnetworktoaccommodatenonstandardorlegacymedicaldevices.
Thecurrentindustryconsensusisthatthebestpracticeforwirelessmedical device authentication and encryption is using 802.1x withEAP TLS and AES encryption. This enforces mutual authentica-tion and requires each medical device to have an x.509 certificateinstalledbefore it isallowedontothewirelessnetwork.Duetothewidespectrumofdevicewirelesscapabilities,itisoftennecessarytouseaphasedapproachtomanagewirelessmedicaldevicesandpro-moteongoingauthenticationandencryptionbestpractices.HIPAAadvisoryandwirelessinteroperability-certifyingWi-FiAlliancehasacknowledgedthatthetypical802.11securityfeaturessuchasWEPand/orsharedkeyauthenticationarenotsecuredenough.Thephasesareoutlinedinthebulletpointsbelow:
K15890.indb 151 11/26/13 3:06 PM
Wi-Fi Enabled Healthcare Ali Youssef, Douglas McDonald II, Jon Linton, Bob Zemke, Aaron Earle Print ISBN 9781466560406 (C) 2014 Taylor & Francis LLC
152 wi-Fi enabled HealtHCare
• Phase 1:Allmedicaldevicesthatsupportacertainauthenti-cationandencryptionshouldbeconfiguredtouseadedicatedSSID,keepingthenumberofSSIDsaslowaspossible.Thisphaseistargetedatminimizingtheamountofwirelessover-head traffic. IT and clinical engineering staff need to con-solidateadetailedinventoryofallwirelessmedicaldevicesinthehospital.Thisshouldincludethemakeandmodelofthedevice, network connectivity requirement, device classifica-tion,supportedspectrum,andhighbandwidthrequirements.This process will provide more insight into which wirelessmedicaldevicesarecapableofhandlingandsupportingcer-tainauthenticationandencryptionmethods.
• Phase 2:Thepurposeof themedicaldevicepoliciesonthenetwork is to ensure that each device is suited for its pur-poseandmeetsclinicalandpatientneeds,tomakesurethatthedevicecomplieswithsafetyandqualitystandards.SincemedicaldevicesareregulatedbytheFDA,theirdesignandoperation cannot be modified by the end user. For manyyears, device manufacturers have been responsible for theinstallation, service, and supportof theirdevices, includingthenetwork.Thishasresulted inseveralsmall independentnetworks in the hospital. As wireless technology continuestoexpand,hospitalsfeeltheincreasingfinancialpressuretodeploymedicaldevicesontheirexistingenterprisenetwork.NetworkpoliciesneedtobeappliedtolimitmedicaldevicenetworkaccesstorequiredIPaddresses.
• Phase 3: Continuously refresh medical devices that do notsupportWPA2EAPTLS.Thisshouldeventuallyresult inoneSSIDusingEAPTLS.
• Phase 4: Implement EAP TLS. The complexity associatedwithdeployingEAPTLSisdependentonwhetherthehos-pitalhasaPKIandacertificateauthorityinplace.Buildingsuchasystemcanbeanexpensiveundertaking.
• Phase 5:Developanoverallstringentwirelesssecuritypol-icy for medical devices that is interdepartmental and tiesinto IT governance, security, and procurement. Part of thepolicy needs to be ongoing device certification as a part ofonboarding.
K15890.indb 152 11/26/13 3:06 PM
Wi-Fi Enabled Healthcare Ali Youssef, Douglas McDonald II, Jon Linton, Bob Zemke, Aaron Earle Print ISBN 9781466560406 (C) 2014 Taylor & Francis LLC