FRAMINGHAM (10/31/2003) - As managing director of IS infrastructure at Hartford Hospital in Connecticut, Richard Kubica is in a challenging position when it comes to rolling out network technology. While he'd like to take advantage of the latest advances, he needs to be certain that the technology won't fail given the critical nature of communications at any healthcare organization. He spoke recently with Network World News Editor Bob Brown about moving ahead with everything from Wi-Fi to voice over IP to Web services.
Give me a sense of the network you oversee.
We go to about 36 sites and have five major locations, including three hospitals and two administrative sites. We have ATM, frame relay, ISDN and IP VPNs on the public side and a Nortel Networks Corp.-based Gigabit Ethernet backbone internally, with 100M bit/sec switched to the desktop. Our basic network software is NetWare, as we have about 60 Novell Inc. servers. Plus we use their ZenWorks software distribution, Extend portal and single sign-on software. We have about 150 Windows NT servers, which are used for various applications and use Unix for outpatient registration, billing and accounting applications. Our inpatient patient registration and billing system is run at Siemens Medical. We manage the network using a variety of tools, including programs from Somix Technologies Inc., Nortel and Hewlett-Packard Co. We support (roughly) 6,000 end users from doctors to receptionists.
How aggressively is the hospital pursuing wireless LAN technology?
We are using 802.11b and evaluating whether to go to 802.11a or 802.11g. We're pushing more toward 802.11a because it is on a less-crowded frequency, but we want to test the throughput and determine the range of the signal. We started with 802.11b about 18 months ago, piloting it in our intensive care unit because one of the physicians there was interested. We first implemented wireless in the patient information area to alleviate some of the backlog in registration in the emergency room. The person who registers the patient now can do it right inside the room. We then did an implementation of Eclipsys Sunrise Clinical Manager where we put the clinical system up on laptops on carts. We plan to have Hartford Hospital completely wireless in two to three years. Our challenge will be how to get this sort of information to physicians on all floors because they clearly are not going to be pulling a cart around with them when they do rounds. We're looking at what kind of critical data we can get on PDAs.
Any tips for others looking at WLAN rollouts?
Our biggest challenge was actually battery life. We did not want to use lead acid batteries, which required a cart to be plugged into a wall outlet to get charged. We ended up using Valence Technology's N-Charge Batteries. With three batteries we were able to maintain laptop/cart operation for up to 12 hours, a full shift. When caregivers start their shift, they switch out a battery pack and they're good to go.
Another issue is getting people who haven't used wireless before to do so. We have people available 24-7 to train our clinicians when doing new implementations. The trainers were clinical applications personnel who were knowledgeable in the application and the wireless and computer technology.
What are your thoughts on the state of WLAN security?
Security's not that strong, and we're looking at that right now. We are using (Wired Equivalent Privacy), and we're looking at stronger encryption. We're looking at the potential of using a VPN and using SSL encryption wirelessly.
On the usability front, we're implementing single sign-on so users can access different applications without needing additional passwords to get into different systems. We also are looking to use the hospital ID card to access the workstation. Obviously for security we still would require the password and possibly a token or biometric validation.
I understand VPN technology is another priority for you. What are doing there?
We use a Nortel Contivity box for our VPN, which is for corporate office to corporate office communications, as well as with the state and an insurance company. Also, our tech support people have VPN connectivity at their houses. We're kind of shying away from a full deployment of an IP Security VPN because as we extend our network there is the greater potential for viruses and other attacks. We're looking at further use of SSL encryption technology based on Novell's iChain and portal software, Extend. For any application that isn't Web-based we use a combination of Citrix and Novell iChain software to Web-ize it. We're using the SSL encryption already to avoid having to set up PCs with an IPSec client at individuals' houses. We just don't have the support staff to go to all their locations, and as soon as you add something to someone's PC, any issue on the PC becomes your problem. This is the major issue that kept us from furthering the deployment of VPN. With the portal service we just have the physician use Internet Explorer 6.0 and get through on the Internet. We have about 100 using the portal technology now.
You still support Novell, but what do you think of the company's long-term prospects?
Financially, they look like they are doing better. They have an architecture that fits together, including their single sign-on, Groupwise messaging and directory products, all of which we use. We're at NetWare 6 and are implementing some of the newer products like the portal on Linux. That's a good direction for them, being a provider of network services and infrastructure support, not just NetWare.
Speaking of Linux, what's your take on it? And are you concerned about the current legal issues?
We use Linux for portal and intranet services, and no, I'm not losing any sleep over the legal issues. So far Linux has proven less expensive than other options from a support perspective. We haven't started using it for mission-critical applications though, so we have more studying to do on that. We are concerned about ongoing support and maintenance. We are trying to standardize on a single supplier of Linux (Red Hat Inc.)
What's your take on Web services?
We have a separate group (of three people working with an existing applications group of three or four people) developing Web services for internal and external use. There are also external developers of Web services for healthcare that we're exploring. Our main goal with Web services is to provide physicians and patients with greater access to the data available in the hospital. We have an Internet site for our patient access, and our physicians can access their applications through our portal. Web services promise a more user-friendly, concise view to those two constituents. We also think Web services can help us in our dealings with third parties.
In using Microsoft Corp.'s .Net technology to support Web services, what are you finding?
The current implementations require more bandwidth than we expected. It might be the way the specific applications have been developed, because I know of other .Net applications that are tremendously efficient. So it's not necessarily a Microsoft issue. We've gone back to our application vendors and are awaiting answers. You can't really deploy these Web services in their current fashion. We need a 1.2 megabyte download to boot up one application. We think .Net could be like any other new significant architecture that needs a couple of years before it really shakes out the inefficiencies.
You sent your mainframe packing in August. What was that like?
Very anticlimactic; nobody even noticed. We had shifted so much off it already to Solaris and NT that there were just a few minor applications left on it.
Does the mainframe going away open the door to more of a utility computing environment?
I can see where on-demand computing is going to help organizations like schools for when they are just polishing the floors during the summer and don't need much computer capacity at that time of year. But in a hospital we might have one week during the entire year, between Christmas and New Year, when things are quieter than at other times. So in terms of needing various levels of capacity, utility computing isn't going to help us too much.
What, if any, role might VoIP play in your network?
We're looking at non-critical sections of the hospital because we want to make sure phone calls still go through even if there is a network issue such as a broadcast storm. But we see the benefits of integrating voice and data. The funny thing is that some vendors suggest we put in a separate network for VoIP, which to me says, 'Why bother?' We don't feel like we need to make a decision on this for at lease another year, but we are watching this technology closely.