Need advise on new network

Eric Samonte

Screenwriter
Joined
Mar 31, 1999
Messages
1,318
My friend and his wife would like to dive into thr realm of electronic medical records. They have asked me to look into it since they say I know more than they do. They would be needing about 12 PCs, a server and they would like them to connected wirelessly. I know security should be tight here so I would like to ask the more knowledgable here for some advise. Should I just phone Dell or HP and ask them?
 

Kimmo Jaskari

Screenwriter
Joined
Feb 27, 2000
Messages
1,528
It's not that hard to just set up the physical network, but going wireless has its own pitfalls. I'd agree that they should shop around for a consultant who can help them get all their ducks in a row.

It's not wildly difficult to set up the basic infrastructure, but it will require some thought. For that application, they need to go with WPA-EAP instead of the easier to install WPA-PSK (Pre-Shared Key) which might do for a home user; WPA-EAP will necessitate some form of centralized authentication that can interface with a RADIUS server with which the wireless gear can then interface. Possibly a Windows Active Directory infrastructure - a RADIUS solution can be had for free if one already has the AD.

Of course, once one goes with centralized authentication, two servers are highly advisable - in case one goes south, the other one can still serve logins to the people who use the system. Obviously, the servers need to have some internal redundancy as well to keep the chance of catastrophic failure down, like redundant harddrives.

Backup of said servers also becomes an issue that has to be solved. Doesn't have to get too fancy but some form of backups are definitely required.

The desktop machines themselves will just need wireless cards. PCI cards with WPA encryption capability would be ideal, and simple enough. The trick will be setting up the servers, the user accounts and the wireless part.

If there is any way to avoid going wireless since we're talking about medical records then it would be highly advisable. It is harder to eavesdrop on data that travels through wires than it is data that travels over the air; WPA-EAP is pretty nearly uncrackable but there is no such thing as absolute security when it comes to these things.
 

SethH

Senior HTF Member
Joined
Dec 17, 2003
Messages
2,867
I know that some doctors' offices I've been to use a type of thin-client system that uses a tablet-type PC that has minimal specs. Using a thin-client/server system could be potentially be less expensive and also prevent users from saving data on individual computers -- all this data should be saved on servers with the clients providing only the interface.

It may also be advisable to use a disk encryption system like SecureDoc since these computers (or at least the servers) will hold very sensitive data.

Follow Kimmo's advice for the wireless network.
 

Eric Samonte

Screenwriter
Joined
Mar 31, 1999
Messages
1,318
I suppose my assumptions were right, PROS need to do this. I'll pass this along to them. I just hope I can "hover" around to see what the PROS would do. Its always nice to know a little more...
Thanks again guys!
 

Scott Merryfield

Senior HTF Member
Joined
Dec 16, 1998
Messages
15,996
Location
Michigan
Definitely get professional advice for the design, setup, training and support afterwards. I work in this field -- healthcare IT (specifically data and voice networking) -- and find that, in general, medical staff are not very computer literate, nor are they tolerant of outages.
 

Kimmo Jaskari

Screenwriter
Joined
Feb 27, 2000
Messages
1,528
The thin client tablets are essentially stripped-down Windows tablets that have no real built-in intelligence. They connect via the normal remote desktop protocol to a Windows Terminal Server, usually a Windows 2003 server with the appropriate amount of client licenses (or you can use them at home to connect to Windows XP machines remotely.) All software would then run directly on the server which needs several CPU's and lots and lots of memory so multiple people can run multiple programs simultaneously.

That might actually work very nicely and would simplify securing things as you really only need to secure the server (which can be locked away safely), but they are then 100% dependent on a) there being a working and reliable wireless network (preferrably fast too) and b) that the server itself is up and responsive since all processing etc will happen there, so one then needs to seriously think about how to avoid server outages. When one sets up a thin client (real thin client, that is) Sun Ray solution from Sun Microsystems for instance, the best way to do it is to set up a Sun Cluster of at least two machines for redundancy.

They could also go with full-fledged Tablet PC's and thus get the ability to move the medical terminals around, but if you have movable machines with internal storage you also open up the specter of having one or more of them stolen, possibly with sensitive data on them. I can definitely see the intelligence-less tablets as a very viable option here; someone swipes a tablet? No worries, there was no data on the tablet at all, just get another one and log in and you're good to go. You could even have them stacked somewhere centrally and when one needed some computing power one could grab a slate, any slate. Possibly combined with setting up docking points in the appropriate areas for when a keyboard and mouse was necessary.

If they do go for a wireless solution though they should look at corporate level wireless. There are options from Cisco and others; at work, we set up a very nice Symbol system with one central switch and three transceivers that all hook up to the central point.
 

Forum Sponsors

Forum statistics

Threads
344,871
Messages
4,723,030
Members
141,347
Latest member
DaMovieMaestro