It is critical that your local network have the bandwidth and security to support your EHR system.
Some areas to consider as part of your EHR planning include:
1. Capacity and performance. Estimating bandwidth requirements can be complex and depend on a number of different factors, such as number of users, locations, real-time transactions, hardware and storage technology. It is best to work directly with your EHR vendor to determine requirements.
2. Perimeter protections. Higher valued assets justify more robust protection. If a firewall is not part of your Internet gateway, then one must be installed. Installation of recent patches, upgrades and firmware versions should be verified. The firewall rule set should be audited to ensure only legitimate traffic is being permitted to pass on and off the network. Delete any rules that allow file share unless there is a critical business purpose.
3. Intrusion detection. Install an intrusion detection system (IDS) to drop anomalous traffic that matches the 'signature' of well known network attacks.
4. Network segmentation. Consider segmenting the network to isolate the EHR system along with other systems requiring access to the EHR. The purpose is to remove connectivity between the EHR and other systems whose users do not require access to the EHR.
5. Directory audit. Audit Active Directory structure and policy to ensure that workstations access to the EHR system complies with good security standards. Users should be properly authenticated with strong passwords, smart cards or tokens before accessing the workstation or domain resources.
6. Privilege review. Clinical users of EHR systems require few if any administrative rights to the EHR. Review all existing user privileges. Where feasible, employ Active Directory to centrally manage user rights.
E-mail the HealthIT e-mail box: firstname.lastname@example.org