Logicalis eBook: Healthcare IT’s

Transformation JourneyNew Rules Set the Pace for Healthcare IT Changes. Ready or Not, Here They Come.

HIT Infrastructur

e

Mobility/BYOD

Disaster Recovery

VNA

Patient Portals

2

Introduction: The debate over the Affordable Care Act has made one thing perfectly clear – America’s healthcare industry is undergoing massive changes.

The need to reduce costs while caring for an aging population has led to sweeping changes in everything from how patients choose insurers to how doctors are reimbursed and medical records are stored and shared.

As a result, the pressures on today’s healthcare CIOs and the data centers they manage are building. Mergers and acquisitions are packing more technology into tighter spaces, growing computational demands are creating crowded equipment racks, and staggering power and cooling requirements are crippling budgets. A high percentage of data centers are reaching the end of their lifecycle and are becoming increasingly expensive to maintain, while increased demands are being placed on those data centers for interactive communications among patients, providers, and payers.

Clearly, healthcare IT (HIT) is at the precipice of a much needed transformation. What healthcare IT professionals need is a healthcare transformation roadmap and a set of “best practices” to help them arrive at the data center of the future from where they stand today.

The overall technology in the IT infrastructure in practically every industry has moved so rapidly that data centers are struggling to keep up. Healthcare, while one of the last markets to jump on the IT transformation bandwagon, is charging full speed ahead today, giving healthcare CIOs a lot to think about. Taking an inventory of where you are today and where you want your data center to be in the future – creating that roadmap – is an essential first step in safeguarding not only your computing resources, but your company’s future.

“At Logicalis, we call this IT transformation a journey because it isn’t something that happens overnight. This is a multi-stage process requiring significant evaluation of not only IT systems, but also of what the future workflows and business processes will be and how healthcare providers, patients and payers can all seamlessly share time-critical data,” says Karen Burton, Healthcare Business Development Manager, Logicalis US. “It’s a journey that is taking healthcare IT to the new levels of IT sophistication needed to support a substantial business change from volume to value.”

1. Healthcare IT Transformation

2. Healthcare IT (HIT) Infrastructure

3. Mobility and BYOD

4. Disaster Recovery (DR)

5. Storage and Vendor-Neutral Archive (VNA)

6. Patient Portals

Table of Contents

3

Healthcare IT’s Call to Action:EHR Inspires an Industry’s IT Transformation

The hype associated with the American Recovery and Reinvestment Act (ARRA) can seem like a distraction, but those who are reading between the lines see it as a very real call to action. With millions of dollars in federal funds and Medicaid/Medicare reimbursements at stake, ARRA and other emerging regulatory mandates demand healthcare CIOs take strategic action now.

According to IBM’s Healthcare and Life Sciences division, there are six critical conditions for healthcare IT that must be re-examined along the industry’s transformation journey: Interoperability Security High availability Business intelligence and healthcare analytics Enterprise portals Business continuity and disaster recovery

Each condition is a prerequisite for “meaningful use” – the overarching requirement for ARRA funds. In broad terms, meaningful use refers to sharing data from electronic health records and quality measures within a hospital community (e.g. radiology, pharmacology, labs, etc.), as well as with associated physicians, other clinical practices and patients to achieve better, less expensive patient care.

Granted, plenty of “ifs” surround this condition. If data is to be shared, then interoperability between all of the disparate systems involved is essential. If all of that data is going to be made available, then it must be secure. If all of the various healthcare communities involved are going to be committing 100 percent of their patient information to electronic records, then those records must be always available and instantly accessible. And if all of this holds true, then there won’t be any paper backup because nothing will have been written down. These are challenges indeed, but they aren’t new challenges. Healthcare IT departments have been moving at different paces toward EHR for years.

FACT:HIT Transformation Impacts

Enterprise Computing.

By the end of the journey, organizations

see greater than

130%improvement

in these key areas:

Forecasting requirements and responding to risks Overcoming threats to availability and performance Reacting to challenges and proactively

solving issues

4

New Day for HITGrady Health System is one of the largest health systems in the United States and the leading level 1 trauma center within 100 miles of metro Atlanta. Grady depends on payments from Medicare and Medicaid to serve its primary community and needed to comply with new federal regulations for EHR to continue to qualify for those payments.

Grady selected Logicalis for design and implementation of a new IT infrastructure across many platforms to support their new Epic EHR. This included the installation of the technical architecture for the EHR database system, including high availability and disaster recovery functions.

Fortunately, there are many incremental steps along the way to a healthcare system’s IT transformation; the key is not to take any left turns when the ultimate direction is a right. The network, for example, is the key delivery mechanism for security, privacy, interoperability, and bandwidth – both wired and wireless – required by EHR. Best practices include conducting a detailed network assessment early on to establish the environment’s readiness to support initiatives like telehealth, BYOD and analytics; for example, such an assessment might reveal weaknesses that could easily contribute to outages since an EHR implementation increases demands throughout the network infrastructure. The goal is to identify any crises-in-the-making which may be the result of patches and other short-term repairs that postponed the original problem rather than solving it; there simply isn’t any time for applying Band-Aids to crises once EHR is implemented.

One Place to Look

Today, there is no longer any confl ict between what hospitals need to prepare for EHR and what they need for an effi cient, effective IT infrastructure. At the most basic level, pursuing one objective serves the other. The ultimate goal with the healthcare IT infrastructure, just as it was with EHR, is to have one place to look for everything.

For example, one major Midwest hospital complex transformed its data center from a decentralized infrastructure that primarily served billing and administration into a centralized system that today accommodates the hospital’s full scope of IT needs, including one of the most advanced EHR capabilities in the healthcare industry. The hospital system is served by two data centers with a dynamically partitioned IBM server and a SAN in each one. The two servers are connected by a single network over which all critical data fl ows. The two sites provide full replication for each other. If one goes down or is taken down, it fails over automatically to the other.

The whole infrastructure was developed with patient care in mind. Now, from one pane of glass, a physician can pull up a complete patient profi le, including billing, insurance, X-rays, lab tests – basically everything that is known about the patient. Initially implemented with 3.5 terabytes of storage, which seemed like overkill at the time, the data center has been able to grow storage capacity one hundred-fold in the past few years to 320 terabytes to meet the demands of digital images. This hospital’s IT environment was one of the fi rst in the US to achieve HIMSS Electronic Medical Record Adoption Model (EMRAM) Stage 7 and was one of the fi rst health systems to demonstrate meaningful use.

Did You Know?As adoption and replacements increase for electronic healthcare records (EHR), healthcare clients need expert infrastructure design, integration and support. For more than a decade, Logicalis has delivered world-class, highly available EHR infrastructures for award-winning healthcare systems like Geisinger and NorthShore University HealthSystem.

Together with partners like IBM, Logicalis delivers enterprise-class, robust, high-performance infrastructures, seamlessly deployed and adopted into a working healthcare environment. We have built infrastructures for leading EHR applications including Epic, MEDITECH, Cerner, McKesson, Allscripts and more.

5

Besides facilitating the care of patients, this data center is equally responsive to the hospital’s business needs. Like businesses in other verticals, hospitals frequently grow by acquiring other hospitals. As IT increasingly becomes a more integral part of every business, the ability to easily integrate an acquired organization’s IT – another hospital or doctor’s practice, for example – can make or break an acquisition. As a result, business issues today are tied directly to technical issues much more than ever before. Case in point: A big city hospital CIO was given just 30 days to integrate the IT environment of a 50-practice physician clinic into the hospital’s infrastructure. The trend of consolidation within the healthcare industry is resulting in more CIOs facing similar challenges.

Of all the technical capabilities healthcare IT professionals are being asked to master today, the key is an ability to adapt to change that, by all indications, is entering warp speed. As a younger, more technology-oriented generation of doctors takes its place in healthcare’s future, IT is going to be drawn increasingly into the actual delivery of health services. As a result, healthcare IT professionals won’t be spending the bulk of their time caring for their IT infrastructures. The good news is that if the IT infrastructure is transformed from point systems into a virtualized IT-as-a-Service resource, then the IT department will be able to focus its efforts directly on using technology to help doctors and nurses care for their patients and allowing patients to electronically manage their own care and wellness.

Top 10 "HIT" ListTechnology initiatives that are either on the radar, in planning or in early implementation for many healthcare IT organizations. Where does your IT department stand?

1. Infrastructure for EHR or Electronic Medical Records (EMR)2. Business Continuity and DR3. Integrating Medical Images to EMR4. Mobility Solutions / Bring Your Own Device (BYOD)5. Storage / Data Management6. Backup, Archiving and Data Management 7. Analytics and Business Intelligence8. Securing Electronic Protected Health Information (ePHI)9. Cloud and Managed Services10. Patient Portals

6

When Information is Needed STAT:BYOD Policies Defi ne Collaborative Healthcare Communication

Doctors, administrators, insurers, patients – nearly everyone has become accustomed to taking their personal and social lives with them wherever they go. The ability to “Bring Your Own Device” means work is no longer a place, but an activity. The plus side is, this accelerates productivity and collaboration; it allows healthcare experts to work within the moment, sharing ideas, accessing critical patient data and connecting with colleagues. But with 60 percent of enterprise knowledge workers using a mobile device as their primary computing device, IT needs to be prepared to handle the challenges of BYOD as well. The key is to combine industry best practices and policies with common sense strategies.

BYOD is happening with or without the consent of the board or the enablement of the IT department. Therefore, mobility enablement – and control – may well be the healthcare CIO’s biggest priority and challenge.

The mobility experience has to deliver the positive changes in working processes, productivity and service standards that the healthcare organization and its users are seeking to achieve. At the same time, the mobility experience must be satisfying and rewarding to users. As a result, the development of a mobility strategy will need to be a top down, bottom up, all-inclusive process that includes multiple layers of the healthcare systems and its key stakeholders.

A well-planned mobility strategy will typically encompass six core components: Business Use Case Policy and Governance Network Experience Device Experience Application Experience Support Experience

7

All stakeholders from senior executives to department heads and front-line staff should be able to recognize and suggest where and how mobility will improve current processes and procedures. Their needs and expectations can prove invaluable in helping the CIO align use case drivers with tangible and quantifi able business outcomes while simultaneously defi ning and delivering a compelling and productive mobility experience strategy.

In short, transforming current healthcare IT environments into new mobile experiences will mean transforming the way people access and use corporate applications and data.

So why isn’t everyone leaping in?

Risk. Especially around regulatory policy, costs and security.

Delivering mobility requires a comprehensive approach, from the defi nition of appropriate corporate policies to delivering and supporting the new applications mobile users need to do their jobs. The CIO will need to modify or restrict the way devices are used in order to maintain security assurance and regulatory compliance.

Delivering a relevant mobility experience will require a scalable and secure network infrastructure transformed to be able to support a large number of people and a rapidly expanding number of mobile devices, services and security threats. It will need access to content that demands real-time, high-performance bandwidth which means a necessary IT transformation, expanding the speed and capacity of the Wi-Fi network so that it is able to both support the surge in the use of new mobile devices and deliver the rich mobile experience users have come to expect.

Beyond performance, though, it must also be the central point of security and control. In healthcare in particular, the network must be secured by delivering the right type of access to the device based on proper end point assessment. Since the network is the fi rst point of contact for the range of smart devices and laptops being brought into the organization, it is also the fi rst line of security for the organization’s computing environment.

Authorized devices can be acknowledged and on-boarded, with access given to the corporate services within their policy window. Non-recognized devices can be denied access or perhaps given access to guest services only, such as Internet access. In most cases, the mobile device is now capable of offering the same services delivered onto a traditional desktop or laptop computer, so the network now needs to be able to service traditional data applications as well as voice, collaboration, video services, broadcast video and video conferencing.

Did You Know?Today’s clinicians and patients are bringing their WiFi-enabled smartphones, tablets and other devices into the healthcare environment.

Providing your health system with secure, high-performance mobility improves overall productivity and helps clinicians deliver quality, evidence-based healthcare at the point of care.

Logicalis Mobility Services enable healthcare organizations to support multiple devices and platforms while ensuring patient confi dentiality, 24x7x365 availability, and simplifi ed infrastructure management.

8

The overriding challenge that binds all the others together is security and regulatory requirements. How will the healthcare CIO deliver complete corporate security as well as a satisfactory user experience? Resolving security and regulatory issues could mean cutting back on many of the things that make using a mobile device something users enjoy and are inclined to do.

Enabling new mobile experiences requires a scalable and secure network transformed to be able to cope with a rapidly expanding number of mobile devices, services and security threats.Designing a Secure Mobility Policy

Corporate mobility policies will need to be defi ned that are reasonable, acceptable, secure and enforceable. As with the defi nition of the business use case, stakeholders from all departments should contribute to the defi nition and agreement of the mobility policy.

The healthcare CIO and IT department will need to engage with the entire health system from human resources, to fi nance, legal counsel and of course, employees and employee representatives. And they will have to engage with the health system wherever it operates. In some sectors and geographies, regulation will dictate elements of the mobility policy. Broad engagement will help defi ne a policy that delivers signifi cant patient and business benefi ts without introducing unacceptable risks. A hospital, for example, might decide to adopt a BYOD policy for its employees, allowing them to buy whatever device they choose. Should an employee’s device be lost or stolen, policy will dictate whether the device must be locked down and wiped clean of all corporate and, where applicable, personal or patient data.

Alternatively, it may be decided that a safer option would be to distribute corporate-owned devices (COD) which will be supported by the IT department. Policy will then determine whether users are permitted to download personal applications onto their corporate tablet, and whether they will be allowed to mix personal and business applications on the health system’s corporate device. Ultimately, a balanced policy must be defi ned and adopted that provides patients and clinicians with the mobility experience they expect, and the healthcare system with the security posture it needs.

The user’s device experience will serve to reduce the demand for training and support, accelerate improvements in productivity, and transform the way they are willing and prepared to work. For example, a doctor issued a corporate tablet for use at a patient bedside is likely to expect and accept more stringent device controls than, say, an administrator who uses their own device to schedule meetings in their calendar. Device experience is about what individual users expect and are prepared to accept from the device they have in their hand, regardless of who actually owns it.

9

Top Tips for Managing BYOD ASAP

1. Implement Security Architecture and Policies. Review the organization’s IT security policy to address non-company owned mobile assets. If healthcare organizations have not established specifi c policies for their em-ployees, then employees are not breaking any rules. It will be hard, if not impossible, to get the BYOD genie back into the bottle after all the personal devices begin to enter the enterprise.

2. Prepare Your Network. Now is the time to assess, and potentially upgrade, the health system’s wireless network to ensure it’s capable of supporting the additional bandwidth requirements of employ-ee-owned mobile devices to include adequate Quality of Service (QoS) controls for appro-priate handling of critical traffi c.

3. Monitor and Manage Activity. Implement a mobile device management (MDM) strategy that can provide complete provi-sioning, confi guration, monitoring and reporting for connecting BYOD mobile devices.

4. Make your Infrastructure BYOD-friendly. You can’t beat them, but you can do a lot more than join them. Empower your healthcare IT infrastructure to encompass your future, incorporating and integrating BYOD tools. This includes building a robust network platform capable of delivering real-time collaboration experiences to any device and providing transparent mobility with location services for anytime, anywhere communication.

The healthcare CIO will need to educate the entire organization on what is possible, practical, manageable and affordable. It will be the CIO’s responsibility to ensure that the organization’s aspirations for mobility are realized without exposing the healthcare system to unacceptable risks. And, at the same time, it will be the CIO and IT department’s objective to enrich rather than diminish the user’s total mobile experience, no matter who that user might be – from patient to payer to provider.

As a result, some healthcare CIOs may turn to managed service providers for support and cloud providers for a range of sanctioned application services. How IT departments choose to support the new mobile experience will depend greatly on the level of capability and services defi ned in the business use case. Whatever the device strategy, policy decisions or network environment, the total mobile experience, and the performance benefi ts it delivers, will depend greatly upon having a support experience that truly stands up. When mobility happens in the right way for organizations and their people, it delivers a truly integrated experience between business and technology.

10

Surviving Disaster:Why Healthcare BC/DR Requires Special Attention

When it comes to business continuity and disaster recovery (BC/DR), hope is not a strategy.

Healthcare IT departments were already scrambling to keep up with an exploding demand for technology in the delivery of medical services. And that was before the federal mandate to provide electronic health records (EHR) tossed a time bomb into the paper records and photographic images that—for all of their shortcomings—at least provided hard copy backups for patient records. It was before enhanced HIPAA regulations required annual disaster recovery testing and site security assessments. Of course, that’s in addition to the ever-present risk of fi res, fl oods, pandemics, computer viruses, reckless backhoe operators, lost/stolen laptops, sabotage, bad luck and good old-fashioned, honest mistakes that occur in every industry.

No organization can protect itself from every disaster; some circumstances are simply unimaginable. But healthcare CIOs can mitigate potential damage by taking a few up-front, best-practices steps to ensure both patient and corporate data remain safe and secure.

A strategic, phased approach to BC/DR systematically evaluates everything – technology, data, processes and people – that a healthcare organization depends on to function effectively and effi ciently. And a fi rm commitment to BC/DR will allow for the development of risk mitigation, continuous operations and recovery plans that can be implemented incrementally as budgets and resources allow.

A best-practices approach to BC/DR for healthcare organizations: Builds on actual data from within your organization Involves stakeholders across IT, clinical departments and business units Integrates and enhances what is already in place Establishes realistic benchmarks Adapts as you progress through the phases Ensures compliance with relevant regulatory agencies Articulates a comprehensive BC/DR strategy Keeps you in control at all times Provides peace of mind beyond disaster recovery

11

EHR PIONEER

A hospital complex in the Midwest that is a pioneer of EHR used the information it gained from its BC/DR plan to develop two data centers that are the mirror image of each other to ensure the continuous availability of their state-of-the-art integrated IT environment.

This hospital was one of the fi rst to be able to demonstrate “meaningful use” as required by ARRA for EHR. The whole infrastructure was developed with patient care in mind. From one pane of glass, a physician can pull up a complete patient profi le, including billing, insurance, X-rays, lab tests – basically everything that is known about the patient.

BC/DR planning helped all the stakeholders collaborate on an integrated system that meets all their priorities. Besides facilitating the care of patients, the IT environment is equally responsive to the hospital’s business needs. The IT department also benefi ts from having an integrated system which means there is one place to look for everything.

The True Impact of Data Loss

The uncomfortable truth is that focusing on disaster recovery in the data center is not enough. Disaster recovery needs to be addressed in the larger and longer-term context of business continuity.

Research indicates a typical enterprise loses between $80,000 and $100,000 for each hour of downtime. And in healthcare, people’s very lives may also be at risk. So the most important thing you can do to mitigate damage in any situation is to know what the true impact of data loss will be to your organization. Two key considerations can help you defi ne your disaster recovery goals:

1. Recovery Time Objective (RTO): How fast data must be recovered.2. Recovery Point Objective (RPO): How much data you can afford to lose.

If you ask any department head what their RTO and RPO objectives are, you’ll hear “immediately” and “none,” respectively. The truth is, though, the answers have to come from the individual clinical departments themselves. Establishing appropriate, realistic and affordable RTO and RPO levels needs to be negotiated between the IT department, clinical departments and business leaders which means you’ve got to get IT and the business units talking to each other.

While the approach to BC/DR planning is essentially the same for any industry, there are areas of complexity – if not confl icting priorities – within healthcare that require special attention. Each area offers unique leverage points for negotiation.

Clinical imperatives: The highest level of authority in any healthcare organization be-longs to the clinical departments and their respective doctors, but their decisions about the technology they want in their specialties rarely take into account what is needed to support it. That’s one of the reasons Picture Archiving and Communications Systems (PACS) still exists in isolated silos in the data center. More physicians today, however, understand the benefi ts of an integrated IT environment that is accessible, interopera-ble and always available, and they see the advantages of participating in an effort that accomplishes those shared objectives. Hospitals are also realizing they need to provide integrated, interoperable services to attract and retain top physicians.

Did You Know?Healthcare organizations need cost-effective and resilient solutions for backup, archiving and DR that cover complex operations such as large hospital campuses, multiple clinics and remote locations.

DR solutions must ensure instant access to critical EHRs, including medical records and images, and be performance-intensive while also meeting fl exibility, scalability and legal/compliance requirements.

Logicalis offers DR assessment and planning, implementation and DR as a Service (DRaaS). NorthShore University HealthSystem is one of the award-winning examples of DR best practices designed and implemented with Logicalis’ expertise.

12

High levels of regulation: Even if you haven’t been thinking about all the various ways your IT could suffer a signifi cant outage, a growing list of regulatory agencies have been thinking about it for you, and they are drafting regulations requiring you to be able to demonstrate that you are prepared to respond to, if not prevent, disaster with a func-tional – and routinely tested – disaster recovery plan. Case in point: updated HIPAA regulations that came as part of the ARRA.

Many healthcare IT departments, however, are held back by a data center full of aging technology and a shrinking capital budget. In virtually all cases, compliance with healthcare regulations is consistent with business continuity best practices. A key part of the ongoing process of business continuity planning, as a result, is the ongoing evaluation of new BC/DR options as they become available. Disaster recovery as a Service (DRaaS) that provides a standard DR failover to a cloud environment may offer an important option to regulatory requirements for demonstrable DR functionality by sidestepping the investment in new technology and shifting DR expenses from capital budgets to operational budgets. Another cloud option: cloud-to-cloud disaster recovery (C2C DR), which offers the ability to failover infrastructures from one cloud data center to another, either within a single vendor’s environment or across multiple vendors.

Developing a Road Map

Disaster recovery (DR) typically turns up – or should – during discussions about data center upgrades. But BC/DR planning is not a one-time project. It is a living process like a healthy diet or an exercise routine. It’s an ongoing journey, and the fi rst step is the development of a road map.

A typical BC/DR plan for a healthcare organization addresses key technologies, such as data replication for availability, server virtualization for rapid restart and IP telephony for integrated communications in the event of a threat to the effective functioning of the IT environment.

For all the sophisticated technologies available today, according to analyst reports, approximately 75 percent of the world’s data is still protected by copying it to magnetic tape and shipping it off to some secure offsite storage. There is arguably a role for tape backup in your DR strategy, but DR technologies based on data replication, by contrast, provide a continuously updated copy of critical data from one location to another over a storage area network (SAN), LAN or local WAN, so you always have multiple up-to-date copies of your data. Replication often works in combination with data deduplication, virtual servers and cloud computing.

Replicating data between the primary and DR sites before failures occur ensures that data and applications are current at the secondary site. Failover to the DR site happens automatically when the primary site fails. Failback is when the system is restored to its original state before the failure.

Th e Cost of Downtime Per Hour Across US Industries:

Media $90K

Source: Network Computing, the Meta Group and Contingency Planning

Brokerage Service $6.48M

Energy $2.8M

Telecom $2M

Manufacturing $1.6M

Retail $1.1M

Healthcare $636K

13

DR for Doctors

A large healthcare system with six hospitals, over 3,000 doctors and 100 facility locations had two data centers over 25 miles apart – one a primary production data center and the other a secondary DR site with a shadow server.

Logicalis helped create a redundant, local high-availability Epic environment that included IBM p780 Power System servers, AIX v6, and PowerHA 6.1.

A second p780 was implemented in the remote data center to run a scaled-down inventory of applications. Asynchronous replication of Epic journal fi les was established to the remote site, and failover to that site was accomplished in approximately four hours.

Virtual Assist

Virtualization at the server, network and storage layers dramatically facilitates the replication of data within a disaster recovery system. Before virtualization, organizations needed to have the same hardware at their primary and disaster recovery sites. With virtualization, IT can abstract the systems and have different types of hardware at multiple sites. It is also possible to perform tasks such as automating rapid virtual machine rebooting, replicating virtual machines at the hypervisor layer with heterogeneous storage, and turning backups of physical or virtual machines into bootable virtual machines.

The trend toward converged infrastructures, coupled with advances in software-defi ned storage (SDS) and software-defi ned data centers (SDDC), promises to further facilitate DR by increasingly liberating not only data but whole platforms from underlying hardware. Cloud computing technologies such as automation and orchestration will also enable dynamic environments that go a long way toward taking care of themselves. Cloud computing even frees IT departments from having to buy, install, maintain and support their own hardware making at least some level of data protection a no-brainer. What is too often lacking is the willingness of healthcare IT departments and administrators to face the potential for data disaster in their organizations and make building a strategy to prevent it a priority for which they are willing to pay.

The good news is that with the new generation of disaster recovery technologies, it is possible to confi dently prepare for disaster recovery in a way and at a cost that can be tailored to your organization’s tolerance for risk. You just have to decide how much risk you are prepared to take.

14

Neutral Territory:What You Need to Know About VNAs, EIMA and PACS Archive (VNA)

Now that new healthcare regulations require all images associated with a single patient to be transmitted and stored electronically, what was already a signifi cant storage issue is about to get exponentially larger and more complex.

Because the technology that captures and archives patient images is often based on a proprietary, single-source solution, one system cannot read the images created by another. This means it has become very diffi cult for hospitals, caregivers and patients to share related images in an effi cient, electronic manner.

That’s where vendor neutral archive, or VNA, opportunities come in. A vendor neutral image archive can accept and store images from all of the modalities that generate images (i.e., X-ray machines, CT scans and MRIs) and, in turn, communicate usable images to all of the systems that view those images.

Before implementing this kind of solution, healthcare organizations need to confront all of the contradictions, confl icting protocols and formats, clinical demands and IT requirements that led to this situation in the fi rst place. In addition to the complex technology issues involved, IT leaders must contend with entrenched Picture Archiving and Communications Systems (PACS) politics. Radiology departments and other imaging disciplines – key revenue centers for healthcare systems struggling to maintain services while streamlining expenses – have long had free rein to implement the latest life-saving image technologies without factoring in the IT required to support them.

Nor has sharing images been part of the business model of the dominant PACS vendors. The use of vendor-defi ned headers on the images, including tags that are in some cases not visible to IT, effectively enforce customer loyalty by making it extremely diffi cult for hospitals to switch to a competing vendor’s PACS format. The fact that some major hospital information system (HIS) vendors are also PACS vendors compounds the dilemma facing IT departments.

15

It is diffi cult to pursue a vendor-neutral approach to imaging when the imaging vendors are anything but neutral. PACS vendors, for example, typically offer to cover the cost of migrating data to their own next new version, making it doubly hard for a CIO to win approval from the board to break from precedent and invest in a vendor neutral image archive.

Re-enlisting for another PACS upgrade could solve a short-term problem of migrating to newer imaging technology, but doing so leaves your organization facing the same problem (only much larger) a few years later. It also fails to address the need to share images across dissimilar systems that is mandated by the American Recovery and Reinvestment Act (ARRA).

Breaking the Status Quo

Clearly, the status quo has inertia on its side, but more healthcare CIOs are beginning to realize that simply committing to another PACS upgrade is an unsustainable strategy that puts them on a collision course with the national mandate for shareable EHR. At the same time, the technology necessary to accomplish a vendor-neutral archive is becoming both more compelling and more available.

The more data that is collected, the more complex the problem becomes; data migrations could eventually take longer than the implementation of an entirely new system! Even the CIOs of major hospitals are sometimes unaware that the amount of imaging data already stored in a traditional, proprietary fashion could take as long as three to four years to convert to new, shareable formats. Clearly, with new legislation underway that requires this share-ability, the time for implementing a solution is now.

A healthcare organization can, of course, transition to a vendor-neutral image archive using the organization’s existing storage infrastructure. A PACS, for example, can be connected by Fibre Channel to a small pool of high-availability storage for the critical fi rst 30 to 60 days after an image is captured in its own format. Images older than 60 days can then be archived to longer-term storage on other tiers in an industry-standard format for most of the useful life of the data. Then, as the data ages and is less likely to be retrieved, it can be transferred to serial attached SCSI (SAS) drives, then to serial ATA (SATA) drives, and fi nally to tape.

“At Logicalis, we were early to market with VNA solutions several years ago, partnering with VNA specialists like TeraMedica. Our healthcare account executives understand VNA and leading storage technologies from IBM like the IBM Storwize V7000 and Scale Out Network Attached Storage (IBM SONAS),” says Karen Burton, Healthcare Business Development Manager, Logicalis US.

EIMA: The Great Communicator

Another consideration: An Enterprise Image Management Archive (EIMA) strategy that couples VNA software from vendors like TeraMedica with existing or new storage solutions can liberate hospitals from the constricting cycle of PACS upgrades while enabling the sharing of images between hospitals and clinics regardless of their internal systems.

An enterprise wide image archive does not replace PACS or back-end storage, but communicates with all of the PACS systems and allows the interchange of images between the systems. EIMA also facilitates storage virtualization and consolidation, plus the migration of data between PACS systems. IT departments are spared the periodic gauntlet of PACS data migration because the data resides in the archive.

Th e Benefi tsof EIMAGreater patient engagement

Reduced cost to store and

manage images

Freedom from costly data migrations Centralized management tools, DR and security Tiered storage by value of data

Regulatory compliance

Secure PHI Clinically aware retention rules

Business continuity/data

protection

Image repository

Single source for image data Simplify and reduce cost to integrate applications

16

Did You Know?Your HIT generates enormous amounts of data that needs to be managed, protected and accessible. Whether you’re looking to consolidate and modernize storage to reduce cost and support requirements, or looking for specifi c solutions like VNA for medical imaging, Logicalis understands healthcare data management.

VNA solutions offer a centralized data repository for images and other non-transactional data that serve multiple clinical applications – regardless of the vendor or technology – including Picture Archiving and Communications Systems (PACS), video, digital images, and test result fi les. With a centralized archive, clinicians can securely add, access and share relevant patient information across the enterprise for more collaborative diagnoses and treatment plans. To deliver VNA solutions to you, we partner with leading software vendors including TeraMedica and Mach7.

Converged infrastructures help healthcare IT organizations overcome IT sprawl by unifying servers, storage, networking and applications on one highly effi cient platform.

According to Logicalis healthcare IT experts, today’s best practice is to implement a VNA software layer that ensures all images are stored in a Digital Imaging and Communications in Medicine (DICOM) format so they can be accessed from a Web browser viewer even if the PACS is offl ine. The primary task of the VNA software layer is to provide the interfaces required to enable all of the different devices involved on both the imaging and patient record sides of healthcare to communicate with each other and a network of associated medical facilities. Depending on which set of systems you have and what functionality they support, some may integrate better than others. It is not something to enter into lightly, though. Experts estimate it could take six months to a year to complete a VNA initiative, depending on the complexity of the healthcare environment. The cost savings and benefi ts in maintaining a single point of interface and eliminating data migrations, however, more than justify the effort.

No matter how you choose to get there, take that fi rst transformative step now. Many challenges are associated with the development and implementation of a vendor-neutral image archive, but at least all of the effort and investments required to accomplish it takes you incrementally toward the ultimate goal of providing PACS interoperability and the ability to share information throughout the larger medical community. Any other decision just leads you back in a circular course to the same problem still waiting for a solution. Time is running out to run that course again.

17

Engaging Patients through Portals:Th e Information Highway to Healthcare’s Meaningful Use

To deliver the most affordable, quality patient care and respond to fast-changing and increasingly complex laws and regulations, today’s healthcare providers are juggling challenges, such as engaging patients, meeting meaningful use requirements and providing new or improved services, all while attempting to reduce costs and improve hospital margins. As a result, successful healthcare CIOs and their IT departments must be nimble enough to change on a dime, preparing the IT departments to follow the strict guidelines that must be met to qualify their organization for available federal incentives.

Under the American Recovery and Reinvestment Act (ARRA), for example, healthcare providers are required to meet meaningful use Stage 2 requirements which mandate that at least 5 percent of patients must view, download or transmit their data via a patient portal. To deliver on this mission, IT must facilitate patients’ interaction with their healthcare providers and give them access to their own healthcare data via these Web-based patient portals. IT must securely accommodate patients’ mobile devices, such as smartphones and tablet devices, and the mobile health devices that can help monitor and report results back to the EHRs. And they must secure patients’ protected health information (PHI) and ensure compliance with the Health Insurance Portability and Accountability Act (HIPAA) and other regulations.

Increasing Patient Engagement

Healthcare patient portals allow patients to securely interact and communicate with healthcare providers anytime and from any device, without sacrifi cing their privacy. These web-based communication tools can be deployed as standalone websites, integrated with your organization’s existing website or added to your EHR system. No matter how they’re deployed, patient portals increase patient engagement by providing secure online access to their healthcare data.

18

Pediatric Hospital’s Innovative Portal Engages

Patients & Families

While meaningful use requirements are driving hospitals across the country to adopt patient portals, one of the largest pediatric healthcare providers in the United States wanted to deliver an online experience that went well beyond the traditional EHR portals available today. This hospital wanted to create an innovative and exceptional online experience that better serves patients and their families.

In just seven months from scoping to go-live, Avnet Services and Logicalis integrated IBM technology (Portal, Connections, Tivoli, Forms, Coremetrics) along with the existing EHR patient portal to deliver greater online capabilities and personalized features, including:

Self-registration online with a single sign-on for all components of the system. Quick and easy access to medical records and insurance coverage. Online appointment scheduling and prescription refi ll requests. Relevant, personalized education about disease management, tailored to the patient’s condition and needs. A built-in social component of “Patients Like Me/Families Like Mine” communities where people with similar medical issues and concerns can interact. A Spanish-translated site.

Not only do online portals support greater patient involvement, they can help providers reduce costs, increase effi ciency and streamline workfl ows by moving non-urgent communications online. Portals can help your patients locate health and wellness information, securely schedule appointments, check test results, review their records, make payments and communicate directly with providers. Allowing patients to communicate using a patient portal helps to strengthen the bond between you. Every time they take some action, they feel more engaged in their care and more bonded to your organization.

Typical applications include: Find/complete forms Order/refi ll prescriptions Order eyeglasses and contact lenses Access medical records Pay bills View lab results Schedule appointments Locate health and wellness info Get aftercare instructions

A patient portal can help patients, as well as a myriad of clinicians, to share information and collaborate on care. Some portals even offer options that allow clinicians to separately follow patients and check on their status, while passing any pertinent information on to the patient or other clinicians, something which can potentially improve outcomes as well.

Portal Partners

Did You Know?To meet meaningful use Stage 2 requirements and receive federal incentives, today’s healthcare providers must offer patient portals. Your challenge is how to get patients engaged in their care to use your patient portal. Logicalis and our portal partners have enhanced the patient portal with engaging functionalities beyond those provided by your EMR vendor, including innovative mobile applications.

Th e portal has resulted in fewer calls, elimination of paper forms, improved patient engagement, and better overall care by having families involved.

19

Logicalis can help you build a base portal environment using IBM WebSphere that is capable of handling 95 percent of your basic intranet needs, starting with simple projects and minimal budgets, then adding functionality as needs and budget allow.

For example: Doctors and nurses in one hospital client were waiting in long lines in the cafeteria, taking them away from patients. The solution? The hospital put a webcam in the cafeteria and created a portal for the staff to see what the lines were like before heading there. This is a simple portal to implement once the framework is in place, but most hospitals have small IT staffs that don’t have the time to set up the framework for their own customized portals.

Once Logicalis builds the basic portal, the hospital’s own IT staff discovers other things they can do with it, creating simple portals and linking to applications on their own, then calling a partner like Logicalis for more complex portal projects.

Administrative staff can also shift appointment requests to a specifi ed time to slow the near constant real-time demands for appointment setting. An added benefi t? Most portals can send automated appointment reminders to patients to reduce the time that staff members spend making calls. With a greater focus on organizational effi ciencies as well as patient-centered care and a desire to meet meaningful use Stage 2 guidelines, more and more healthcare providers are turning to patient portals.

Benefi ts of patient portals can include: Ensure tighter collaboration between provider and patient for better outcomes. Help patients to quickly and securely access their EHRs and other healthcare information for more satisfi ed patients. Secure regulated patient information and ensure HIPAA compliance. Consolidate data to reduce the cost and complexity of maintaining silos. Increase clinician effi ciency and productivity with improved workfl ows.

Eliminating Security Concerns

HIPAA rules require only that patient data be secured and, when shared, encrypted (but don’t specify which devices or technologies can access that data). Patients can choose how to access the patient portal. Your job is to make sure they have appropriate access to the applications and PHI they need, while centrally managing security policies and ensuring HIPAA compliance. Because patient data does not reside on the device, the risk of data loss from lost or stolen devices is practically eliminated.

Patient Portals Deliver: Clinicians – Greater effi ciency and productivity and improved patient collaboration.

IT – Fast patient access to consolidated data via mobile and mobile health devices.

Administrators – Better patient service and meaningful use Stage 2 compliance.

866.456.4422 | www.us.logicalis.com/