A small medical office of four doctors and support staff decides they want to set up a wireless LAN to let them to take their laptops with them from room to room for real-time data entry on patient records. The doctors know they need to comply with HIPPA controls over patient records and are concerned that a Wi-Fi LAN could compromise security. The intent of this paper is to offer advice to the medical office manager about the implementation of a Wi-Fi access point for their network. I will cover the elements needed within a policy, and the development of a high-level standard that will address the considerations for implementing Wi-Fi under HIPPA security rule constraints.
Case Study Two 4
Case Study Two Ch.4, p.88
The modern doctor's office can be a den of inefficiency. In many cases, a physician must leave his or her patient to access the patient's medical records via a secure computer network. I know from personal experience, my doctor must leave the examination room, and go to her office to access her computer so she can make any updates, enter any notes, or to place an electronic prescription with my pharmacy. This can take anywhere from two to five minutes, and she has to do this for each patient she sees each day. Why does she have to do this, why not just have computers in a central site to help make her patients' visits more efficient, or at least save her all that walking? Well, she has to comply with HIPAA regulations that protect the confidentiality of all medical records. All doctors, like my doctor have had to build secure network using a physical connection to their equipment. However, as doctors migrate from hard copies (written copies) of their patients' records to a digital version of those records, doctors need to have access to their servers in a much more efficient way.
How can we carry this out while maintaining compliance with HIPPA? All offices and storage rooms can be wired to the communications room via a jack and a wire. Doctors can put computers in each room, but that can be a rather expensive proposition. The doctor might decide to have a computer in a central location and use only a monitor and keyboard at each remote location, but that is still pricey. Another alternative is to place computers or monitor/keyboards in strategic places throughout the office, but that may not help increase the productivity of both the staff and the doctors. However, there is one choice that can be implemented, and that is why you have asked me here. We are going to give you wireless access to your network. Doctors and staff will be able to access the network anywhere in the office via a laptop, or even with a smartphone or PDA. If you chose, we can make a part of the network available to patients via a "hot spot," allowing them the connivance of Internet access via a laptop or smartphone, while they wait to be seen. Let us look at what is needed to build your network and...