tag:blogger.com,1999:blog-4384692836709903146.post2049262899775045132..comments2024-03-27T09:55:23.143-07:00Comments on Dispatch from the Digital Health Frontier: Desktops and Laptops in an EnterpriseJohn Halamkahttp://www.blogger.com/profile/04550236129132159307noreply@blogger.comBlogger11125tag:blogger.com,1999:blog-4384692836709903146.post-10654972819497322312008-02-03T08:27:00.000-08:002008-02-03T08:27:00.000-08:00I'm not sure I understand your position with respe...I'm not sure I understand your position with respect to individuals choosing to work in a Mac environment. Do you offer the option of Dell OR Mac to your users?<BR/><BR/>Greg Mogel, MD<BR/>University of S. California<BR/>mogel@usc.eduXrad2https://www.blogger.com/profile/14142489249284617261noreply@blogger.comtag:blogger.com,1999:blog-4384692836709903146.post-9938221190956490052008-01-22T13:00:00.000-08:002008-01-22T13:00:00.000-08:00Thanks for broaching the subject of security in re...Thanks for broaching the subject of security in regards to laptops and desktops.<BR/><BR/>Quoting you saying, “At Caregoup, we must protect the confidentiality of 3 million records (HIPAA mandate and patient expectation”. “Security is an end to end design requirement from the server to the network to the desktop/laptop used to access the data”. It is nice in theory, but most people in the medical field are still using systems that encrypt the hard drives on laptops and desktops, thereby taking control of the computer and negatively affecting productivity through loss of speed. Also, with some full-disk encryption solutions, once you open your system up, none of your data is now secure and your system is totally open to any prying eyes.<BR/><BR/>Why then are we experiencing such reluctance when proposing a solution to these very real threats? We have developed a software that will not only act as a “safety deposit box” on your hard drive, but allow you to encrypt it, manage it and create corporate policies on “how” and “what” stays secure. This software only secures your data, leaving your computer to do what it was intended for, as a productivity tool. Combine it with our TripleDES (3DES) encryption for all secure file transfers and your box is complete.<BR/><BR/>I know that this seems to be a thinly veiled attempt to sell you something, but that is actually not my intent. My intent is to suggest to the medical community as a whole that you can have true data security without locking down your entire system and without any system degradation. In today’s world security is more than just complying with SOX, GLBA, HIPAA, etc, it is the actual protection of the data requirements that brought about this legislation. Data security should not be difficult, expensive or a drag on your system and this is where most other products or solutions fail.<BR/><BR/>After a long beta test at the VA and waiting for our Security Clearance, we are currently in negotiations for system implementations across the board. Do to this, we are now focusing on the medical community. I have spent hours reading your blogs, posts and interviews and truly believe that you have overcome many obstacles that I am now experiencing. Any suggestions would be greatly appreciated!<BR/><BR/>"Policy driven and Managed Security"<BR/><BR/>hypersecurityllc.com/demo.htmlUnknownhttps://www.blogger.com/profile/14853453833950858182noreply@blogger.comtag:blogger.com,1999:blog-4384692836709903146.post-18296319171173808532008-01-22T12:16:00.000-08:002008-01-22T12:16:00.000-08:00"The advantage we've experienced with Optiplex is ..."The advantage we've experienced with Optiplex is simpler image management. We maintain a small library of very stable images for specific hardware. Limited variation in hardware enables us to manage a smaller library of OS images."<BR/><BR/>My point is that there's nothing specific to Optiplexes that makes this true. If you standardize on, let's say, an Inspiron530, then as long as Dell doesn't change the chipset in the 530, you'll also be able to survive with the same number of OS images as you would with an Optiplex. Of course, even if you believe what I just said, it becomes a financial decision because by the time you add a 3-year warranty to the lower-priced spread, the cost might be very close to the Optiplex.<BR/><BR/>Dell gave us a song and dance for years about why they only put Intel processors in their machines. None of their reasons, except maybe supply issues, turned out to be true. I'm finding that it's almost<BR/>the same in the way they differentiate their various desktop lines.<BR/><BR/>Jon ForrestSudsyhttps://www.blogger.com/profile/06005665577735911530noreply@blogger.comtag:blogger.com,1999:blog-4384692836709903146.post-27743997312177430882008-01-22T10:22:00.000-08:002008-01-22T10:22:00.000-08:00I work in a Canadian hospital library (in a region...I work in a Canadian hospital library (in a region experiencing an economic boom, incidentally, so money should not be our issue), and I know from many listserv postings and blogs that medical librarians often have tons of trouble with their IT departments. In my case, it's not a hardware issue, but several software issues. I really don't care what types of desktop or laptop applications are mandated, but it frustrates me no end that our IT people place absolutely no priority on keeping software up to date. We are forced to use Netscape 4.8 for e-mail, Internet Explorer 5 as our browser, and Acrobat Reader 6 for reading PDFs. We are prevented from updating these products to the latest versions (locked down from downloading updates) and it's totally not a priority with our IT people to update things system-wide. So opening a PDF from an e-journal freezes up Internet Explorer, because we're two versions behind on both IE and Acrobate reader, and Netscape e-mail tries to open links in the Netscape 4.8 browser (again, I can't change this to IE under preferences, because the IT cops have grayed it out). <BR/><BR/>I understand that IT departments have to make standards and data protection a priority, but they also need to help us do our jobs. I was so aggravated with the lack of functionality of my hospital's e-mail system that I considered forwarding it all to a GMail account and managing it that way. I ultimately decided not to do this, because of the privacy implications and also because it's a direct violation of policy, but someone else might not have had those scruples. Lots of people would rather bend or break the rules to work around a perpetual irritant, if there's no other way to deal with it directly. <BR/><BR/>Oh, and did I mention that in our brand new "state of the art" hospital, the computers that were designated for patient internet access sat there for nearly a year before being hooked up? IT mandated that these have to have a regular connection off the hospital network (very reasonable), but then didn't get around to actually setting it up for months (very unreasonable). In the meantime, we were told that patients were not allowed to use any staff computer to quickly send their boss an e-mail, etc. <BR/><BR/>I think it's these sorts of things, and not hardware or software standards per se, that really irritate the users of these systems.Heatherhttps://www.blogger.com/profile/16091493284469453148noreply@blogger.comtag:blogger.com,1999:blog-4384692836709903146.post-39222374807568424982008-01-21T18:13:00.000-08:002008-01-21T18:13:00.000-08:00The advantage we've experienced with Optiplex is s...The advantage we've experienced with Optiplex is simpler image management. We maintain a small library of very stable images for specific hardware. Limited variation in hardware enables us to manage a smaller library of OS images.John Halamkahttps://www.blogger.com/profile/04550236129132159307noreply@blogger.comtag:blogger.com,1999:blog-4384692836709903146.post-22036566715226750322008-01-21T17:48:00.000-08:002008-01-21T17:48:00.000-08:00I know that Dell makes the claim that you summariz...I know that Dell makes the claim that you summarized regarding the difference between the Optiplex line and the Inspiron/Dimension/Vostro lines (why oh why did Dell have to confuse the issue by suddenly changing the Inspiron brand to also include desktops?). I've started to wonder if this claim is valid.<BR/><BR/>I have no way of judging their claim about higher quality parts except to say that in my experience in a large academic department in a large US university, I found that Optiplexes and the rest have no significant difference in failure rate. I would like to see a non-partial detailed examination of this issue based on real experiences, not on MTBF claims.<BR/><BR/>I don't think the claim of less variability of Optiplex components makes much sense anymore. For standard desktop PCs, virtually all functions are provided by the chipset, and not by separate add-in boards, like in the old days. So, provided that Dell doesn't change the chipset in a specific model<BR/>Dimension/Inspiron/Vostro, a standard OS image will work just fine no matter what other components change in the PC.<BR/><BR/>I agree that standardization can help reduce the number of people required to support a large number of desktop machines, but I'm skeptical of Dell's claims because I don't think they make technical sense anymore. I'd love to hear any counter examples.<BR/><BR/>Cordially,<BR/><BR/>Jon Forrest - UC Berkeley<BR/><BR/>jlforrest@berkeley.eduSudsyhttps://www.blogger.com/profile/06005665577735911530noreply@blogger.comtag:blogger.com,1999:blog-4384692836709903146.post-86374932900133766532008-01-21T17:08:00.000-08:002008-01-21T17:08:00.000-08:00We offer free wireless access to all patients, but...We offer free wireless access to all patients, but do not monitor content. We have a standard appropriate use statement which all patients must sign electronically before getting connected. Of note, we do not route patient connections through any part of the Harvard internet infrastructure - we've purchased a separate Sprint connection for this traffic.John Halamkahttps://www.blogger.com/profile/04550236129132159307noreply@blogger.comtag:blogger.com,1999:blog-4384692836709903146.post-27556555381676639622008-01-21T16:24:00.000-08:002008-01-21T16:24:00.000-08:00AMR - I have a similar setup to John's whereby we ...AMR - I have a similar setup to John's whereby we provide non-secured WiFi to patients, vendors, etc. We funnel the traffic through our web filters (Barracuda). The Cisco Access Points allow for a complete segmentation of the traffic from the private network of our Hospital and the public infrastructure.Techno Tornadoeshttps://www.blogger.com/profile/00301204174123454469noreply@blogger.comtag:blogger.com,1999:blog-4384692836709903146.post-1327324484793959222008-01-21T15:27:00.000-08:002008-01-21T15:27:00.000-08:00How do you control what is being accessed through ...How do you control what is being accessed through the patient wireless network? How can you ensure that the patients are not accessing inappropriate substances? How can you enforce accountability in such a situation? Do you offer free wireless access to patients?Amrhttps://www.blogger.com/profile/05917319029318017821noreply@blogger.comtag:blogger.com,1999:blog-4384692836709903146.post-90827150816801296152008-01-21T09:28:00.000-08:002008-01-21T09:28:00.000-08:00We have 460 Cisco Lightweight Access Points provid...We have 460 Cisco Lightweight Access Points providing 802.11a/g services to our patients and providers. We offer two SSIDs on our wireless network - a public non-secure internet connection and a private secure connection to all internal networks. Personal hardware devices all use the public non-secure internet connection. The iPhone, a great consumer device, does not have the capability of connecting to our secure network which is based on the EAP-FAST authentication protocol.John Halamkahttps://www.blogger.com/profile/04550236129132159307noreply@blogger.comtag:blogger.com,1999:blog-4384692836709903146.post-45355782968532472652008-01-21T06:29:00.000-08:002008-01-21T06:29:00.000-08:00What do you do about personal hardware that uses W...What do you do about personal hardware that uses Wi-Fi...for example the iPhone?Norgehttps://www.blogger.com/profile/05684614598046588090noreply@blogger.com