WiFi-Based Patient Monitoring by mThink, January 29, 2007 Healthcare is an ideal environment for the use of wireless and mobile computing technologies. From a process perspective, the hospital of today can be compared to a logistical or supply chain operation. There are multiple departments through which the patient moves, while at the same time, critical patient-specific information is needed for real-time decision support. Clinicians must have access to this information at the right time wherever they are without increasing their workload. Consumers and industry alike have enthusiastically embraced wireless technology because it greatly expands our freedom to communicate and exchange data, bringing unprecedented productivity and convenience to our business and personal lives. Driven by the lower cost of wireless components, the healthcare sector is following suit and the growth of wireless networking in hospitals is skyrocketing. Today, the adoption of wireless standards such as IEEE 802.11b/g (also known as wireless fidelity or “WiFi”), and the use of mobile computing platforms form the basis of this wireless revolution (see Figure 1). At the same time, clinical caregivers want to do more on a mobile basis and have grown accustomed to receiving information in real time via cell phones, pagers and personal digital assistants (PDAs). These factors have converged and are providing the impetus for a wide acceptance of wireless technologies within the healthcare industry. Why Hospitals Are Adopting Wireless Solutions The healthcare sector has been familiar with wireless for many years, but its use has largely been confined to traditional telemetry- based patient monitoring, where the patient’s vital signs are only displayed at a central monitoring location. In the past few years, however, a proliferation of wireless carts has been deployed for clinical information system charting and patient admitting applications. Hospital information system companies that have traditionally offered various productivity applications for clinicians are now realizing that it makes sense to adapt their applications to operate on PDAs or similar devices. Healthcare is an ideal environment for the use of wireless and mobile computing technologies. From a process perspective, the hospital of today can be compared to a logistical or supply chain operation. There are multiple departments through which the patient moves, while at the same time, critical patient-specific information is needed for real-time decision support. Clinicians must have access to this information at the right time – wherever they are – without increasing their workload. Healthcare providers look to wireless solutions for a variety of reasons. Among the desired goals are reduced risk when monitoring patients, better patient outcomes, increased staff efficiency and continuity of care, improved response time, decreased costs associated with the care process and compliance with government regulations and standards. Another goal is to reduce the cost and complexity of network management by leveraging existing wireless infrastructures and by deploying clinical and other value-added applications. A New Approach to Integrated Wireless Monitoring As a leader in patient monitoring, Dräger Medical was the first enterprise patient monitoring vendor to offer IEEE 802.11b WiFibased wireless technology across its line of patient monitors. With Infinity Wireless, all vital patient data is transmitted to the Infinity Network for a continuous flow of information to care team members at the bedside, the central station or in remote locations throughout the hospital. There are fewer information gaps to leave doctors and nurses uninformed and hinder lifesaving judgments. Wireless monitoring alleviates the difficulties and expenses posed by hardwired monitors in some clinical environments. For example, Infinity Wireless is ideal for neonatal intensive care units and operating/recovery rooms where hardwiring can be impractical. Wireless is also the answer for the emergency department, where there can be an overflow of patients. To further the commitment to compatibility with all hospitals, Dräger Medical patient monitoring can share the hospital’s existing 802.11b/g access points that are widely used in hospitals today. What About 802.11a for Hospitals? The 802.11a standard offers the same high-speed advantages as 802.11g (54 Mb/sec), but uses a higher 5.8 GHz frequency range. This technology would appear to be well-suited to hospitals because it offers an alternative to the popular 2.4 GHz frequency range, in which many types of devices operate. However, 5.8 GHz signals do not penetrate walls and other fixed obstacles as well as signals that operate in the 2.4 GHz range. In fact, detailed site surveys in hospitals clearly show that structured buildings typically require up to seven times as many access points as compared to 802.11g deployments. This factor makes the decision to deploy 802.11a across an enterprise an expensive proposition. Providing Vital Patient Data Hospitalwide Traditionally, patient monitoring required its own discrete network to carry life-critical patient information,which meant that the hospital had to install and maintain two separate wireless networks. Dräger Medical’s Infinity OneNet solution enables hospitals to run patientmonitoring information on the hospital’s existing infrastructure. By supporting wireless monitoring, the Infinity OneNet architecture enhances central surveillance. Infinity wireless monitoring maintains a continuous connection to external systems to create a seamless patient record. As a result of Infinity’s automated process, other care areas can have immediate access to this patient data. Access can be provided from the in-house clinical information system, or remotely via the wireless network to mobile clinical workers. Commonly available PDAs with wireless-enabled 802.11b/g cards could access this vital information, as well as waveform and trend information, for specific patients. Addressing Security Concerns The steady growth of WiFi in healthcare enterprise demands that IT teams learn and adopt new security methodologies tailored to the unique requirements and weaknesses of wireless networks. Network staff and security staff must first evaluate the myriad set of authentication and encryption mechanisms that can be used in the network. Depending on the security selected, IT needs to establish and document the corporate WLAN security policy, including mechanisms to validate user compliance and monitor for network vulnerabilities. A secure network is the result of an ongoing security process and not simply the installation of security technology. This means that even with a strong security policy in place, IT must also actively monitor and enforce compliance with that policy and be aware of the vulnerabilities inherent in the strategy that they have chosen. As a result of using standards-based wireless 802.11b, Dräger Medical is able to use enterprise tools to monitor the health and integrity of the network in real time, 24 hours a day, seven days a week, 365 days a year. This includes, but is not limited to, identifying authentication and encryption problems, as well as configuration vulnerabilities, rogue device issues, wireless intrusions, denial of service attacks, overloaded hardware and channels, and deployment and operational issues. Enterprise IDS (intrusion detection systems) can provide the final layer in a wireless security solution. With a distributed architecture of remote smart sensors that work in tandem with a server appliance, an enterprise IDS architecture can passively monitor all wireless LAN activity in real time for the highest level of security, policy enforcement and operational support. This IDS architecture can provide the secure foundation that will offer a scalable and manageable solution for wireless LANs in a single healthcare facility or the complete IDN. While this system proactively notifies IT personnel of alarms for security threats, policy violations and performance issues, these systems also allow for network administrators to access a single interface for a complete view of the wireless LAN and the management of critical intelligence. Identification of potential rogue wireless LANs is paramount for all organizations and such systems provide full rogue detection that goes beyond simple alerts of broadcasting access points. With “stateful” monitoring of all wireless LAN activity-based attack signatures, protocol analysis, statistical anomaly and policy violations, these systems can identify network reconnaissance activity, suspicious WLAN activity, impending threats and attacks against the wireless LAN. Because these systems do not rely solely on attack signatures, recognition is made of documented and undocumented attacks. “Stateful” means that these systems can provide continuous monitoring of the “state” of communication between all access points and stations transmitting on the airwaves. With a minute-by-minute account of all WLAN traffic, intruders are immediately recognized, attacks are quickly detected and appropriate measures can be taken to secure the network. Stateful monitoring also allows the system to understand the full context of wireless LAN. Ensuring Quality of Service As with wired LANs and other networks, WLANs can leverage quality of service (QoS) capabilities to enable prioritization schemes for traffic types, geographic locations and specific individuals or departments. In a life-critical patient monitoring environment, it is imperative that QoS be guaranteed. Dräger Medical has chosen a methodology that will ensure the primacy of patient monitoring data within a wireless infrastructure. In order to accomplish this goal, Dräger Medical has employed an application traffic management system from Packeteer, Inc. – the leading provider of application traffic management solutions worldwide. Mitigating Potential Interference to Medical Devices A wireless phone at 860 MHz has a power output of 600 mW EIRP (effective isotropically radiated power), while a WLAN PCMCIA card at 2.4 GHz has a power output of 100 mW EIRP. Direct sequence 802.11b radios have some advantages to frequency hopping in interference mitigation. Direct sequence radios can be programmed to operate on select channels to reduce interference. Unlike frequency-hopping radios that hop the entire spectrum, the direct sequence radios can be programmed to operate on dedicated channels to avoid interfering with devices that might be susceptible to radios operating in certain parts of the band. Meeting HIPAA Requirements Combined with the proper security and network monitoring strategies, standards-based wireless technologies will contribute to the hospital’s ability to comply with HIPAA requirements. The Dräger Medical OneNet architecture enables hospitals to deploy solutions for authentication, encryption and open systems interoperability. Part of this architecture is a role-based approach that provides convenient management of privileges for different categories of users. For instance, IT administrators can define destinations such as an IP subnet; services such as HTTP, FTP, POP3; user locations; time/date schedules; and available bandwidth to control which users have access to each resource. Multiple service and destination groups can simplify policy creation and reduce the complexity and cost of the administration of large-scale networks. Summary Properly designed and implemented, a shared wireless infrastructure enables hospitals to: Deploy wireless applications on a common WiFi network and leverage their existing investment in wireless networks and equipment. A common WiFi network strategy allows hospitals to amortize the cost of their wireless infrastructure across many applications; Utilize mainstream standards-based wireless technologies with best radio technologies; Leverage existing security strategies and solutions; and Efficiently manage quality of service for patient monitoring as well as other wireless applications deployed across their enterprise; and More efficiently support and troubleshoot wireless network and associated applications. Packeteer and PacketShaper are registered trademarks of Packeteer, Inc.. Filed under: Article, Clinical Decision Support, Data and Storage Management, hctproject, Knowledge