As healthcare centres continue to be opened in remote locations, devices and software providing secure access – from a distance – to the corporate network are becoming increasingly attractive.
Such technology is being used in interesting ways by two hospital groups – one in the U.K. and the other in North Carolina, U.S.
While one system provides remote access to a corporate virtual private network (VPN), the other manages a virtual call centre. Both systems use technology developed by the Canadian telecom product maker Nortel Networks Inc.
The ability to run virtual desktop applications on a remote PC by using a USB key is nothing new.
But Nortel says its system rolled out at the Liverpool Women’s Hospital in the U.K., offers enterprise-level security even when users log onto an unsecured computer.
Midwives at the British hospital that specializes in the care of women and babies will be given the USB keys that will help them access –through hospital-provided laptops or mobile devices – patient records from the homes of those they are treating.
Dubbed Nortel Secure Portable Office – or office-on-a-stick – the system consists of: an encrypted USB key which securely connects to the network, and a VPN gateway that manages access to files and functions available on the network.
“Having a simple [system] that allows our midwives to access pertinent data securely without having to learn complex log-in procedures is a real plus,” says Dr. Zafar Chaudry, director of IT at Liverpool Women’s.
A Nortel executive also emphasizes that the system offers simple yet secure access to patient data.
With the Secure Portable Office, users only need to plug the USB key into a computer to gain access to the VPN, said Rod Wallace, director of security solutions and services at Nortel.
He said the key is loaded with the authenticating command that activates encrypted access to the network. “Users are given unique individual passwords to operate the key.”
Once a connection is established, the VPN Gateway runs a scan on the remote PC to determine if the machine contains the latest security updates or if there’s a danger the machine is compromised.
If the machine receives a clean bill of health, communication is allowed to continue. If not, the user is put on a secure container in the VPN, said Wallace.
“Administrators can build policies into the system to allow for instant, limited access to files and applications or block the user entirely,” he said.
The system can be configured by IT administrators to either prevent or allow users to download and print material from the network.
Once the session ends and the user pulls out the USB key, Wallace said, no trace of the session is left on the remote machine.
The system, including services, consulting, deployment, hardware and software can cost anywhere from US$30,000 to $60,000 for an implementation covering more than 100 users depending on the features included, Wallace said.
Although the technology is relatively new, Nortel is not the only vendor offering such systems, but is among the few providers that offer enterprise-level security, according to Chris Silva, mobile infrastructure analyst at Cambridge, Mass.-based Forrester Research Inc.
He said the push for remote access capabilities has made such tools very attractive to healthcare providers, as well as to other industries.
“It’s very early to determine the extent of the demand for this type of technology, but feedback we get from many organizations is they are interested in extending secure remote access capability,” Silva said.
Many other vendors enable remote access to the VPN through Web page login but this method runs into difficulties such as remote computers that do not support the application. IT administrators are also often wary that non-company computers might retain cookies or sensitive data from the sessions, Silva said.
Many USB key-based virtual desktop systems on the other hand tend to be targeted at home users, he said.
Other vendors offering more secure virtual desktop access include: VMWare; Microsoft; MokaFive; U3 and MXI Security.
Software and operating system licensing policies regarding USBs on virtual desktops need to be hammered out before widespread adoption can occur, Silva said.
“IT administrators don’t want to get into any licensing trouble with the likes of Microsoft so some organizations are adopting a wait and see attitude,” he said.
In North Carolina it’s a very different kind of implementation that focuses on patient access to healthcare assistance.
At the heart of this capability is the Carolinas Healthcare System or CHS, the third largest public health system in the U.S. that’s used by more than 66 doctors’ offices and 23 hospitals in North and South Carolina.
CHS is a Nortel developed voice over Internet protocol (VoIP) and virtual contact centre system.
The rollout began in 2006 and is expected to be completed by 2009, according to Jim Burke, director of Infrastructure Services, ambulatory care for the healthcare centre.
The hospital group switched from small PBXs and standalone key systems that automate call distribution to a virtual contact centre system.
Such a system was introduced after it was learned that patients prefer an “actual human voice” when they call up the doctor’s office or a hospital, said Denise Cuddeback, assistant vice-president of performance enhancement, CHS.
The new system, he said, has lowered dropped calls, increased caller satisfaction by 31 per cent, and improved ease of contact by 20 per cent.
The system includes Nortel’s Communication Server 1000 IP PBXs, Contact Center 6.0, Survivable Remote Gateway, Nortel Brach Office Media gateways, and Nortel IP phones and softphones.
“Our survey indicated patients didn’t like to be welcomed by an automated voice attendant. They wanted to speak to an actual person and wanted an easy-to-navigate system.”
CHS relies on a number of remote home-based agents to assist office agents during peak call hours, says Bruce Wallace, Ottawa-based global leader for healthcare solutions at Nortel.
“The reality of the situation in healthcare is there is no one facility to house a single call centre.”
Contact centres are dispersed over a large area and often operate with disparate systems, Wallace said. Budget constraints and infrastructure plans that bring together several hospitals or units under one organization, make such an arrangement necessary.
The CHS fields no less than 640,000 calls a month.
Previously calls were often answered by an automated voice assistant, which instead of providing patients with the opportunity to state their concerns, rattled off of a list of five to eight service options. These sometimes had further sub-options.
Most of the earlier systems also did not have management reporting capabilities, which could help administrators develop appropriate routing policies to avoid bottlenecks.
The Nortel contact centre products enabled the CHS to save substantial infrastructure costs by building on already existing Nortel communication systems and using virtual machines, said Mike Hill, manager of the health centre’s project management team.
The system enabled all calls to be rapidly directed first to a human agent within three rings of the phone even during peak hours, he said.
If an agent is unavailable, the call is automatically routed to another agent who could be in the hospital or working from home.
With the system, it’s guaranteed that at least 70 per cent of all calls will be answered by a human agent within three rings. After five rings at least 16 per cent of the patients abandon the call.