Healthcare provider organizations are navigating an important transformation: updating the infrastructure and enabling new digital experiences to support a renewed and contemporary medical care model where digitally managed in-person patient care, telehealth and home health care all operate in perfect balance and streamlined efficiency.
This means that care is extended with the most flexibility and where it is needed most, less pressure is put on medical staff- namely doctors, technicians, and nurses- all while making the best use of a widening menu of digital innovations to deliver better patient care. To take full advantage of the emerging digital health care models, Aruba recommends that healthcare IT leaders consider seven specific areas to address within the infrastructure of the connected healthcare landscape:
- Adopt an Edge-to-Cloud Network Architecture
- Invest in High Performance Wi-Fi
- Prioritize Provider and Clinician Application Assurance
- Focus on Patient Digital Experiences
- Streamline Network Operations
- Ensure a Robust and Secure Healthcare Network
- Enable and Secure Internet of Things (IoT) Architectures
Adopt an Edge-to-Cloud Network Architecture
As network professionals, we previously built networks in discrete implementations – the local area network, the wide area network, the data center, the remote access network, and the like. This made sense when each had a unique set of innovations required and a unique set of operating characteristics for each network type.
But in an edge-to-cloud world, where mobile clients are accessing cloud hosted applications and IoT devices are sending information bits to vendor-hosted SaaS apps, the need to focus on other portions of the network architecture has emerged. For example, it is now far more critical to evaluate how a uniform security policy will be applied regardless of how users access applications and how devices connect to the network. What’s more, it is now more important to consider how the edge-to-cloud network will be operated as one consistent virtual system via AI and automation instead of focusing on the root-level network technologies.
Aruba now recommends the planning and creation of a uniform network architecture that can be built in a modular fashion but still operated as a single system. Aruba’s software-based Edge Services Platform (ESP) serves as the basis of this uniform network architecture. Unlike other networking frameworks in the market, Aruba leverages industry standard protocols and methods to ensure that ESP can be adopted in modules and to provide interoperability and integration with all the systems that already exists in the healthcare IT environment. Aruba ESP can be used to build and operate access networks, SD-WAN extensions to remote clinics and work from home telehealth locations, as well as secure remote access overlay networks. And, as you will learn, ESP is a security framework and an IT operations framework.
Invest in High Performance Wi-Fi
Healthcare was one of the early adopters of Wi-Fi, meaning healthcare networks have been incorporating and accumulating Wi-Fi-connected devices for over 20 years. Due to the length of time and regulatory process required for vendors to update new technology for healthcare environments, it is common to find older smart healthcare devices still in use. At the same time, patients and providers alike are bringing in newly released mobile devices and laptops for access to streaming services and healthcare applications. This means that the types and age of devices on the healthcare Wi-Fi network range from the very old, such as an infuser pump from 2008, to a Samsung Galaxy smartphone from 2022. In existing healthcare Wi-Fi networks, this co-mingling of old and new devices on the same network tends to cause application performance problems, and in turn causes user mistrust of the mobile environment.
Fortunately, new Wi-Fi standards pioneered by Aruba allow a much cleaner and future-proofed Wi-Fi network design that offers connectivity for both the old devices as well as the newest, without any negative effects.
The Wi-Fi 6E standard and related products from the Aruba ESP portfolio allow:
- the oldest, yet critical, healthcare devices to remain connected to the 2.4 GHz Wi-Fi network
- mainstream high-performance devices developed over the past ten years (such as laptops and mobile phones) to be connected to the now “workhorse” 5GHz Wi-Fi network
- the newest high-performance devices to be connected to the newer 6GHz Wi-Fi network
This new Wi-Fi 6E architecture and access points can be deployed using existing network designs that have emerged in the past ten years, making installation simple. Wi-Fi client devices can all be connected simultaneously to the same Wi-Fi infrastructure, and each operate in their own separate Wi-Fi highway, while still being operated as a single network system, making day-to-day operations simple. With Aruba’s software-based ESP architecture, once the new Wi-Fi network is installed, customers can enjoy many years of new functionality support through regular software updates.
Prioritize Provider and Clinician Application Assurance
As a healthcare professional moves throughout a facility, their mobile device is accessing multiple application systems at the same time at the very edge of the network, both in the foreground and in the background on their mobile device. Simultaneously, their mobile device roams from access point to access point about every 30 seconds. Many other users are active, too, accessing their own mix of applications. Connected IoT devices are sending telemetry and receiving instructions. It is at this point that it’s crucial for the healthcare edge network to behave properly to ensure that all clinicians’ application experiences are as robust as possible. For example, if a clinician is speaking on a healthcare voice device to another healthcare provider in the facility, it is critical for their conversation to go uninterrupted.
Aruba uses a combination of technologies to ensure that each clinician’s application experience, especially for network delay sensitive applications like voice and video, are treated incredibly well.
Aruba’s specific ESP software capabilities for application performance assurance include:
- fully automated network configuration management
- network-based application classification
- application-intelligent quality of service controls in the network
- automated intelligent roaming control algorithms
The list of specific benefits that can be achieved is impressive:
- merging parallel networks (e.g. data, voice, IoT, RTLS, etc.) into a single seamless network
- supporting high quality mobile voice and video
- delivering medical grade video and large file support
- supporting care teams wherever they are
- improving patient digital experiences
- connecting all devices under a uniform infrastructure.
Focus on Patient Digital Experiences
Over the past ten years, we have all incorporated the use of mobile devices, applications, and Internet-based services to create our own digital lifestyle. We bring this digital lifestyle wherever we go, and we have high expectations for how that digital lifestyle is fulfilled by the places that we visit, including when we are in a healthcare environment. It’s here that we- as patients, family members, and caregivers- have high expectations for accessing applications and services from our mobile devices while we are in the waiting room, while we are admitted, while we are in the treatment suite.
To support these high-performance applications, and to fulfill patient expectations, the same network architecture principles we’ve discussed for clinician access apply here as well. It is imperative to have an updated high performance Wi-Fi infrastructure that has integrated intelligence and controls over application activity and performance.
Patients and family members will soon expect to digitally interact with the physical healthcare environment as well. They will be interested in controlling their environment from the room lighting controls and thermostat, to media systems in the room, to patient information displays on the wall. All of these are multifunction IoT systems that will be connected to the network, enabling patients to interact with these environmental elements. This requires a network architecture that allows this simultaneous multiuser / multifunction capability and from both the provider and patient alike.
Consider the future of home health care, where a patient will have both personal and health care issued monitoring devices and treatment administration systems will operate autonomously and remotely – this will require a network that can incorporate both the health care providers devices as well as the patient’s personal devices, in a secured and easily operable manner.
Streamline Network Operations
For healthcare institutions to modernize their digital infrastructure, they must simplify network operations, reduce time spent on manual tasks and combine network and security insights to ensure performance and security of the environment. The winning strategy here is AI for IT Operations (AIOps), which can help the healthcare IT organization tackle network deployment, manual troubleshooting, and performance optimization needs. Aruba’s ESP architecture collects terabytes of anonymized network performance data from 2 million active network devices worldwide to form the basis of our AIOps platform. This data allows us to automatically suggest network configuration changes, provide insights into device security profiles and ensure an optimal environment for critical high-performance clinical applications.
Instead of guessing who and what is on the network and tasking IT staffers with manual analysis to determine how well users’ demands are satisfied, Aruba’s AIOps solution allows the IT staff to:
- Understand what devices are connected to the network and which applications are in use with 99% accuracy
- Offload manual network analysis and remediation by automating network optimizations and providing insights on activities happening within a facility
- Prioritize medical IoT applications and ensure no dead spots in the facility
- Automatically detect and correct network performances issues affecting clinician and patient experiences, by leveraging baseline measurements and peer comparisons
- Integrate with other IT Operations platforms for streamlined processes and IT workflows
Ensure a Robust and Secure Healthcare Network
With the unrelenting threat landscape, healthcare organizations need to plan and optimize their security strategies like never before. As a healthcare organization transforms their operations to support digital experiences for clinician and patient mobile devices, cloud-hosted applications, home health care and telehealth — the attack surface for security breaches widens and makes the infrastructure more difficult to secure.
In years past, health care networks were relatively simple in their logical design, with network segments for data applications, voice, patients and guests, and perhaps IoT devices. Now, due to the threat landscape and due to the large network attack surface, the most secure healthcare network environments follow a micro segmentation strategy.
Within Aruba’s ESP architecture, our edge-to-cloud zero trust network security model utilizes software defined policies to ensure that client devices and their users receive the least amount of network privilege necessary to conduct their day-to-day operations.
A zero trust network implements pre-admission controls to keep out cybercriminals. A zero trust network can:
- understand what is connected to the network (no “invisible connections”)
- authenticate all users and devices- not all devices have the same security stack (Corporate laptop vs BYOD vs IOT) -> untrusted devices should have “least access”
- Segment devices and users -> context needs to be considered (locations, time, device type)
- perform ongoing security checks- they should not one time -> access decisions are based on continuous monitoring (reduce access or deny)
Using centrally controlled and directory integrated systems, every user and device is assigned a specific role on the network. The Aruba infrastructure in the network enforces role-based access control policies, making the network aperture for every user and device to be only as wide as necessary. These network security policies can be extended and enforced anywhere in the network, including branch office clinics and even home health care environments.
Enable and Secure Internet of Things (IoT) Architecture
As discussed previously, one intersection point of clinician digital experiences and patient digital experiences is with the use of IoT technologies. Smart displays in the patient room, smart speakers in the consultation suite, patient vital signs monitoring systems are all examples of IoT devices that enable new healthcare digital care applications.
IoT applications are regularly researched, budgeted, and purchased by different departments within the healthcare organization, based on their desire to either enable a brand new digitally powered use case or to streamline an existing set of healthcare tasks. Frequently, the IT organization is not involved or even consulted before such systems are installed. Therefore, it’s critical that the healthcare network architecture allow for streamlined adoption of IoT-powered applications, providing for both easy implementation as well as the security of the overall environment.
For example, if the biomedical engineering team is implementing a new patient monitoring system, they should be able to simply provision the IoT devices onto the network in a zero touch or one touch manner, securely connect them to the wired or wireless networks in place, and have them quickly communicating and operating without any significant involvement from IT or the vendor. Concurrently, the security architecture of the network should automatically profile these new devices as they come online and establish a security policy in the network that isolates these devices and application traffic to their own private virtual network segment.
Aruba ESP offers multi-interface connectivity capabilities, where all IoT devices can be connected to the Aruba network infrastructure operating as an IoT gateway, combined with previously discussed security and operations capabilities, to ensure risks are managed and that the IoT-powered applications are always available.
We have only scratched the surface of how healthcare will be delivered both physically and digitally. Clearly, it is critical to consider the network architecture and how it will enable such IoT-enabled digital experiences in the future.
By enabling, securing, and ultimately integrating IoT efficiently into a healthcare network, the healthcare facility becomes a smarter and more future-proof platform. It will be able to accommodate new use cases as they arise, and the return on investment of this approach is easily measured: traditional solutions require either new parallel infrastructure or the wholesale replacement of systems when new business needs arise that were not previously planned or forecasted.
Through adopting a modern network architecture, prioritizing infrastructure upgrades that will make the biggest impact, and ensuring security from edge-to-cloud, healthcare organizations can efficiently improve the experience for patients, clinicians, and staff to ultimately deliver more personalized patient care and better health outcomes. To learn more about how to uplevel your healthcare connectivity, please request a consultation or call us at 1-844-473-2782.
David Logan is CTO for Healthcare, Aruba, a Hewlett Packard Enterprise company.