Talking HealthTech: 334 – Beyond bandwidth: the importance of a network strategy in healthtech. Alex Swan, Extreme Networks.
Source: talkinghealthtech.com
Provided by:
Talking HealthTech
Published on:
7 March 2023
As we build technology to solve problems in healthcare- there is one really important asset that we can often overlook or maybe not give much time of day. But it is extremely essential because if we don’t get this piece right, the whole thing falls apart.
That asset is ‘the network’.
Not your network of people and relationships, but the internet, the cloud, the infrastructure… the way all the technology connects with each other. Designing a network in healthcare calls for extra levels of flexibility, adaptability, security and efficiency.
Pete is joined by Alex Swan from Extreme Networks, and in this episode, they talk about Automation – reducing the risk and operational overhead when adapting to changing requirements. They also look at how critical quality assurance is for network management and automation platforms and how AI will transform the way we maintain networks, and why it is critical to any network management strategy.
Meet Alex Swan
Alex Swan is originally from the Uk and is currently a technical account manager in New South Wales. He spent a major portion of his career in defence, dealing with very high-risk networks and classified infrastructure. Alex has found that there are a lot of parallels dealing with defence issues and also with healthcare.
He switched roles slightly, focusing on healthcare customers by working with the NHS, then moving to Extreme Networks in Australia and applying a lot of what he learnt in the defence industry to healthcare- another high-risk environment dealing with patient privacy and safety.
What is Network and Infrastructure?
Network and infrastructure speak to the critical dependency for just about everything that we do. For example, communicating with friends or checking an email or the weather on your cell phone all rely on communication across a network from one individual or device to another. This is the same in healthcare because when a clinician checks a patient’s notes on a tablet, that device still needs to communicate with other devices, servers and data elsewhere.
In essence, if you think about every single application or device or technology being deployed in healthcare today and in the wider world, they are all dependent on network communication, and without it, there would be none of these applications.
How does Network Communication Work?
Extreme Network focuses on enterprise networks or the networks within an organisation. This means Extreme Networks would be the company to work on the design and deployment of a network inside a very large critical hospital, etc.
A use-case example:
Picture archiving communication systems (PACs) are usually the bane of most hospitals’ lives because they are so big and complicated, and they always have some kind of performance problem. But what they do is take medical images of a patient and then take them somewhere else to archive and catalogue them, maybe to produce them in several different formats for various uses.
But all of that data has to move around between those different things like the modality, the server, the system that archives it, etc. Then there are the users accessing it from different areas and devices. So, there is so much network communication, and this is just in one clinical application. But there are a ton of challenges behind that that need to be addressed, especially as the diversity in devices, different user types and applications grow.
Plus, where these applications are being accessed from is becoming much broader and more mobile now. Consequently, there are numerous security concerns around the application, depending on the type of data and what it’s doing.
Depending on each of the applications, the devices, and the use cases, there may be a need to apply many more controls in order to address patient safety or guarantee the performance of the application without impeding the user experience.
Security and Reliability
It’s not just about making things more powerful and faster. The network must also be more secure and reliable.
Similarly, aside from adding more ports and bandwidth, the NHS and the LHDs have not done anything differently in networking since they first deployed those ethernet networks in hospitals in the early 2000s. Therefore, while the sector has grown in terms of the complexity of requirements placed on healthcare networks, many of the teams that are managing and operating these hospital networks are shrinking in size and budget although they have a lot more complexity to deal with.
Many organisations are approaching a critical juncture and are at a tipping point. It is becoming too big and too complex to efficiently manage while maintaining the security, safety and operation of those hospital networks. The question now is, “are we doing things in the best possible way in healthcare and for the network that everything else is critically dependent on?”
Controlling the Security Risks
A lot of devices and applications are becoming easier for consumers such as nurses, admin staff and doctors to use. They have become comfortable using software from outside and might start to bring solutions into the healthcare system or their own devices, which brings about so many risks.
For example, patient entertainment systems used to be very much controlled in a hospital at a bedside terminal; however, now patients can just pull out their tablets and get on Netflix. So, why do they need the patient entertainment systems? But what’s the impact of suddenly having that many devices accessing streaming services inside a hospital connected to potentially hospital WiFi? Not only is there a huge amount of bandwidth consumed by those devices, but there are now hundreds of untrusted devices connecting to the hospital’s WiFi network, and is that the same network being used for clinical purposes?
While separating those networks is possible, it is leading to more complexity in the configuration of the underlying networks to support those types of initiatives.
The Matter of Cybersecurity
Cybersecurity is an issue that can keep people awake at night. A few years ago, there was an FDA notification in the US about the identification of an infusion pump vulnerability that could potentially be exploited to change the dosage level, which could be a serious patient safety risk. It was then mandated that these at-risk infusion pumps had to be taken out of service. The problem that arose was that hospitals could not locate exactly where those pumps were within the facilities, but then there was a massive impact on clinical services because they had to take a key piece of equipment out of service.
However, there was an alternative method where if the hospital could prevent specific types of application traffic from hitting the pumps, then they would not be exposed to the vulnerability. But very few at that time could genuinely say that they have that capability. That’s the area that we need to consider in terms of automation and security around devices that are attached to healthcare networks these days.
Regulations and Contractual Obligations
The issues of regulations and contractual obligations arise quite often in healthcare, and the case is no different when dealing with networks. There are some constraints that can sometimes be seen around the configuration of networks. For example, with the PAC system, it’s not uncommon to find that a hospital will take a managed service from one of the imaging providers to deploy, which would maybe include all the different components that are required.
But the managed service may then mandate to the hospital that the service needs to be dropped onto the hospital network in different areas, be connected to each other but be completed isolated from all of the other hospital infrastructure. As such, they are under a contractual obligation to separate those services because that’s how they’ve chosen to procure those services, and that can be a challenge.
As a network operator in a hospital, how do you effectively address this challenge? Also, what if there is an odd move or change? Then a huge amount of configuration effort is required from the network engineers maintaining the hospital just to do that, to maintain the contractual obligations.
For regulatory purposes, depending on the jurisdiction mandated for a particular type of device, with a particular risk profile, you have to isolate them as well in order for it to operate. A good example of this was a few years back when the WannaCry outbreak was around. Although Windows XP was way out of support by that time, there were some clinical systems inside acute hospitals in London that had passed their clinical certification — so for them to be approved for use clinically they had to be on a fixed software version, which happened to include Windows XP embedded. They could not patch it or upgrade it, because it would break its clinical certification. So they were left in this position where they know the vulnerability that was causing this is there, but can’t patch it because it will break its clinical certification, and it will take the manufacturer possibility a year to push that back through and get the whole thing re-validated.
The Future of Network Automation
In any sector where there is complexity, one thing that is hugely beneficial is a different way of configuring your switched network.
With ethernet networking, whenever network engineers hit a scalability issue, they just come up with a new protocol and layer it on. This means if any of the layers fall, the entire network falls as well. If given the opportunity, most network engineers would do it differently.
Therefore, one of the most exciting developments in recent years is a different protocol, Shortest Path Bridging (SPB). SPB is a single protocol that allows network engineers to deal with many of those things without all the layers of complexity on top. It allows them to create an entire network that behaves as if it is one single network switch.
By allowing the network administrator to create a network that is incredibly adaptable in a very simple way, it facilitates the changing of requirements throughout the life of that investment. This is huge for a lot of customers, especially if they are extending that with authentication and automation.
It’s leading toward that goal of just plugging it in, building the fabric, allowing it to establish itself, and then the engineers can automate the provision of the services to any connected device.