Hospital administrators must balance such a wide range of considerations when setting up their wireless networks that it’s nearly impossible to do so properly without the help of an experienced partner.
From electronic health records (EHRs) to real-time location systems (RTLS) to voice-over wifi (VoWiFi), many of today’s hospitals are adopting technologies that place them squarely on the cutting edge of digital healthcare. But these technologies tend to put serious pressure on hospitals’ wireless infrastructure. When you factor in the 15 to 20 connected medical devices that can be found in the average ICU room, it becomes clear just how much traffic these networks must consistently support.
Unlike the typical corporate wireless network, a hospital network’s reliability isn’t just tied to business outcomes or productivity, but to literal matters of life and death. As such, it’s incumbent upon healthcare IT administrators to invest as much effort and as many resources as possible in the process of planning and setting up their wireless networks so as to minimize connectivity breakdowns.
The first and most important step in setting up a hospital network is to perform a careful, comprehensive site survey. Unless your hospital was built in the last several years, you are likely going to have to disregard many of the standard practices for network design. Most hospitals simply were not built with wireless networks in mind, and are full of signal-blocking features and medical devices that produce extensive radio-frequency interference (RFI).
What’s more, hospital floor plans are often highly complex, making it a challenge for wireless signals to reach every corner of the building. In a standard office building or school, Wi-Fi dead zones in elevators, stairwells, and basements are usually treated as par for the course. In a hospital, however, total campus coverage is non-negotiable, as physicians, clinicians and nurses need to be reachable no matter where they are.
The standard WAP density for non-critical networks may be roughly one access point per 3,000 square feet, but in order to guarantee the kind of connectivity required in a healthcare setting, it’s not unusual for hospitals to opt for one access point per 1,000 square feet. However, there is no formula based on square footage that will give you an accurate number of AP’s, or their proper locations within the facility. Considerations for construction materials, working around lead walls in radiology, covering OR’s without the need to get gowned up for maintenance issues, understanding workflows, supporting jitter prone communications like Voice-Over-WiFi along with a thorough understanding of the types of devices and the bandwidth requirements of the applications running on those devices are equally important. Almost as impactful as not enough AP’s, is too many. When AP’s are deployed in an overly dense model, not only are you wasting money on hardware, cable runs, switch ports and more; you are also reducing the effective throughput of the wireless network.
It’s also important to consult with other hospital stakeholders before finalizing your WAP distribution plans. An infection control specialist might forbid the placement of wireless infrastructure in sterile environments, or a safety inspector might decide that wireless infrastructure in an elevator shaft violates municipal building codes. You should be ready to adjust your plans to accommodate any and all requirements.
Though once the industry standard, Wired Equivalent Privacy (WEP) encryption has become so weak and outdated that, in 2015, the FBI managed to hack a WEP-protected wireless network in a mere three minutes. As such, you need to guarantee that all HIPAA-protected data is encrypted according to a Wi-Fi Protected Access (WPA2) protocol. It’s also never a bad idea to implement additional security measures like an intrusion detection system so that in the case of a network breach you are able to react as quickly and effectively as possible. The ability for the wireless network to identify rogue access points, and quickly mitigate them, as well as built-in firewall capability, device baselining, and network analytics can all further network security.
Establish Segregated Wireless Channels
Relatedly, keeping network traffic segregated ensures that intruders aren’t able to stumble upon patient records or other sensitive hospital data through a general network access point. Patients and their families all but expect Visitor Wi-Fi these days, but you’d be well-advised to establish distinct channels or virtual local area networks (VLANs) for each type of traffic within your hospital network: a VLAN for visitors, another for IoT medical devices, another for medical records and images, and so on. Multi-factor authentication and user roles are another way of allowing access through Active Directory credentials using 802.1x authentication.
You should be thinking first and foremost about your current network needs when planning and implementing new network infrastructure, but importantly, you should always be keeping an eye on the future, as well. Technology changes fast, and devices that seem like a novelty today could very easily be commonplace in the hospitals of 2020. In order to avoid a rip-and-replace scenario down the line, you should take some time to consider the bandwidth requirements of emerging technologies as you set up your current Wi-Fi networks.
Balancing the myriad considerations wrapped up in the design of a hospital network can be a challenge for even veteran IT administrators, which is why selecting the right vendor to partner with when setting up your network is absolutely essential. Turn-key Technologies offers a wide variety of networking services for healthcare organizations, and is ready to help any hospital overcome the challenges of setting up a reliable, secure network capable of facilitating the best outcomes for every patient.
If you’re at all unsure about the integrity of your network, sign up for one of our free Network Security Assessments. Simply fill out the form and one of our experts will be in touch within 24 hours.