Leading Hospital Improves Family Experience and Network Efficiency while Reducing Risk and Cost with Infoblox
“The BloxOne DDI solution allows medical practices to separate primary and guest networks for compliance and security, simplify operations, improve efficiency and reduce cost, and offload network overhead while delivering a reliable connected experience for patients and their families.”
This U.S.-based hospital organization is a not-for-profit comprehensive national cancer center dedicated to applying science to find cures, save lives and turn hope into reality for people with cancer, diabetes and other serious illnesses. In 2017, the hospital’s IT team chose Infoblox to design its new DNS, DHCP and IPAM (DDI) platform. In 2021, it planned to add BloxOne® DDI to power its network services for patients across all regional locations to enable HIPAA compliance, reduce risks with regard to data privacy and security, save costs, offload network overhead and improve connected experiences for families supporting loved ones throughout its regional care facilities.
Situation: Infoblox Customer Focused on Compliance, Security, Cost Reduction, Efficiency and User Experience
In 2017, the hospital began plans to deploy Infoblox core network services with network discovery and reporting capabilities in its data centers to enable life-saving medical services, deliver leading patient care and provide families with reliable connected online experiences. The hospital offers apps and guest DNS/DHCP Wi-Fi services at each of its locations, allowing families and friends to share important patient updates, support treatment plans and stay connected. To meet HIPAA compliance and security requirements, the hospital’s IT team wanted to separate its enterprise platform for doctors and medical staff from its “guest network” used by patients and visitors in order to reduce risk with regards to data privacy and security. It wanted to minimize the potential of sharing confidential medical information over the guest Wi-Fi platform. The hospital was also interested in lowering costs wherever possible by avoiding expensive infrastructure deployments and management at remote clinic and satellite locations. The IT team was wary of hardware acquisition costs and the network overhead associated with code upgrades and maintenance responsibilities versus efficiencies gained by deploying cloud-enabled and SaaS-based solutions. The hospital’s goals were to ensure patient HIPAA compliance, reduce risks with regard to data privacy and security, minimize hardware acquisition costs at distributed locations, offload network overhead and maintenance costs and simplify operations. Administrators also wanted to supply an appropriate, reliable connective experience for medical teams and families caring for loved ones stricken with life-impacting illnesses.
Challenge: HIPAA Compliance, Providing Privacy and a Secure Connected Experience
The work of helping people suffering from serious medical illness and facing life-and-death scenarios is difficult. To find cures and enable healing, the hospital requires a highly functioning network of specialists, technology, knowledge, training, treatments and personal care. Clinicians and staff must care for the sick, deliver exceptional healthcare outcomes and experiences and run its business—ensuring regulatory compliance and data security, limiting risk, finding efficiencies and lowering costs and overhead. Its network services are mission critical. They must be secure, “always on” and operating at peak performance to support over 4,000 devices and nearly 1,500 users across its clinical research center, hospital, graduate medical school and pharmaceutical manufacturing facilities. HIPAA regulation compliance is essential, as is reducing risks to personal privacy and maintaining data and network security. While Infoblox provides reliable availability and performance in its data centers (see Figure 1), hospital decision makers realized the need to separate core network services used by medical teams and staff to ensure that private patient medical data is not dispersed across its Wi-Fi guest network. The challenge was how to add a guest network cost effectively and efficiently while delivering an outstanding connected experience at each of its distributed locations. Initially, the IT team considered adding a second Infoblox Grid for the guest network, but that approach was more robust than needed and required dedicated hardware appliances at each location, plus ongoing software upgrades and maintenance—all supported by a small, already over-tasked IT team. So, IT administrators looked to Infoblox for recommendations on alternative approaches.
Customer Profile: A leading cancer hospital, research center, medical school and pharmaceutical manufacturer, this organization has been ranked as one of the nation’s best cancer hospitals by for over a decade.
Situation: An existing Infoblox NIOS DDI, Network Insight Discovery and Reporting and Analytics customer, the hospital needed to separate its primary network for care providers and administrators from its and “guest” network serving patients and visitors. The separation was needed to support HIPAA compliance, reduce risks to data privacy and security, decrease costs, offload network overhead and improve connected experiences for families supporting patients throughout the hospital’s care facilities.
Challenge: The hospitals IT team wanted to minimize hardware, network overhead and maintenance costs at its distributed locations, simplify operations and provide an appropriate, reliable connected guest network experience for families and friends caring for loved ones with life-impacting illnesses.
Initiatives: Separate the enterprise DDI network from the guest network for HIPAA compliance and security, Allow Wi-Fi guests to access DNS from ISPs while delivering cloud-enabled DHCP services via VMs at each location, Lower hardware acquisition costs at distributed locations, Simplify operations and offload network overhead, including code upgrade responsibility and maintenance costs, Provide a reliable connective experience for medical teams and families caring for loved ones with serious illnesses
Results: Highly available, performant and resilient network separation for medical teams and supporting guests, Improved regulatory compliance, lower personal data privacy and security risk, Low cost, low overhead deployment, Network simplification, increased efficiency and scalability,Enterprise-grade, best-in-class connected user experience
Infoblox Solutions: NIOS DDI with Failover, Network Insight Discovery, Reporting and Analytics, DNS Traffic Control (DTC), BloxOne DDI, Infoblox 1405, 1415, 1425 security hardened, BloxOne 05, BloxOne DDI and v5005 virtual reporting appliances
Solution: Cloud Enabled BloxOne DDI for Medical Guest Wi-Fi
The Infoblox account manager and solution architect working with the hospital’s team advised using a cloud-enabled BloxOne DDI architecture (see Figure 2) for the guest Wi-Fi network. BloxOne DDI is the industry’s first cloud-managed solution for distributed environments and is ideal for medical guest Wi-Fi deployments. It offers reliable direct Internet access for distributed sites and ensures locally survivable connectivity to SaaS apps and locations. BloxOne DDI is locally hosted using a Docker container or virtual machine, simplifying and centralizing remote IT management and control across all sites and locations. It works in hybrid environments and delivers the high availability and resiliency needed in mission-critical healthcare settings. Further, because its cloud managed, BloxOne DDI eliminates the need for the IT team to manage software upgrades, routine maintenance, time and cost.
BloxOne DDI enables the hospital’s small IT staff to attend to higher-priority tasks rather than day-to-day administration. It also supports authoritative and recursive DNS, DNS security extensions, active-active or active-passive DHCP and authoritative IPAM. These features are future proofing the hospital against business growth needs through BloxOne DDI’s ability to scale from tens to thousands of locations. It also provides added efficiencies through automating configuration, provisioning, templates and policies, centralized reporting and visualization and full API support for integrating into new and existing applications. Best of all, BloxOne DDI substantially lowers the cost of deploying physical appliances at each location. As these benefits aligned exactly with the hospital’s objectives, the hospital decided to add BloxOne DDI to its existing NIOS DDI environment.
Results: Improved Compliance and Security, Lower Costs, Better Efficiency and a More Connected Experience
With NIOS DDI, Network Insight discovery, Reporting and Analytics and DNS Traffic Control, Infoblox delivers a reliable, enterprise-grade, core network services solution for doctors, healthcare teams, researchers and medical students. Infoblox enables authoritative discovery and visibility into all network assets. It provides access into summary and forensic historical and current DDI metadata and predictive analytics for better network management. And the IT team can now manage network traffic loads to keep applications available and resilient.
By isolating its core on-premises data network and adding cloud-enabled BloxOne DDI (see Figure 3), the hospital can extend an enterprise-grade, best-in-class digital experience to Wi-Fi guests including families and friends of patients with life-impacting health issues. BloxOne DDI ensures a highly available, wel-performing and resilient Wi-Fi network, and it improves the hospital’s HIPAA regulatory compliance while lowering personal data privacy exposure and security risks of sharing HIPAA-restricted data over a guest Wi-Fi network. Further, the hospital can save hardware acquisition and deployment costs, offload software code updates and maintenance, simplify operations, enhance administrative efficiencies and scale to align networking resources with growing business needs today and for the future.