Healthcare Organizations and Virtual Desktop Solutions
44
Healthcare Organizations and Virtual Desktop Solutions: Kindred Healthcare – A Case Study Rob Rhodes Kindred Healthcare Laura Armistead Kindred Healthcare Tommy Walker, VMware
Transcript of Healthcare Organizations and Virtual Desktop Solutions
Healthcare Organizations and Virtual Desktop Solutions:Kindred Healthcare – A Case Study
Rob RhodesKindred Healthcare
Laura ArmisteadKindred Healthcare
Tommy Walker, VMware
Agenda
Virtual Desktop Infrastructure (VDI) OverviewKindred Healthcare Case Study
WoW Factor (Workstation on Wheels)Virtualization with VI3HealthCare Solutions
HIPAA and ComplianceQ&ALearning More About VDI…
VMware Desktop Product Line
Managed DesktopsIndividually Administered Desktops
Server-based Desktop
Virtualization
VDI
Secure, Managed Desktop
Virtualization
ACE
Free Virtual Machine
Run-Time
Player
Desktop Virtualization for IT Professionals
Workstation
VDI – Overview
VDI leverages Virtual Infrastructure 3 and a remote control protocol such as RDP to provide users access to a standardized remote desktop.
Thin Client or PC
Virtual Infrastructure 3 Server
VMware’s Virtual Desktop Infrastructure enables server-hosted enterprise desktops. Unlike other solutions it delivers full desktop environments thatare always on, accessible from anywhere, and centrally managed.
The Virtual Desktop Infrastructure (VDI)
VMware’s Virtual Desktop Infrastructure (VDI):
Consolidates and centralizes complete desktop environments within the data center
Virtualizes, optimizes, and manages server resources to host and deliver secure, isolated desktops that are always-on and accessible from anywhere
Is built on VMware’s market-leading Virtual Infrastructure technology and leverages the significant benefits of desktop virtualization
Benefits of a Virtual Desktop Strategy
Remote access to complete desktop environments Access virtual desktops via remote client connection from anywhere, and from any device Instantly access virtual desktops at anytime -since they are always on and availableEnable remote connection to a desktop via a browser
Standardize desktops on common virtual machine imagesVirtual machines are always connected and powered on enabling easy & timely software updates Complete hardware independence –Host any desktop OS/ app on any shared x86 h/w resourcesImproved resource mgmt eliminates underutilized PC CPU cycles
Manageability Accessibility
Easily provision entire desktops by simply creating or copying a new virtual machineQuickly recover desktops from disasters or crashes by deploying a new virtual desktop to a userTroubleshoot desktops through virtual machine snapshots and quickly resolve or reprovision new desktops
Responsiveness
Key Features of Virtualization for Desktops
Hardware Independence
Run a virtual machine on any server without modification
Partitioning
Run multiple virtual machines simultaneously on a single physical
server
Isolation
Each virtual machine is isolated from other virtual machines on the
same server
Encapsulation
Entire virtual machine is saved in files and can be moved and copied
by moving and copying files
VDI - The Building Blocks
Enterprise Server Infrastructure
The VMware Virtual Desktop Infrastructure
VMware ESX Server
VMware Virtual Center
User Management(Connection Brokering / Session Management)
Remote Access Protocol(RDP)
VMware VIMSDK
Systems Integration Services
Devices Operating Systems
Desktops Laptops Thin Clients
Kindred Healthcare – The WoW Factor“Workstations on Wheels” Rob Rhodes
Technical Consultant
Laura ArmisteadManager Unix Support
One of the largest long-term healthcare providers in the U.S. 80 Long-term Acute Care Hospitals in 24 states253 Nursing Centers in 28 states39 Institutional Pharmacies in 24 statesContract Rehabilitation Services Business
Headquartered in Louisville, Kentucky
Kindred Healthcare“Taking care of people who cannot take care of themselves”
Kindred Healthcare
Provide a mobile workstation to hospital caregiversSolution must be manageable and easy to implementLeveraged technologies must be transparent to the usersHigh availability
Problem/Requirement
Kindred Healthcare
Possible Solutions
Solutions IssuesTablet PCs Difficult to use when
administering patient care
Laptops on Mobile Carts Larger mobile carts due to power requirementsIssues with Patient Care application on a wireless network
Thin Clients on Mobile Carts and Citrix
Patient Care application not Citrix friendly
Thin Clients on Mobile Carts and Blade PCs
OverkillTied to a specific hardware vendor
Kindred Healthcare
Why Hosted Desktops on ESX Server
Quickly provision WorkstationsAbility to use Thin Clients:
Easier installation and implementationProvides familiar user interfaceLower Power Consumption = Smaller Mobile Cart = Happier Nurses
Hardware independenceHighly available Better use of Computing Resources vs. Blade PCs
Kindred Healthcare
Architecture (Overview)
Kindred Healthcare
768 kb/s
Neoware e370 Thin clientXP Embedded
HP DL3602 CPU8 GB RAM
Stinger Industries #6050 Cart
ESX 2.5.3Virtual CenterVMotion
Windows XP SP2
Cisco Wireless NICCisco WAP
CLARiiONCX700
Architecture (Detail)
Kindred Healthcare
The WoW Evolution
WoW V1.0 WoW V2.0 WoW V3.0
BAD BETTER BEST
Kindred Healthcare
Challenges
CostThin Client + SAN Storage + ESX Server (Enterprise)IT has had to absorb addition cost vs. traditional PC• Evaluating move from rack mount servers to blade servers• Evaluating move to cheaper SAN technology or possibly local
storage• Evaluating move to ESX Server (Starter)
• Introduces requirement for some type of load balancing for redundancy. Will not be applicable in all situations.
Virtual Machine DensityManagement activities severely impact ESX Server (e.g., SoftwareDistribution)• Move to Multi-core processors• Move to ESX Server V3.0
Kindred Healthcare
Future Possibilities
Replacement of In-Room Workstations – Currently becoming a realityKIOSKSDesktop replacementsDisaster Recovery
Kindred Healthcare
Virtualization With VI3
Tommy WalkerSpecialist Systems Engineer
Resource PoolsAggregate collections of disparate hardware resources into unified
logical resource pools
Customer ImpactFailed server mean less resources not a failed applicationDedicated (virtual) infrastructure for each business unit; central IT retains control over hardwareDelegation of resource and virtual machine management down to the business unit Management of an entire SOA application stack as a single entity
Servers, Storage, Networking
Business UnitPhysicians & Nurses Administrative Staff
Aggregate Resources
Resource Pool 2CPU 36GHz, Mem 58GB
Priority HIGH
Resource Pool 3CPU 12GHz, Mem 22GB
Priority LOW
CPU 48 GHz, Mem 80GB
Resource Optimization - DRS
What is it?
Dynamic balancing of computing resources across resource pools
Intelligent resource allocation based on pre-defined rules
Customer Impact
Align IT resources with business priorities
Operational simplicity; dramatically increase system administrator productivity
Add hardware dynamically to avoid over-provisioning to peak load
Automate hardware maintenance
Dynamic and intelligent allocation of hardware resources to ensure optimal alignment between business and IT
Resource Pool
Business Demand
Centralized Management With VirtualCenter
Provision and boot virtual machinesMonitor system availability and performanceAutomated notifications and email alertingIntegrate SDK with existing management toolsSecure the environment with robust access control
Protect Data With VMware Consolidated Backup
What is it?Centralized agentless backup for virtual machines• Move backup out of the virtual machine• Eliminate backup traffic on the local
area network Pre-integrated with major 3rd-party backup products
Customer ImpactPerform backup in the middle of the day
Centralized file level backup enables easy & reliable data protection for compliance
CentralizedData Mover
HealthCare Solutions
Tommy WalkerSpecialist Systems Engineer
HealthCare Challenges
Healthcare IT organizations are being challenged by the following when delivering physician access:
Providing a convenient, secure method for physicians to access hospital systems at any point along the continuum of care, including patient rooms, ambulatory clinics, and even remote officesEnabling staff to efficiently roam between patients in the hospital while maintaining persistent access to electronic medical records and other applications Streamlining access by reducing login/logoff time on shared workstations and kiosks in the hospital Simplifying support for various devices, including those owned by the physicians Compliance issues - HIPAA
VDI Connections
VDI Solutions for HealthCare
Instead of IT staff taking weeks to configure every PC, laptop or wireless device in your hospital, applications are installed just once on a virtual machine and cloned for rapid deploymentSession roaming capability that allows clinicians to switch easily between devices and move around at the point of care without interruption to their individual sessionCommon management platform that allows IT to deploy, manage, control, monitor, and measure application and information resources as IT servicesDoctors and staff may work from the hospital, remote offices or from their home
HIPAA and Compliance
HIPAA addresses two primary concerns in healthcare: PortabilityAccountability
HIPAA’s Three RulesPrivacy Rule - Compliance deadline April 15, 2003Transactions and Code Set Standard - Compliance deadline October 16, 2003Security Rule - Compliance deadline April 21, 2005
The following slides are for informational purposes, and are not intended, and should not be interpreted, as legal advice or a definitive explanation of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). HIPAA and related laws create numerous complex legal issues that constantly evolve and vary by jurisdiction and individual circumstances. Anyone potentially affected by HIPAA is strongly encouraged to obtain the advice of competent legal counsel.
HIPAA - Portability and Accountability
Title I protects health insurance coverage for workers and their families when they change or lose their jobs
Title IIthe Administrative Simplification provisions, requires the Department of Health and Human Services (HHS) to establish national standards for electronic health care transactions and national identifiers for providers, health plans, and employersAddresses the security and privacy of health data
HIPAA Rules
Privacy RuleTransactions and Code Set StandardSecurity Rule
Physical Safeguards
Physical Safeguards
Restricting access to EPHI (electronic protected health information)
Mechanisms required to protect electronic systems, equipment and the data they hold, from threats, environmental hazards and unauthorized intrusion
Retaining off site computer Backups
HIPAA Rules
Privacy RuleTransactions and Code Set StandardSecurity Rule
Physical SafeguardsAdministrative Safeguards
Administrative Safeguards
Information access management Access authorization — Enables IT administrators to give users personalized access to applications and data based on logon identity. Users see only the applications that they are allowed to access.
Security awareness and training Log-in monitoring is supported.
HIPAA Rules
Privacy RuleTransactions and Code Set StandardSecurity Rule
Physical SafeguardsAdministrative SafeguardsTechnical Safeguards
Technical Safeguards Required
Access controlUnique user ID — Supports unique user identification by allowing administrators to assign a separate Windows user account for each individual user. Users receive a personalized view of all the applications they have authorization to accessEmergency Access — Enables administrators to assign back-up Windows user accounts for emergency access to applications and informationAutomatic Logoff — Allows administrators to automatically log users out after a period of inactivity
Audit controlsMaintains audit logs of successful and failed attempts to connect to applications and data. Administrators can identify which users are logged on and what applications they are using Person/Entity authenticationSupports user ID/password authentication to applications and information. Also provides smart card support and two-factor authentication through integration with third-party authentication solutions
Transmission securityProtects data using standards-based encryption technologies (SSL/TLS). Users get secure access to applications and data via the Internet.
Virtual Desktop Benefits For Compliance
Desktop Environments are configured and managed on central servers rather than on users’ computers.Workers connect over a network to centralized environments, and view and work with them in real time as if they were running locally.Centralization keeps all application processing and data on the server.The solution is secure by design—only the user interface, keystrokes and mouse clicks are transmitted across the network, and this minimal information is encrypted.Real-time monitoring, auditing and reporting give IT end-to-end visibility to the entire business.
Q&A
Questions from the Audience?
Today’s Speakers:
Rob Rhodes, Technical Consultant, Kindred Healthcare
Laura Armistead, Manager Unix Support, Kindred Healthcare
Tommy Walker, Specialist Systems Engineer, VMware [email protected]
How Do I Learn More About VDI?
Attend Other VMworld Sessions and Labs on VDI:MED0062: How Collier County Public Schools Deployed the LargestVirtualized Desktop Environment in the World, Tuesday 11/07/2006 @ 11:45 amMED9518: Best Practices for Building and Securing a VDI Implementation, Tuesday 11/07/2006 @ 2:00 pmMED3499: Building a Scalable, Dynamic Call Center using VMwareVirtual Desktop Infrastructure, Wednesday 11/08/2006 @ 11:45 amMED9913: Healthcare Organizations and Virtual Desktop Solutions: Kindred Healthcare – A Case Study, Wednesday 11/08/2006 @ 2:00 pmMED3757: VDI Customer Panel, Thursday 11/09/2006 @ 9:30 amPlus many more partner sessions on VDI…
Visit www.vmware.com/VDI
Presentation Download
Please remember to complete yoursession evaluation form
and return it to the room monitorsas you exit the session
The presentation for this session can be downloaded at http://www.vmware.com/vmtn/vmworld/sessions/
Enter the following to download (case-sensitive):
Username: cbv_repPassword: cbvfor9v9r
Some or all of the features in this document may be representative of feature areas under development. Feature commitments must not be included in contracts, purchase orders, or sales agreements of any kind. Technical feasibility and market demand will affect final delivery.
