Global Works at Palo Alto Medical Foundation Case Study

Practice Management
Solution Set

Secure Enterprise: How a California medical organization designed Flowcast security to meet the needs of an expanding enterprise

Overview

Security set-up for user access, complex enough in a single environment, becomes exponentially more difficult in a large network supporting multiple organizations. The Palo Alto Medical Foundation, part of the Sutter Health network, serves California’s Silicon Valley through its Palo Alto, Camino and Santa Cruz divisions. Camino Medical Group (CMG) affiliated with the Palo Alto Medical Foundation in 2000 and in 2003 began a migration from their legacy practice management system to IDXTM on the existing Palo Alto Division platform. During the same timeframe, the Palo Alto Division initiated the process of upgrading their existing IDX Flowcast^TM 2.0 applications to Flowcast 3.0. The rapid expansion of the user community and the deployment of the Flowcast Web user interface for all CMG users made security one of the focal points of the project.

At a critical juncture in this project, PAMF management chose to engage Global Works to assist in the completion of the migration effort. Global Works’ Project Manager Jeff Hill and Software Engineer Ed Wasserman joined forces to assist the Palo Alto Division in the design and implementation of a new security schema. Jeff’s knowledge of IDX Security Plus and Web security in conjunction with Ed Wasserman’s experience with SQL and Web programming enabled these consultants, working closely with the Palo Alto Division’s IT department, to redefine user roles in Security Plus to accommodate both divisions and integrate these roles into Web Framework security.

Goals

The primary goal for the security portion of the CMG’s Flowcast migration was the successful implementation of IDX Web security, allowing all 1,500 end users of the Palo Alto and Camino divisions to access the appropriate menus and activities required to do their jobs at the time of go live. An important secondary goal was to define the entire security scheme within a role-based structure, to enable efficient system maintenance and compliance with HIPAA guidelines.

Challenges

The initial challenge arose from the complexity of the existing security configuration at the Palo Alto Division. One of the benefits of IDX Security Plus is its flexibility, which allows user configuration to be customized to the unique needs of each organization. The Palo Alto Division had been live on IDX for many years and over that time had undergone many organizational, structural and system changes, all of which altered the method and design of the existing security set-up. With the addition of CMG to the system, the Palo Alto Division concluded that Security Plus required a redesign to streamline it to fully meet the current needs of the organization. While difficult, everyone involved believed that migrating the live Security Plus environment to a role-based design would provide long-term benefits.

The implementation of Web security also presented challenges because it involved a new software platform and creation of security roles for all CMG users. Prior to the configuration, new CMG users needed to understand the IDX system’s features and functions in order to define the access needed by each user role. Thereafter, these role definitions had to be built from scratch.

Key Success Factors

Several factors contributed to the ultimate success of the security project and that of the overall Flowcast implementation. Among these were an experienced team, extensive testing designed by team members and staff, and the use of technology to reduce manual effort and meet tight timeframes.

The Right Resources

In addition to the Global Works consultants, the security team included several key members from the Palo Alto Division. IT supervisors Lisa Wheeler and Ellie Iaccoca, and BAR systems analyst Fidel Moises all share extensive knowledge of the IDX applications, the business processes of the two divisions and the Palo Alto Division system configuration. This team was able to make the necessary decisions and changes to keep the project on track.

Thorough Testing

Once the security design was complete, the system was implemented on a dedicated test system so the testing process could begin. With approximately 15 departments and 20 security profiles involved, the test scenarios required knowledgeable staff members to work through all workflows and system activities. Jeff and the Palo Alto Division team members worked with both divisions’ department managers and personnel to create detailed test scenarios that mimicked the day-to-day activities of individual users. These scenarios were then rigorously tested by the users and managers to work out any system kinks and irregularities. Jeff credits the project’s ultimate success to the team’s willingness to “test, test and re-test.”

Leveraging Technology

Global Works was able to assist the Palo Alto Division’s IT department in meeting deadlines by automating some of the steps required in the project. One instance of this was the use of Global Works’ Enterprise Security ViewTM (ESV) to provide valuable reporting about Palo Alto’s then current Security Plus environment. Using the ESV reports, the security team was able to review each user’s security definition and to track habitual access to system functions and activities. Through this analysis they were able to accurately and efficiently establish security roles that reflected the business needs of the departments and the individual users.

Global Works was also able to automate the time-consuming process of setting up Web user accounts. During the test implementation and the go-live migration, it was necessary to register all of the CMG and Palo Alto Division users in the newly defined Web security environments. Performing and auditing this set-up manually would have taken more than the time available for it in the project timeline. Ed Wasserman was able to significantly speed up this process and also reduce the risk of error by creating Security Configuration Toolkit to load users automatically into the system with the appropriate security role assignments.

Recommendations

As IDX Flowcast upgrades and deployment of the Web user interface become a part of IT plans, security must be an important consideration. Those involved in the project at the Palo Alto Medical Foundation agree that taking a global view of system security was critical to the success of their overall project. Global Works recommends that clients use the momentum of the Flowcast implementation and Web rollout to review and revise their existing security configuration. The upgrade provides an opportunity to work with user departments to assure that security roles fully meet current business needs and to implement a structure that optimizes the functionality of both Security Plus and the Web Framework. Although analysis and reconfiguration of the legacy security set-up will add tasks to the upgrade project plan, the maintenance and compliance benefits of a well-designed security scheme will be long-lasting.


	Home Careers Contact Us Search Client Support

	About Global Works Philosophy History Management Employee Profiles Partners Solution Sets Practice Management EMR Business Intelligence Integration Enterprise Communications Products Form Letter SystemTM Patient Statement SystemTM Data ExchangeTM Interface FrameworkTM One LookTM Enterprise Security ViewTM Services Community User Group Web Sites Calendar of Events Newsroom Newsletters Press Releases Case Studies Editorials