Delivering an Enterprise ePCR Solution

The Connecting for Health initiative by the National Health Service (NHS) in the UK is the largest and most ambitious civilian project in the world. Its aim is to create a multi-billion pound information infrastructure which will improve patient care by increasing the efficiency and effectiveness of clinicians and other NHS staff now and in the future. The CSC Alliance was successful in winning the contract to implement this initiative within the region of North, Midlands and East. This region has over 2500 ambulances staffed by over 14,000 paramedics and EMT’s operating out of six ambulance trusts. In order to meet the needs of NHS, CSC had to find an enterprise grade ePCR solution. CSC selected the Siren ePCR solution, not only for its ability to meet the needs of frontline users, but also for its security, reliability, scalability and configurability.

Medusa’s priority is always to meet the needs of CSC delivering results on time and on budget. This case study speaks to the security, architecture, and functionality features of Medusa’ Siren deployment in England.

Security

AES 256-Bit Encryption: Siren’s safety and security of patient data is second-to-none. Siren employs the industry-leading Advanced Encryption Standard (AES), a 256-bit encryption to protect sensitive patient data. This encryption scheme means that Siren’s patient information is held at the same standard of safety as top-secret United States’ government files.

The Secure Socket Layer (SSL) and Transport Layer Security (TLS) channels, used for transmission of data from the tablet to the application server, further enhance the security of informration. These types of precautions protect patient information if unauthorized persons were to intercept a tablet (or intercept a transmission). Many banks don’t go to these lengths to protect confidential information.

Penetration Testing: CSC contracted a third-party firm to test Siren’s security measures. The firm was given free reign to expose vulnerabilities. The firm’s testers used cross-site scripting and SQL injection (amongst other methods), but were unable to break into the system or access patient data. The firm’s failure to breach Siren’s security is an assurance to the safety of patient data within the Siren system.

Single Sign-On: Single Sign-On (SSO) is a module added to the Siren web application. SSO is compatible with the NHS’s centralized user directory. The result is accessiblity to multiple systems with only one set of sign-on information. With access, users can view patient care reports, add and remove users, and complete many other administrative tasks.

Architecture

Horizontal Scalability: As a component of overall system performance, security of patient data is very important. System stability and scalability are even more important. Traditional, vertically scaled systems with one server are vulnerable because they have a single point of failure. By contrast, horizontally scaled systems distribute data traffic over a number of servers, requiring failure at a number of points before the system crashes. This horizontal scalability design dramatically increases the system’s fault tolerance and the stability of the system as a whole.

In this horizontal design, all servers share the load equally. If one server fails, its traffic is diverted to the other servers. This gives technicians time to get the failed server operating again while the system continues to run. In a vertically scaled server system, the failure of the single server means the failure of the entire system until it is repaired.

Functionality

Customizable ePCR formats: With Siren, users are offered multiple reporting formats to view patients’ records. The reports can be customized to fit the needs of each region. Paramedics use this tool to generate a letter to a patient’s General Practitioners (GP) . This letter outlines the paramedic’s clinical assessment and subsequent treatment. This is an exclusive feature to the Siren ePCR system.

About CSC

Computer Sciences Corporation is a leading global information technology (IT) services company. CSC’s mission is to provide customers in industry and government with solutions crafted to meet their specific challenges and enable them to profit from the advanced use of technology.

With approximately 87,000 employees, CSC provides innovative solutions for customers around the world by applying leading technologies and CSC’s own advanced capabilities. These include systems design and integration; IT and business process outsourcing; applications software development; Web and application hosting; and management consulting. Headquartered in El Segundo, Calif., CSC reported revenue of $14.9 billion for the 12 months ended March 30, 2007. For more information, visit the company’s Web site at www.csc.com.

About Medusa Medical Technologies Inc.

Incorporated in 1998, Medusa develops information technology solutions that improve pre-hospital emergency data capture, increase emergency medical staff effectiveness in patient care encounters, and ultimately lead to better pre-hospital emergency treatment protocols. In order to continuously meet market needs, Medusa collaborates with clinicians and field paramedics worldwide to ensure that the quality and effectiveness of its leading electronic patient care reporting system remain second-to-none.

About the Siren ePCR Suite

The Siren ePCR Suite is a secure electronic patient care reporting system that improves the speed and accuracy with which paramedics can record patient information. Designed for use in ambulances en route to hospital, the Siren ePCR™ software and complementary hardware employ an easy-to-use touch-screen interface to provide paramedics with more efficient data capture tools. With the system, patient data is recorded quicker and more accurately than with pencil and paper. Ultimately, the Siren ePCR Suite allows paramedics to spend less time documenting patients’ ailments – and more time treating them.