Home > Blogs > VMware for Healthcare IT

The next generation clinical workspace – making for a better Digital Health experience.

We have already entered the era of digital health. However, today it is far from an efficient model.  Interconnectivity standards are more proprietary than open, resulting in a fragmented and ineffective model.  Currently, Digital Health itself is not healthy.  Digital Health is a rapidly evolving agglomeration of applications, interfaces, devices, workflows, along with other related technologies and communication patterns to address improving health along with “usual” and critical health issues for individuals and the communities we live in.  But because it is still evolving, it is both very unstructured and siloed, and yet very open to influence and thought leadership.

VMware is developing strategic partnerships with many of the leading healthcare vendors. These are beginning to both demonstrate how our technologies benefit theirs, along with beginning to build integrated solutions that are beginning to play more prominently in healthcare.  A good number of our solutions are now influencing and shaping how Digital Health will mature.  We must focus on making it easier for physicians, clinicians, and support staff to work with patients and their electronic health data.  The technologies that we are building are the future enablement of delivering the next iteration of Digital Health.  We are rapidly becoming the portal, the preferred clinical workspace, for healthcare.

Instead of re-hashing all of the known issues as to how it is broken, I want to focus on what will the clinical workspace for healthcare will look like in a few years from now. This is important for all of us who are charged with delivering EUC healthcare solutions to help drive the solution forward and make it meaningful.

First of all, the right approach to answer this question is from the caregiver perspective. What are their requirements, their needs, of the workspace?  My reasoning for this approach is that the caregiver is the data entry point for most of a patient’s electronic health data.  Physicians struggle with being reduced to be “data entry specialists”, because they are also a primary consumer of their patient’s health information.  This especially drives the need for the clinical workspace to be re-designed.

Short version: they need a single unified view to the correct mix of applications, to collect and reference relevant health data, including available digitally enabled devices, to engage only the relevant clinical workflows, to diagnose, establish the correct care pattern and meet the patient’s unique healthcare need, from any location, and at any specific moment of their day from any type of technology available to them.

The technology involving the clinical workspace is only the enablement of access to the application(s), it is an extension of the clinical workflow and care pattern in play. The behind the scenes technology must be seamless and invisible to those using it.  The technology must get out of it’s own way, and enable the clinician to do their job.  The caregiver should not be forced to think about the technology and how it is used.  I am being very deliberate to avoid describing a physical workstation.  Because ultimately, the care-giver needs to access their clinical workspace from any device at any time from any location.

In the not too distant future, the next generation clinical workspace will include the ability to:

    • Be highly interactive with the patient, the patient’s visitors, the location, the environment of the care being given, the care givers involved, the medical community at large. Based on prior authorized communications, along with immediate patient consents, the interactions will enable communications with all involved during the episode or care. It may even use social media circles to guide who can and who cannot interact with the patient.
    • Contextually secure the workspace, by being aware of those who are privileged and must have access to PHI to provide care, and equally aware to flag and report on any unauthorized access or information movement related to the episode of care in progress. Various forms of two-factor authentication mechanisms will be available, used to authenticate caregivers to the patient, creating a unified identity, to immediate family assisting in medical decisions, even to the patient’s visitors, guiding the caregivers to the level of detail of medical information that can be communicated.
    • Deliver the unique blended mix of applications and information that pertains to the patient, yet are designed to present the best workflows and patterns of care for caregivers to follow, or collaborate with other caregivers. The applications will sense and adapt to the endpoint being used to communicate the information in a consistent relevant format.
    • Support location based computing, with clinically oriented geo-fencing and real time locating systems, enabling contextually aware apps to appear/disappear from the workspace, based on the care required, along with the same app being dynamically reconfigured to access information relevant to the care the patient is receiving.
    • Display context enabled dashboards that pertain to user specific workflows. The dashboards indicate the next step in the workflow and the appropriate user(s) who are responsible for that task.
    • Use natural language processing as one of the primary data gathering mechanisms within the EHR and other critically relevant clinical applications along with a verbal command capability such as Siri or Cortana.
    • Use the camera of the mobile device as a data gathering and assist in diagnosis. Specific examples would be to take a series of pictures of a laceration to document the wound, it’s stitches and bandaging, or use an infrared camera to assist in diagnosing increased localized temperature from an internal infection or injury. The picture will include digitally augmented overlays identifying the size, depth and other unique observations of the wound.
    • Be technically aware of the immediate surrounding medical technologies available, based on either medical need or workflow, to wirelessly interface with required medically necessary data feeds and information sources. It will pre-authorize and enable connections to those devices and patient care workflows, and provide feedback that those are initiated and completed. It would including devices such as a Fitbit, or Apple’s Watch, or a patient’s smartphone that may be collecting biometric information prior and during an injury. This interconnectivity feature will differentiate the haves from the have-nots.
    • Access personally stored health data in our personal “clouds”. Just like us keeping our music in iTunes, critical files in Dropbox, and pictures in Instagram, we will begin to use the cloud for the amalgamation, or a digital timeline, of all of our healthcare events. This enables a consistent representation and communication of all our health events whenever and however needed.

The next generation clinical workspace described above is not Digital Health, but instead what the core technologies of digital health need to look like. It will take the collective experimentation and collaboration of many to evolve the next generation of Digital Health.  It is very apparent that healthcare itself is no longer just provided in an inpatient, outpatient, or tertiary location.  Instead, it is wherever and however a patient and caretaker interaction occurs, including telehealth.

This is where the VMware Horizon ecosystem differentiates itself. From the caretaker perspective, it is the only highly integrated nascent technology that uniquely reduces healthcare workflow friction.  It aligns itself to a fast paced workspace, filled with interruptions, and seamlessly transitions healthcare workflows from user to user as they move from event to event, location to location, ultimately enabling patients to heal faster and return to their normal lives.

A call to action for those of us involved with delivering VMware solutions to healthcare organizations. We need to continue to deepen our relationships and integration with our EMR vendor partners.  We also need to continue to identify and align with new innovative healthcare and technologies vendors, to create new delivery solutions to meet the demands of the next gen clinical workspace.  Finally, as we meet with healthcare delivery organizations, we need to be listening to differentiating input and critique from the caregivers themselves on how best to implement digital health via a clinical workspace.   Together, collaboratively, we can bring about THE desired next generation clinical workspace for the healthcare industry.

The Changing Face of Healthcare Security – Leveraging a Zero Trust Model to Protect Your Critical Assets

Post for Chris Logan, Senior Healthcare Strategist, VMware, MBA, CISSP, by Tony Amaddio Senior Healthcare Strategist, VMware

The trend of health data breaches for 2015 is staggering. As of October 23rd, the breach tally has affected over 113 million individuals. More importantly, the top six breaches this year have impacted 109.6 million individuals, which accounts for 96 percent of the currently reported incidents so far. What I find to be intriguing about these recent breaches is they all involve hacking attacks, which up until this year, were a rarity in healthcare.

As of October 2015, the official tally of major healthcare breaches since September 2009 listed 1,374 breaches affecting a total of 153.8 million individuals. That means that this year alone, the six recent hacker attack breaches account for nearly 71 percent of all victims over the six year reporting period. One of those attacks, health insurer Anthem, affected nearly 79.8 million individuals, over 50 percent of the total number of individuals impacted since 2009!

This is new territory for healthcare. Could it be due to a lack of focus on cybersecurity or is it due specifically to our continued reliance on legacy systems? Older IT systems are rich with patient information and many times they are missing needed controls and are protected with outdated technology. The real issue is that Protected Health Information is an asset and it needs to be afforded the same level of protections as other assets such as buildings and equipment. Does anyone believe that a health care organizations would buy or build a hospital without fire suppression systems? Of course they wouldn’t so, why are they still relying on virtual fire exstinguishers to address cybersecurity when they truly need a much more comprehensive set of controls for their data?

So how is VMware addressing these issues? Consider first that security is not a one size fits all problem and VMware strives to understand our customers operating environment and how data is being used and delivered across your enterprise. Armed with that knowledge we look to build a platform for security by ensuring the protection and proper access of your key assets, your data. Across our portfolio we have many solutions which allow us to demonstrate layered security controls to protect our customers and partners digital assets which includes NSX for microsgemtation, vRealize for configuration and compliance management, AirWatch for mobility management, Horizon for virtual desktop and Identity Manager for application provisioning and conditional acess controls.

One way to layer security over your critical assests is to implement a Zero Trust architecture. With the VMware NSX platform, a Zero Trust architecture is built as a baseline through microsegmenation. This concept was first proposed by Forrester Research and is intended to address security by promoting, “never trust, always verify,” as its guiding principle. With Zero Trust there is no default access or entitlements for any entity which includes users, devices, applications and network traffic regardless of the location, whether on or off the corporate network. By establishing Zero Trust boundaries, you can effectively microsegment your network allowing enhanced protection of your critical data from unauthorized applications or users, reducing your exposure to vulnerable systems, and preventing the lateral movement of malicious software across your network.

There is no single solution to this problem, it takes true focus to move past just ensuring compliance to guaranteeing the efficacy of the security program to both mitigate and remediate the risks inherent to the technology being employed. In this world of digitization, compliance is not security and security does not guarantee compliance, both need to work in harmony and meet the needs of each orgainzations goals. We must remain attentive in our efforts to help our customers protect their assets and that requires everyone’s diligence. As a trusted partner we must treat security as a team sport, supporting our customers and partners needs by helping them become aware and truly understanding the increasing threat to their digital assets and implementing solutions to solving this new epidemic.

Do you have that awareness today? VMware has significantly invested in the tools and expertise to meet the changing demands security demands of the healthcare industry. VMware is ready to help you address your new security initiatives and drive greater outcomes to the delivery of patient care by allowing your greatest asset, your data, to be used in an secure, effective and efficient manner.

** Statistical Data gathered from https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf *

Secure by design: a healthcare IT imperative

Healthcare IT is different.  Problems don’t just cost money. With the Internet of Things in our hospitals and clinics, lives can often be at stake.  Designing a secure healthcare IT environment is critical not only to the business, but more importantly to the real end-user, the patient.    Security, in many Healthcare environments, frequently not considered as a part of the design process.  In order to properly design secure Healthcare IT solutions, it is imperative to consider Lifecycle Management of the application, Traffic Management between applications, and Configuration Management of the systems that support the application.

Lifecycle Management

While not always considered to be part of security, the lifecycle of an application, with its underlying Virtual Machines (VM), plays a critical role in security.  Consider a VM built for a specific application.  It is fairly simple to provision a VM from a template.  But then there is storage, networking, security software, application software, etc.  Even if everything is done correctly, and each team follows the procedure, one minor variation can have far reaching changes.

Once there, it is tough to completely remove.  In many environments, a VM might be decommissioned at the end of it’s lifecycle, but often times DNS, IP address management, firewall rules and many other systems are not cleaned up.  Many times the application may be upgraded, archived, or decommissioned, but VMs which are no longer necessary will continue to live on.  While this is inefficient, this also makes for more targets since these can fall out of monitoring systems, or can remain unpatched.

Building environments, the same way every time, removing the element of human error, and ensuring they are managed and retired or archived as appropriate provides for faster troubleshooting and a greater security since the systems are all treated similarly based on their security classification.



Traffic Management

As I have talked about previously, traffic management becomes far more important in a virtual environment.  This is particularly important in highly regulated environments such as Healthcare.  When applications contain HIPAA or other critical data that must be secured, controls must be put in place to ensure proper traffic management.

Consider a traditional three-tiered application with web, application, and database tiers.  Ideally, in a secure environment, traffic should be inspected when traversing between each tier.  In our example below, notice that we are also using separate subnets with full layer 3 routers between them.  By doing this in software, we are able to simplify the rules as we discussed in Lifecycle Management. Policies are applied to the VMs at time of creation. Firewall rules exist in the form of a policy. Routing decisions are made locally, firewall rules are applied locally, and traffic never need leave the software environment unless it requires access to physical plant.



Configuration Management

The importance of designing a secure system cannot be overstated.  Equally important to a secure environment is continuous monitoring of security.  Changes happen, whether a human or machine is the cause, configuration drift is a reality in every healthcare environment.  Time after time, audit reports show that a lack of configuration and patch management is the cause of numerous security breaches.

In the example below, configuration management extends to multiple types of environments.  While we often think of HIPAA in our regulated environments, there are often PCI or other areas which need validated, and all to often some of these can overlap.  Good Configuration Management means being able to show auditors a complete report on what the environment has looked like over time in addition to its current state.  This type of on demand reporting and remediation prevents the loss of patient data, while securing the environment and ensuring lifecycle management policies are enforced.



Healthcare IT security should not be the security group setting policies in a vacuum.  Everyone in the healthcare organization is responsible for security.  It is the responsibility for Healthcare IT to provide a framework and manage appropriately so that security is a part of lifecycle, something which extends beyond just firewalls and VLANs.  Constant monitoring and remediation prevents malicious or accidental breaches, and provides the patients and providers alike a secure experience without impacting performance.


See you at eHI Live in Birmingham

VMware will once again be sponsoring the UK’s largest digital health show in Birmingham on November 3rd and 4th. We’ll be in booth F50.

This year we will be showcasing how VMware Healthcare solutions are mobilizing providers and patients saving an incredible 10 minutes every hour as providers access patient charts, and helping drive patient engagement and satisfaction.

We will have technical experts on hand from VMware, Airwatch and our partner Innov8 to explain how VMware solutions are helping:

  • Yorkshire and Humber Commissioning Support increase GP productivity and enhances patient across 80 GP practices through access to patient information on any device, anywhere
  • Stockport NHS Foundation Trust transform the emergency department with mobile devices improving the detail and accuracy of patient information, transferring clinical notes to the patients GP immediately on discharge, and saving 38,000 pounds in printing costs to boot.
  • Nottinghamshire Health Informatics Service simplify the 60 logins a day for each clinician and enable NHS Smartcard access to medical information, applications and NHS Spine from any workstation or mobile device.

If you’re on a tight schedule and want to make sure someone will be available when you need them, reach out to me on Twitter @james_mi and we’ll setup a time.

Securing the Healthcare Desktop

In today’s modern healthcare environment, delivering a secure and user friendly computing experience is critical to our adoption of technology.  With growing concerns over security breaches, new demands from providers for better and faster technology, and patients looking for a more personal yet consumer like experience, healthcare technology is under extreme pressure like never before.  Applications need to be delivered to many types of devices, data must be secured, all while providing a seamless and superior experience.

The state of the Healthcare Desktop

The healthcare desktop has not undergone significant changes for a number of years.  We continue to upgrade the operating systems, the applications, add new features, but the delivery not kept up with threats.  We have moved the desktop or application and its data inside the datacenter where it is secure, but that only goes so far.  We are seeing increased mergers and acquisitions in healthcare which often brings together disparate systems.  In many locations, doctors are becoming contractors, or employees of larger health care systems.  We are even seeing a surge in software development at some of the larger healthcare systems, some customer facing.

Bringing the data into the datacenter, some of the liability was removed.  With no data on the device, the provider was able to move from system to system, with a similar, and more secure experience.


Unfortunately, this uncovers another flaw.  With the traditional model of datacenter security, we secure the perimeter, as on the left, but once inside security is often far more relaxed.  To resolve this, a micro segmentation such as on the right side can be deployed.  For most environments though, doing this in hardware is to costly to deploy and maintain.  Firewalls everywhere requires managing in many places, and updating policies in many places.


Security built in not bolted on


In order to give a healthcare provider, the security they need, and to do so at the scale required, we need to look at a combination of the two models.  We need to bring the data in the datacenter, protect the physicians and give them an experience they are going to be excited to use, make it better not just more secure.  We also need to secure the traffic once it is brought inside the datacenter.  Not a new concept, just applying datacenter micro segmentation to the virtual desktop.


In reviewing the design, nothing is being removed from a traditional VDI design, physical networking components are still present.  The change comes is the green network icons represent software routers and firewalls which enable us to simplify the design.  Notice multiple layer 3 domains, not just VLAN’s, but full L3 domains enabling us to completely isolate traffic.  The firewalls encapsulate each virtual machine, not simply an operating system firewall, wrapping the virtual machine in a container and allow inspection and security at the actual VM level.

These two components are particularly important to the design because they enable us to create micro segmentation for our virtual desktop environment.  Designing this at scale requires that we use security policies to prevent thousands of firewall rules.  Policies enable the security profile to live with the VM through it’s lifecycle no matter what physical host it may be on.  Now if a user is able to compromise our virtual desktop system, they are stuck behind a firewall.  Even if they are able to get through the operating system firewall, they are still trapped behind the internal firewall.

From a healthcare perspective, we are able to do this all without impacting performance since the firewall is a part of the Virtual Machine itself.  If a healthcare provider needs access to something, policies can be changed in real time, and done at group or individual level with extreme granularity as needed.  This enables healthcare IT to not only provide a secure system, but one that is not slowed and can be adapted as needs change.


Security in healthcare continues to be one of the most important topics of our time.  With more sophisticated threats, and a greater demand for a consumer like experience, healthcare IT must find ways to give both with minimal compromises.  By leveraging virtual infrastructure both on the network and desktop virtualization side, we can give our providers what they need while still protecting healthcare consumers and giving them the peace of mind they need.

Healthcare Desktops in the Cloud

Desktop virtualization is a potentially exciting topic, but one which requires careful planning and resource allocation.  For many healthcare companies, the flexibility and control provided by this technology frees up resources to innovate and focus on customers.  In a traditional desktop virtualization environment, this is simply shifting IT resources to support this new paradigm.  For many use cases, this support could be offloaded as the workloads are migrated to VMware’s Horizon Air.

Why Virtual Desktops?

From a security perspective, moving the data from the user’s laptop into the datacenter on a virtual desktop makes sense.  Once we bring that data into a more secure perimeter and then simply enable the end user to manage that data from a remote location, much of the risk is eliminated.

From an ease of use perspective, a Virtual Desktop opens more opportunities.  My primary desktop is a Windows 7 corporate image on VMware’s Horizon View.  I might access that from my VMware issued laptop, my iPad, a shared computer in a partner office, or even my phone, depending on the circumstances.  For me mobile is not just a concept, mobile is a way of life.  For VMware’s IT department, a Virtual Desktop is more secure and efficient because most of the endpoint devices are not VMware assets.

What about HIPAA?

In healthcare we are always highly aware of regulations.  Think about the last time you walked into your doctor’s office.  They likely requested you sign a HIPAA notification that describes your right to notice of disclosures of your information.  This is designed to protect you, the customer.  What happens when medical providers give up control of protected data?

The HIPAA and HITECH Acts provided for a Business Associate Agreement, BAA, to protect healthcare providers when working with a Business Associate such as VMware.  In 2013, new rules require that even if the Business Associate does not ever access the Protected Health Information, PHI, a BAA must be in place.  These enable healthcare providers to move forward with moving workloads off premise without the concern of taking the liability themselves.

Why the VMware Cloud?

There are several use cases for moving workloads to VMware’s Horizon Air.

  • Rural hospitals with limited IT capacity that would like the flexibility of anywhere access
  • Health networks pooling resources to meet Meaningful Use goals
  • Rapid desktop scaling to support Mergers & Acquisitions
  • Business Continuity for clinical desktops to minimize downtime

Notice these are not all primary use cases, but rather complimentary.  They enable internal IT teams to focus on what is in front of them.  Horizon Air can also run primary workloads; these are simply a few of the potential examples.  By using the VMware Horizon cloud, the end user can enjoy the seamless experience they are experienced with in Horizon View currently.  The administrator can manage them similarly with less decisions required, and scale as needed for both capacity and performance.

As VMware continues to drive innovation in Healthcare environments, there is a greater focus on moving to a more hybrid environment.  Understanding which workloads run best internally, and which run best in VMware Horizon Air, will allow IT teams to leverage the best technology for the task at hand.

Summer Reading

I’m sure many of you are looking forward to some vacation, and what summer vacation would be complete without a good book?

I have just the book: an action packed thriller about hackers that gain access to corporate data centers, stealing secrets and customer information, leaving a trail of fines, cleanup costs, and tattered brand equity in their wake. One company didn’t even know they were hacked, but I don’t want to spoil the ending.

You can download a copy of the book here

Hope you enjoy it as much as I did!

Healthcare Sessions at VMworld US 2015

Last year, before VMworld U.S. 2014, I wrote down a stretch goal for myself to submit a session for VMworld U.S. 2015.  I have never enjoyed being the center of attention, and public speaking is a skill I am developing.  Imagine my surprise when my session was accepted!  I am very honored; going though the process and knowing some of the exceptional sessions that were submitted set an incredibly high bar.  It is going to be motivating to speak with you, show you what we are working on at VMware healthcare, and get feedback on what it means in your environments.

With VMworld U.S. 2015 just around the corner, there are a number of exciting things happening for Healthcare.  Within the past year, the VMware Healthcare team has continued to experience tremendous growth because of our amazing leaders, a highly motivated team, and exceptional customers.  This year we are offering more healthcare specific sessions at VMworld, and we need you to vote with your feet.  Come to the sessions, let us know what you think, and help us put the focus on what you do every day.

Below is a list of the healthcare specific sessions.  Check them out; some are presented by your peers, some by the VMware Healthcare team, and some by our partners.  The greatest compliment you can give a speaker is to ask questions during and after the presentation, and to come introduce yourself before or after.  The best part about VMworld is meeting people who are doing amazing things with the products, and have new ideas, and can share their successes and challenges.  I will be presenting about Virtual Desktop Security, session EUC4847.  Hope to see you there.

Innovation by Value

BulbInnovationValueInnovation: Overcome Barriers with Value

Datacenter architectures are evolving everywhere: new designs leveraging new technologies that cut across the technology silos of our organization structures. The increasing use of software to deliver capabilities allows more rapid adoption through more controlled experiments that lead to more rapid success, proof, and deployment, but we are stalled in our efforts to innovate by routine, business as usual, comfort, and fear of changes that affect how things are done and who does them. Value delivered by new solutions merits our full attention, and it is only through value and the measurement thereof that we can choose which technologies to employ.

Innovation is an iterative, constant process executed by people who thrive on improvement, and it raises so many important questions. Who does the experiments and understands the impact of success on various people in technology-specific roles? Where do the tools required to prove the solutions come from? Who must own the evaluation of Software Defined Networking technologies? The Network team? The Virtualization team? Who must evaluate Software Defined Storage? The Storage team? The Virtualization team? If we adopt it, who owns it? Where does additional headcount come from? What if we don’t need as many people?

Impact questions are stifling because they affect people–people we care about, and lots of innovation is actively stalled when individuals and leaders see that they may need new skills, new organization, or worse: not be needed at all. This behavior is understandable, and requires delicate attention, but we must all fight the urge to protect what we did yesterday and continue in the same manner without review. It may be that yesterday’s methods are still the best to solve the problems at hand, but only an evaluation of value can tell us. The inputs to our decisions are constantly changing, and unless we revisit the reasons we chose the current model, we cannot know if it is still the best.

Customer Story: Innovation is Hard

I met with a large healthcare customer recently, an innovator in very many ways: they have invested in automation for reliable provisioning; they have invested in software defined networking to provide agility and scale staff; they are exploring software defined storage to reduce their largest capital expenditure; they are producing software and solutions for sale using a variety of self-service solutions; they are exploring their End User Computing options; and they want to explore microsegmentation because of its impact on their security profile. This is great: they are realizing value from many new solutions and planning to understand the value of more.

The challenges come in operationalizing solutions that cut across the organization to increase adoption of what individual teams have done. Automation was implemented by the Infrastructure team. The software defined networking is being driven by the Networking team and is not integrated into the Infrastructure team’s automation solution. The software development group leverages cloud resources that are provisioned by individuals and exist outside the scope and visibility of the core Infrastructure team. They have not changed their EUC strategy because theie comparisons have used older architectures and associated costs. Conversations about using the Automation solution to provision the resources needed by the development organization stalled over concerns about ownership and headcount. Automation is not available as a self-service resource to enable rapid innovation for people with very short term needs (one-third of all) due to fears of abuse. The integration of Automation and SDN hasn’t happened for many of the same reasons, and there is further question about whether their preferred technology is truly viable given how difficult it has been to implement so far.

This is an innovative customer exploring new technologies with an appetite to adopt them that still struggles with transformation, and they are not alone. We often talk about people, process, and technology as the three elements of transformation. In so many cases and in so many ways, technology is the easy part.

Value is the Metric and the Answer

The way forward must be an objective assessment of value. If the development organization can be made measurably more productive and outweigh the cost of additional investment in Automation, that is the correct decision. If SDN can increase staff scale sufficient to justify the investment in the technology and integration with the Automation platform, then it should be done. If a new EUC architecture can increase Clinical productivity and/or lower the total cost per user over an analysis period, it must be piloted, validated, and selected. Business as Usual has a set of costs. Plans for the near term have known costs. Anything else we evaluate as an alternative must be weighed against those known and expected costs.

For the large customer I mentioned, we are going to partner with them on the analysis of SDN alternatives, see if we have a more valuable alternative. We are going to do a more detailed assessment of their Clinical Environment and EUC infrastructure to determine if our model will deliver better results at lower cost. We are going to evaluate whether we can have a marked impact on development innovation with self-service requests and appropriate resources to support it. We are going to help them show a substantial cost savings and performance improvements using software defined storage. In sum, we’re going to help them model and prove better methods that will lead to a higher functioning infrastructure and increased productivity for those who rely upon it.

These partnerships provide terrific value. For our customers, they provide better decision support resources based on facts and analyses using their data, their cost models, their assumptions. Innovation and the value derived thereby is how IT has leapt to the forefront of competitive differentiation in so many industries and will do for more.

Note: Further discussion in Innovation and Org Structure can be found here.

Making application delivery just a little more friendly

Application delivery in the healthcare world is the reason for healthcare IT.  At the end of the day if the applications weren’t here, the infrastructure wouldn’t be of much value.  We can drive more effective patient outcomes by providing an improved provider and user experience to healthcare users by augmenting existing Citrix application delivery.

Just in time application delivery

One of the biggest challenges we see with most of our healthcare customers is maintaining the applications once they are in place.  Firmware updates, operating system patches, and application upgrades, all forcing downtime, or significant planning.  Rolling updates can mitigate some of this, but it is an incredibly manual process.  Adding capacity requires building a system(s), install the operating system, add the application, test, and deploy, then add this system to the patch/update cycle.  No matter how skilled you are at this process it is incredibly time consuming.  It isn’t a “people or process” problem so much as a technology problem.

Healthcare applications need to become more flexible.  By using a just in time application delivery model, we can simplify the deployment process.  Package the application once, and deploy to an entire farm of servers, want more servers, add the entitlement to that server, and the application is automatically pushed.  Citrix being prevalent in healthcare application presentation creates an opportunity to improve the deployment of applications to large Citrix farms.  This enables a unified approach to application packaging and delivery at the presentation layer.  It then becomes about abstracting the application from the operating system much like we did when we began virtualizing servers and abstracted the operating system from the hardware.


Application Catalogs

The rise of consumer devices, smartphones, tablets and the like have lead to the expectation that applications be delivered on demand and in a self service portal.   Technically proficient users are even less willing to go through the pain of application installs.

In today’s modern healthcare enterprise, application delivery is not a single tool.  We are at a transition point in how applications are written, and how they are delivered.  Whether it is a Software as a Service model, or a full-on desktop, healthcare providers need to have a single place to go with a unified experience across their devices and applications.  Notice the incredible flexibility of the delivery methods providing a strategy, not one size fits all. Whether you are delivering a full virtual desktop, a SaaS application, or a Citrix XenApp, everything comes through the same portal with a similar look and feel.  


User Environment Management

For healthcare providers, consistency is essential.  Sean Kelly, MD, a practicing ED doctor at Beth Israel, talks about a doctor assessing a stroke victim, and the considerations which go into it.  What would happen if the application icon was moved, how much time would that cost, how much additional brain function would be lost? “Evaluating a stroke patient in the ER is highly time dependent,” said Kelly. “In order to treat a patient with thrombolytics (“clot-buster drugs”), a clinician must rapidly access prior medical history for any contra-indications, order a CT scan to rule out bleeding and review it on PACS, consult neurology, perform an NIH stroke scale and potentially treat blood pressure or other co-morbidities”, according to Kelly.  “Good technology doesn’t just save clinicians time, but also prevents cognitive disruption and contributes to patient safety and better outcomes.”


Application Monitoring

Have you had a user call and complain about an application being slow?  Healthcare is fairly unique in the application space because we tend to deliver a large Electronic Health Records application with a number of attached applications surrounding it.  This becomes a larger issue when we consider the infrastructure components and the application delivery method.  How can we tie those events together?

Having a single source of truth for the entire application stack is critical.  When we can tie in the Infrastructure, the Citrix XenApp performance data and application data, it makes the provider experience better, reduces downtime, and allows for predictable performance.  Problems can be resolved before they are seen by end users through predictive analytics.


Healthcare IT is a changing space.  We are continuing to make improvements, drive innovations in patient care, and in provider satisfaction.  More and more technology is not just a part of healthcare, it is the critical success factor in the patient experience.  From the moment the patient walks in the office, they are impacted by applications, and how we manage and provide those applications.  A positive user experience leads to higher satisfaction, and improved care.  By improving the experience of the existing Citrix application delivery model we can deliver a better patient experience by improving our existing environments.