Columbus, OH-based Central Ohio Primary Care Physicians (COPCP), a physician-owned medical group, was founded in 1996 by 33 physicians from nine private practices who wanted to focus their time on providing quality health care for their patients. COPCP serves 325,000 patients in 47 locations with 215 doctors, making it the second largest physician-owned primary care medical group in the U.S. COPCP practitioners include pediatricians, family physicians, internists, endocrinologists, infection disease specialists, and hospital specialists.
COPCP needed a way to keep all of these physicians, and selected other staffers, connected 24x7 from any location. The goal? To allow physicians outside of the organization's internal network, such as when they are doing rounds or visiting our local partner hospitals, to sit down at any computer and access the COPCP internal network.
Physicians had been able to do this before with a VPN, but the group needed a way to simplify that connectivity. The result: COPCP selected the SPX SSL VPN secure remote access solutions from Array Networks Inc. The group had already experienced success with TMX, Array's load balancing solution, says Steven Schneider, chief information security officer for COPCP. "Shortly after that, we upgraded the original TMX to Array's next model, the APV." This has enhanced processor power and went from 32 bits to 64 bits, which allowed COPCP to improve its support SSL from within its internal network.
COPCP uses Array's SPX solution to enable secure access to important information for physicians and selected COPCP staff dispersed across its 47 locations, as well as for local physicians from trusted partner networks.
"Prior to this, we were using a device which required an installation of software on the local machine," says Schneider. "The problem was that hospitals don't like software being installed on their machines that is not used within their own infrastructure, and I don't blame them. However, it was a challenge for us to allow our physicians to connect."
The SPX SSL VPN provides simplified and secure access to electronic health records, which contain information on a patient's prior medical conditions, medications, and other pertinent information. This enhances and speeds patient healthcare treatment, which is especially critical if a patient is being treated in an emergency room. Overall, the technology improves the quality of care for COPCP patients.
"Once we had the SPX in place and experienced its value, we started exploring Desktop Direct, which is a feature of the SPX," says Schneider. With Desktop Direct, users can, from remote locations, access files and applications that reside in their own work desktops, using other PCs and tablets. Using a standard web browser, any device can remotely view and control employee or physician PCs located in the office. Employees and physicians can do so seamlessly, without any loss of capabilities or risk of data leakage.
Not only does Desktop Direct provide physicians who are outside of COPCP's network (for example, at home) an alternate secure method of accessing COPCP's internal network, it also provides them with a preferred connection back to the network. "Since it connects back to their own desktops, it allows them to work in an environment with which they are already familiar," says Schneider. "They can pick up working from exactly where they left off at home or at the office."
Schneider reports no challenges or glitches during implementation, and the technology is so simple that there was no need to the users. "However, I do have a requirement that, anyone who accesses any internal devices from or through an unsecured public network, such as the Internet, must have a dual identification," he notes.
In the near future, Desktop Direct will not only be compatible with Windows devices, but also with popular mobile platforms, notably Android and Apple. Array will also be providing support for Macintosh. "This will allow us to create a 'bring your own computer' environment for the physicians, but not lose control of security or introduce any risk to our organization," says Schneider.
This article was originally published on 08-08-2011