Remote Service Infrastructure – Day One
The first presenter was Harald Fiedler with Philips Medical Systems,
from my old stomping grounds in Bothell, Washington. His focus was on
lessons that he's learned from remote service implementation. Harald lead off with a truism: you don't know what you don't know. That is so true any time your business takes you outside of your traditional core competencies. Adding connectivity to a medical device – whether for workflow automation or remote service – takes your organization outside established core competencies.
He
presented some IMV survey data on what customers value most, and by far
service speed was number one. Remote service also provides better
control and management of your installed base. It's easy to know what
you've shipped, but without remote service, you have a hard time
determining what's still in use and the degree of utilization. Philips
has 22,000 systems online at 3,500 customer sites (almost all big-iron imaging modalities). Philips connects to
their devices over the Internet doing proactive monitoring, collects
utilization stats, application training and support, and pushing out software
updates. For example, one of the parameters they track on MRIs is He+
boil off (that's to coolant used in the magnet).
He next hit on what he called the “messy network problem” – getting information from your product
on the customer's network into your enterprise. He sees the remote product monitoring market
starting to transition from early adopters to a more mainstream market.
One indicator of this is the spate of recent acquisitions among remote monitoring software vendors (nPhase, Questra, etc.)
Harald also
mentioned
crossing organizational silos as an important issue – and was a theme from yesterday. C-level buy-in is
critical in getting the organizational focus required to move an
initiative that crosses silos. Security was another topic that was
highlighted, especially understanding requirements. It is also
important to have a marketing guy who understand the remote service
technology and can package the service and create service product
positioning and sales tools – remote service is a product, much like
the devices you're going to monitor remotely, so a product development
and marketing process is necessary for success.
On the topic of security Harald mentioned call obfuscation – security products that hide the actual kind of operating system the system is running – as an important technology. He also took the position of “no analog modems!” Analog modems represent an open port with access to your customer's network; the lack of strong authentication means you don't know who's calling in; analog models don't provide the ability to monitor or see what data is going out, and modems have more reliability issues than network/VPN connections. ISDN modems are prevalent in Europe and don't have the problems of analog modems, and the same holds true with cellular modems used to access wireless wide area networks.
World wide security regs that Philips must comply with includes:
- HIPAA – USA
- BC 73 – CDN-BC
- Bundesdatenschutzgesetz
- EU 95/46 – EMEA
- Various APAC regs
He also mentioned cross border PHI (patient health information)
requirements, some of which limit access to patient identifyable data
from outside the country where the data resides. Philips avoids
accessing any PHI through remote service. The scrub PHI from devices
and data entering the data center for legacy devices. New products
include an enforceable product security policy that cleanses the PHI
data on the device. No PHI is logged for service, and PHI is always
encrypted when it is removed from the device/customer site whether it's on a CD, or a technician's laptop.
Great question about using the customer's VPN solution. The reality is that field service reps could end up with numerous VPN tokens from various hospital's VPN appliances. Because the tokens are “owned” and managed by the hospital (or more importantly not managed by the service vendor)
Next up – a panel discussion on analyzing connectivity options in remote service. On the panel are Winslow Soule, CTO of Integration Display Systems; Jenny Coleman, manager service tool development at Invensys Process Systems, and yours truly. Negotiating network access wiith customer IT departments for remote service is a challenge in every industry. The consensus of the panel was that the best way to overcome IT resistance is education – the quicker you can get ahead of IT's objections with facts and analysis, the quicker and easier it is to gain IT buy-in
After the break, David Geltner, director of engineering at nPhase, and Bill Wark of Siemens talked about “untangling the messy network of cellular wireless.” Wireless wide area networks are an ideal connectivity vehicle for some remote service applications. Field service workflow automation is probably the biggest cellular application. Deploying devices with cellular modems comes with a heavy administrative burden – provisioning, tracking SIMS, consolidating bills, etc. nPhase provides an infrastructure for managing the logistics of deploying and managing a large number of geographically distributed cellular modems. If you're embedding your radio into your device, you must get it certified by the carrier(s) for running on their network.
Pictured right is a Zonar tracking unit utilizing a Siemens GSM/GPRS cellular radio module with integrated GPS receiver.
Optimizing and Securing Remote Service Infrastructure
This must be the height of conference season – I'm at another conference this week. Yesterday I presented a 3 hour workshop titled “Understanding How the Introduction of New Equipment Impacts the Networked Customer Environment: Lessons in Connectivity and Security.” Whew! Medical device vendor attendees are well represented here. My interest in the remote service topic is the considerable relationship between medical device connectivity and connectivity for remote service.
The first workshop yesterday was “What Data Do We Need to Collect? Data Architecture for Remote Service” presented by Yousif Hassan and Asad Jobanputra, both of Esprida Corp. They presented an inward focus on the issues to consider when creating and implementing a remote service system in your company. Identifying data elements, workflow automation, new procedures that are required were all discussed.
My workshop was a nice complement to the first one because my focus was external – gathering requirements from customers, especially for network connectivity, remote service “productization”, and security. Specific processes were presented that describe how to gather network and security requirements from your customers, a review of HIPAA requirements, and a deep dive into Business Associate agreements and resulting operational requirements Business Associate agreements place on vendors. Networking rocket scientist Dave Hoglund, of Integra Systems, collaborated on the creation of the presentation especially around specific methods, techniques and vendors offering remote IT monitoring capabilities for wired and wireless networks, SNMP, etc.
The last workshop (we went until 8pm!) was “Wireless Connectivity Options for Remote Monitoring and Management.” John Canosa and Richard Hecht gave a great overview of the whole alphabet soup of wireless technologies. In addition to reviewing the various characteristics of each different wireless technology (range, bandwidth, cost, etc.) they presented a process for determining which technology is best for your application. Great stuff.
Pictured right (at the front of the room) is Aurora Santiago, event producer, introducing the keynote Steve Pazol, VP & GM of NPhase and fellow blogger – check out his site.
