Call Girls Jp Nagar Just Call 7001305949 Top Class Call Girl Service Available
William Grollier - CHU Nice - IT Governance in hospitals
1. IT governance and monitoring of operational
and legal risks in hospitals
Mr. William Grollier,
IT Systems & Security Officer,
CHU (University Hospital Center) - Nice, France.
2. Agenda
CHU-Nice in a nutshell
IT governance and risks management principles
IT governance monitoring initiatives @ work
Solution benefits
Deployment phases and next steps
3. Agenda
CHU-Nice in a nutshell
IT governance and risks management principles
IT governance monitoring initiatives @ work
Solution benefits
Deployment phases and next steps
4. Nice CHU in a nutshell
22 departments
5 hospitals
1.700 beds
~60.000 patients hospitalized per year, ~180.000 visits
per year
8.000 employees
240 servers and 3700 workstations running 100
healthcare applications
5. Agenda
CHU-Nice in a nutshell
IT governance and risks management principles
IT governance monitoring initiatives @ work
Solution benefits
Deployment phases and next steps
6. Founding principles behind IT governance
and risks management
• The legal risk is the consequence of operational risk
Legal
• The operational risk is more and more induced by IT risks
Operational
• IT risks strongly relate to:
• The availability and the performance of IT systems
• The integrity and the confidentiality of data
IT
• The compliance with IT standards and policies
7. • Legal obligations
Legal Risk
• Hospital Authority
responsibilities
• Financial impact
Ops Risk
• Services interoperability
• Diagnostic reliability
• Data corruption and leakage
• Procedures Efficiency IT Risk
• Poorly managed H/W, S/W infrastructure
• Weak protection and non compliant
behaviors
• Heterogeneity of HC applications
• HC IT services unavailability
8. Poorly managed H/W S/W infrastructure
IT impact Operational Management
Impact Impact
•Waste of time •Non interoperability •Poor ROI of existing
infrastructure
•Complexity •Poor QoS
•Additional
•Disruption due to management costs
unwanted applications
Requirement :
Continuously monitor the PC standardization compliance
9. Weak protection and non compliant behaviors
IT impact Operational Management
Impact Impact
•Disruption •Data •Penal impact
•Corrupted
•Time wasted •Loss •Reputation
•Cannot be accessed
•Repair cost or updated •Financial loss
•Information leakage
Requirement :
Continuously monitor the security policy compliance
10. Heterogeneity of the HC applications
Management
IT impact Operational Impact
Impact
•Expensive maintenance • Non interoperable • Penal responsibility
versions
•Application malfunctioning • Reputation
•Data corruption
•QoS degradation • Cost and poor ROI
•Wrong diagnostics
Requirement :
Continuously monitor the HC applications compliance level
11. HC IT service unavailability
Operational Management
IT impact
Impact Impact
•Malfunctioning • Data unavailable •Penal consequences
applications
• Unaccessible images •Reputation
•Poor availaility and
performnance • Corrupted diagnostic •Poor ROI
•Saturated bandwidth • Systems inefficiency
Requirement :
Continuously monitor the Quality of Services and users impact
12. Approach
90% of
incidents
have internal 20% of basic good
origin practices resolve
80% of the Security and Qos
problems are a matter of
proper governance,
competences and
taking control
rather than a matter
of means
13. Agenda
CHU-Nice in a nutshell
IT governance and risks management principles
IT governance monitoring initiatives @ work
Solution benefits
Deployment phases and next steps
14. IT governance monitoring @ work
PC standardization compliance
Security policy effectiveness
HC applications compliance level
Quality of Service and user support
15. Well managed H/W S/W infrastructure
PC standardization compliance monitoring
16. Well managed H/W S/W infrastructure
PC standardization compliance monitoring
17. Well managed H/W S/W infrastructure
PC standardization compliance monitoring
18. Well managed H/W S/W infrastructure
PC standardization compliance monitoring
19. Strong protection and compliant behaviors
Security policy compliance and effectiveness monitoring
20. Strong protection and compliant behaviors
Security policy compliance and effectiveness monitoring
21. Strong protection and compliant behaviors
Security policy compliance and effectiveness monitoring
22. Shared or stolen user code identification (1/3)
Security policy compliance and effectiveness monitoring
23. User codes connected on several machines
over a period of 30 minutes (2/3)
Security policy compliance and effectiveness monitoring
24. User codes connected simultaneously on
several machines (3/3)
Security policy compliance and effectiveness monitoring
25. HC IT services availability
Quality of Service monitoring
26. HC IT services availability
Quality of Service monitoring
27. HC IT services availability
Quality of Service monitoring
28. HC IT services availability
Quality of Service monitoring
29. HC IT services availability
Quality of Service monitoring
38. Monitoring IT risks governance
drastically reduces ops and legal risks
Legal
• The legal risk is the consequence of
operational risk
Operational
• The operational risk is more and more
induced by IT risk
IT risks
• Availability and the performance of IT systems
• Integrity and the confidentiality of data
• Compliance with IT standards and policy
39. HC IT Services Governance Life Cycle
Assess gap Execute
Monitor to
against and Monitor
Maintain on
target and progress to
target
plan action reach target
•Risk Detection and Security Compliance
•World class Quality of Service and Support
•Cost effective HC infrastructure maintenance
40. Agenda
CHU-Nice in a nutshell
IT governance and risks management principles
IT governance monitoring initiatives @ work
Solution benefits
Deployment phases and next steps
41. Solution benefits
IT
Cost of ownership: super fast deployment, lightweight, zero coding
Non intrusive, zero infrastructure performance impact
360°IT governance in one unified environment
On Demand diagnosis
OOTB, Investigation, Reporting, Alerting, Library
Extensible to backend monitoring solutions
Operations and Management
G.R.C.: desktop configuration and usage compliance
World class support / user satisfaction
360°view over the QoS / impact analyses in real time
Financial: infrastructure rationalization based on real usage
Consistent PMSI repo*
* http://fr.wikipedia.org/wiki/Programme_de_m%C3%A9dicalisation_des_syst%C3%A8mes_d%27information
42. Agenda
CHU-Nice in a nutshell
IT governance and risks management principles
IT governance monitoring initiatives @ work
Solution benefits
Deployment phases and next steps
43. Project phases
End point Assessment Baseline (evaluation)
Installation and deployment: 1 day
Information collection: 3 weeks without work
Configuration: 2 days
Full deployment
New dashboards creation and deployment
Reporting and alerting
NEXT Steps
New dashboards, reports, alerts
Integration to backend monitoring platforms to enable end-to-end
monitoring