Sumitomo Besshi Hospital

NetAttest supports the hospital’s network where security is required. Easy operation of a secure network with terminal authentication and DHCP in conjunction with SDN.

SUMITOMO BESSHI HOSPITALSumitomo Besshi Hospital was established for the workers of Sumitomo Metal Mining Co., Ltd. and their families. It moved to the current location in 1966 and started taking general social insurance. It supports the health of local people as the largest hospital in the Toyo

X

TOPIC INTRODUCTION RESULTS

Desire to reduce the operational burden of the five isolated networks1 The SDN (Software Defined Network) integrates the

multiple hospital networks into one

Desire to improve the security of a network that deals with important data2 MAC address authentication eliminates unauthorized

terminals of various devices, including medical devices

Desire to make the IP address management of diversified terminals easier3 Introduce DHCP appliances to reduce IP address

management effort

District of Ehime prefecture. A partnership with patients is important, with thorough informed consent, disclosure of medical information, and conducting health management courses, etc.

Headquarters Location: 3-1 Ojicho, Niihama-shi, Ehime-ken Japan https://www.sbh.gr.jp/

CASE STUDY | Introduction Case | Sumitomo Besshi Hospital

SUMITOMO BESSHI HOSPITAL USAGE IMAGE ILLUSTRATION

THE HOSPITAL INTERNAL NETWORK WAS REVISED WHEN THE NEW HOSPITAL WAS BUILTSumitomo Besshi Hospital, which was

opened in 1883 was the oldest hospital

in Ehime prefecture. It has the largest

scale in the Toyo District of Ehime

prefecture, was designated as a hospital

for regional cancer treatment and also

plays a role as a core hospital in the

region. The number of beds is 360, the

number of outpatients per day is about

800, and the number of inpatients is

also about 260 people per day. There

are about 600 employees who care

for the patients. About 600 staff in the

hospital need to be closely connected,

in order to quickly respond to the

number of patients who visit daily, so

the systemization of IT was promoted

early on. In 2003, we introduced an

ordering system that communicates

the instructions of physicians, nurses

and departments through computers.

After that, an electronic medical

record system was introduced in 2009.

Communication became possible

including medical records information.

Sumitomo Besshi Hospital General Support Department Information Management Center, Information Systems Office and Medical Information Management Office Chief

Mr. Atsushi Norimatsu

With the conventional hospital

infrastructure, physical wiring is

laid out for each network, divided

between the core system, the

information system, the voice

system, the open system, and the

security system for the various

information handling, which

places a large load on operation

management. All of the wiring was

aggregated with SDN in the newly

constructed hospital infrastructure

Internal Infrastructure Wards

Examinationroom

Core network(Electronic medical record information)

Open system network(Wireless LAN for visitors)

Security system network(Monitor camera)

Voice system network

Information systems network

Nurse station

Hospital room

Complex network

Wards

SDN

Internal Infrastructure

Hospital room

Nurse station

Examinationroom

Core network(Electronic medical record information)

Open system network(Wireless LAN for visitors)

Security system network(Monitor camera)

Voice system network

Information systems network

BEFORE AFTER RECONSTRUCTION

with the renovation of the facility, and the software was able to be configured flexibly. In addition, strengthening security and

the operational side was considered, with NetAttest EPS functioning for terminal authentication and NetAttest D3 as the DHCP

server, the infrastructure is designed to be safe, easy to use, and easy to maintain. NetAttest EPS is installed in each redundant

configuration for the core system, information system, and voice system. NetAttest D3 is installed in the same redundant

configuration for the information system, voice system, and open system.

The idea of rebuilding this hospital was

raised six years ago, around 2012. Fifty

years have passed since we moved to

our current location and the building

itself was out of date and the hospital

facilities needed replacement.

“The hospital’s network at that time

had become more complicated with

a spate of renovations, and it was

hard to respond when there were

problems. For this reason, I wanted to

build a simple network that was easy

to maintain and that was able to cope

with the increase in renovations.”

Information Systems Office and

Medical Information Management

Office Chief, Mr. Atsushi Norimatsu, of

the Information Management Centre of

the Sumitomo Besshi Hospital who was

in charge of the general information

systems in the hospital looked back

at the time when he summarized the

plan of the hospital network with the

construction of the new hospital.

Three points were established when

rebuilding the network in the new

hospital. (1) New construction of the

hospital network, (2) Migration and

update of 40 types of systems used

for electronic medical records and

departments, and (3) Improved patient

amenities.

What was especially concerning

was the newly configured network

inside the hospital. It was necessary

to pay the utmost attention to the

handling of information because of

the characteristics of the hospital, and

the old hospital was divided into five

networks because of differences in

Soliton Systems Europe N.V. Jachthavenweg 109-A, 1081 KM Amsterdam, The Netherlands | +31 (0)20 280 6060 | emea@solitonsystems.com | www.solitonsystems.com

2020 © All information herein was carefully gathered and examined, however, Soliton Systems cannot be held responsible for mistakes or incompleteness of content. Soliton Systems may change or modify parts at any time without notification and accepts no liability for the consequences of activities undertaken based on the contents.

system and data handling. The “Core

system,” which handles personal

information such as electronic medical

records, the “Information system,” for

exchanging information among staff

members, the “Voice system” for a nurse

call or staff PHS, the “Open system” for

patients to connect to the Internet in

the hospital, and the “Security system”

that deals with surveillance cameras

and electronic locks.

A SECURE AND SIMPLE SOLUTION FOR SDN AND TERMINAL AUTHENTICATIONThe maintenance of the physical

wiring was one of the problems of

having the network dividing into five.

The improvements in the building

were required due to the policies

that the country announced based

on the characteristics of a hospital.

With traditional networks, large-scale

wire laying construction is sometimes

required, the wiring becomes

cumbersome and maintenance can

be expensive. Therefore, we thought

to integrate the separate physical

networks in the new construction of

the hospital network and manage

this with an SDN (Software-Defined

Network). With SDN, you can combine

things into one physical wiring and then

logically divide it into multiple networks

by application, making a simple

configuration possible. In addition,

it was a necessary issue in order to

create a security-secured mechanism in

terms of dealing with patients’ personal

information.

“I was looking for a product that could

control the devices that connect to the

network. NetAttest EPS and NetAttest

D3 were the only ones that I found with

members with advanced installation.

It was also conclusive that the stability

of the Soliton systems product and the

support system were substantial, not to

mention the functionality that satisfied

all the requirements.” (Mr. Norimatsu)

In the SDN environment introduced

at the new hospital, each network is

logically independent and there is a

mechanism so they do not influence

each other. Therefore, the gateway

policy is important. The network

authentication appliance “NetAttest

EPS” was configured to perform the

authentication for the core network,

information, and voice systems that

handle important data, and where

especially strong security is necessary.

In the hospital, in addition to devices

such as PCs, smart phones, and tablets,

various terminals such as medical

devices are also connected.

There is an authentication mechanism

based on MAC address information

that can be used as a common key for

these devices.

Mr. Norimatsu said the following about

the effect of “NetAttest EPS.”

“It was essential for security to be able

to prevent equipment from connecting

to the network other than those

approved by the system personnel.

With NetAttest EPS, you can perform

MAC address authentication with a

simple operation and can prevent

access by unauthorized devices.”

THE DHCP SERVER CAN BE CONFIGURED TO SUPPORT A WIDE VARIETY OF DEVICESIn addition to the terminals distributed

at the hospital, the terminals that

connect to the hospital network include

PCs that the patients and physicians

bring into hospital. Based on the

diversity of terminals, we thought that

an IP address distribution system was

also necessary and introduced the

dedicated appliance “NetAttest D3” as

a DHCP server. This makes it easy to

connect to the LAN and the Internet by

simply connecting the terminals used in

the hospital to the network.

“Some doctors bring private PCs to the

hospital to create materials to present

at conferences. Nowadays, it’s not

uncommon to use the Internet to get

the latest information. In the past, there

was only a limited Wi-Fi environment,

and the only way to use the Internet

was for the physician or an individual

patient to contract a data line service.

Thanks to the introduction of NetAttest

EPS, NetAttest D3 and SDN, not only

was operational load reduced, but I

think it created a secure environment

for the doctors and patients to use,”

said Mr. Norimatsu.

Through the development of network

infrastructure, system migration and

renovation, and the improvement

of amenities for patients, the facility

has been attracting attention in the

prefecture as a “leading ICT-related

medical facility.” Mr. Norimatsu said

we are looking at building a regional

cooperation system that connects

hospitals and clinics in the prefecture

with VPNs. With this installation, Mr.

Norimatsu, who has realized the high

quality of the product, says he is also

thinking of using the Soliton systems

products in his plan.