530 likes | 562 Vues
Evaluate the background information provided for a new role in a healthcare industry project. Prepare topics for introductory meeting and assess strengths of consulting group. Research HIPAA compliance, NAIC, MAR, Sarbanes-Oxley Act, and provide overviews.
E N D
Computer Networks and Communications Instructor: Professor Stephen Osborne
Task Type: Discussion Board 2 Deliverable Length: 3-4 Paragraphs, 2 Replies per part Points Possible: 75 Due Date: 10/16/2011 11:59:59 PM CT Students will be expected to post their first initial discussion board posting by Wednesday of each week. Discussion posts will be graded and late submissions will be assigned a late penalty in accordance with the late penalty policy found in the syllabus. NOTE: All submission posting times are based on midnight Central Time. Students are expected to post their responses to peers by Sunday. NOTE: All submission posting times are based on midnight Central Time. Part I: For this section of the assignment, you will be in the role of Amy Smith, the principal consultant for the Minnesota Consulting Group. As part of preparation for a meeting with Fred Moore, VP of Technology (CMG) and Brian Walters, Director of Technical Services (CMG), please review the background information provided for your new role (see the course scenario) to better understand MCG and the relationship with your primary client, CMG.
Evaluate the completeness of the course scenario regarding background and the external forces driving projects. Base your evaluation on the concepts of telecommunications at work for the health care industry, telecommunications standards, and regulatory and legislative bodies. • What additional information could the scenario provide to help you in your new role? • Prepare a list of topics and questions to be discussed at your introductory meeting at Central Medical Group. This list should accomplish the following: • They should fill in knowledge gaps regarding the relationship with CMG, your new client. • They should help you understand CMG’s technology direction and architecture. • Related to this meeting, please also describe your impression of the strengths of Minnesota Consulting Group and how you feel MCG can assist CMG. • What areas should MCG improve in to serve Central Medical Group better?
Phase 1 Discussion Board 2 Part 1 Resolution Gather information from the CTU Library or the Internet or use the websites on the next slide for the following topics: • HIPAA Compliance • National Association of Insurance Commissioners (NAIC) • Model Audit Rule (MAR) • Sarbanes Oxley Act (SAR) Once you have completed gathering your information, please provide an overview of each.
What is HIPAA compliance? http://whatishipaa.org/hipaa-compliance.php National Association of Insurance Commissioners (NAIC) http://naic.org/ Model Audit Rule and Implementation http://www.deloitte.com/assets/Dcom-UnitedStates/Local%20Assets/Documents/us_lshc_naic_model_audit_1007.pdf Sarbanes Oxley Act http://searchcio.techtarget.com/definition/Sarbanes-Oxley-Act
HIPAA (Health Insurance Portability and Accountability Act) • HIPAA is a law mandating that anyone belonging to a group health insurance plan must be allowed to purchase health insurance within an interval of time beginning when the previous coverage is lost. The law protects employees, especially those with long term health conditions who may be reluctant to leave jobs because they are afraid pre-existing condition clauses will limit coverage of any such conditions under a new insurance plan, from losing health insurance due a change in employment status. • The law also creates standards dealing with the privacy of health information, which helps prevent improper use of one's medical record.
(NAIC)The National Association of Insurance Commissioners • The National Association of Insurance Commissioners (NAIC) is the organization of insurance regulators from the 50 states, the District of Columbia and the five U.S. territories. The NAIC provides a forum for the development of uniform insurance regulatory policy, when uniformity is appropriate. • State insurance regulators created the NAIC in 1871 to address the need to coordinate regulation of multi-state insurers. Since then, new legislative concepts, new levels of expertise in data collection and delivery, and a commitment to even greater technological capability have moved the NAIC forward into its role as a multidimensional, regulatory support organization. • The mission of the NAIC is to assist state insurance regulators, individually and collectively, in serving the public interest and achieving insurance regulatory goals in a responsive, efficient and cost effective manner, consistent with the wishes of its members.
The Model Audit Rule (MAR) • The National Association of Insurance Commissioners (NAIC) Annual Financial Reporting Model Regulation, also known as the Model Audit Rule (MAR), requires that private insurance companies with direct premiums written and assumed in excess of $500 million per year adopt corporate governance and reporting standards. The Model Audit Rule, originally issued to drive consistency across insurance regulators, was modified in 2006 and will take effect for the year ending 2010. • The new modifications within the Model Audit Rule are very similar to those of the Sarbanes-Oxley Act of 2002 (SOX or Sarbanes-Oxley), which was issued in response to several high-profile fraudulent financial reporting scandals at large public corporations. It was these scandals that caused there to be a much greater emphasis placed on the accuracy of companies’ financial statements and the method in which they were assembled.
Sarbanes Oxley Act (SOX) • When President George W. Bush signed the Sarbanes-Oxley Act of 2002 into law on July 30, 2002, he called the legislation’s provisions “the most far-reaching reforms of American business practices since the time of Franklin Delano Roosevelt.” The act was hailed as wide-sweeping legislation that would increase transparency and restore public confidence in the financial practices of U.S. public companies and accounting firms. After all, Congress asserted, this was the public’s money that was at risk.
Sarbanes-Oxley, officially known as the Public Company Accounting Reform and Investor Protection Act of 2002, was the legislation that followed in the wake of several corporate and accounting scandals including Enron, WorldCom, Global Crossing and Arthur Andersen. • The measure passed both chambers of Congress by overwhelming margins of 423-3 in the House and 99-0 in the Senate. In lauding Sarbanes-Oxley Senator Patrick Leahy (D-VT) commented, “The legal rights and procedures that protect consumers, investors and employees matter now more than ever.” Sadly, Leahy did not include taxpayers among his protected class.
Phase 1 Discussion Board 2 Part II Students will be expected to post their first initial discussion board posting by Wednesday of each week. Discussion posts will be graded and late submissions will be assigned a late penalty in accordance with the late penalty policy found in the syllabus. NOTE: All submission posting times are based on midnight Central Time. Students are expected to post their responses to peers by Sunday. In this assignment you will be in the role of Amy Smith, the principal consultant for MCG.
Use the information from the telecommunications standards document • (produced in the individual project in Phase 1) as a guide to prepare a memo for Central Medical Group. The memo will be addressed to the following: • Fred Moore: VP of Technology • Brian Walters: Director of Technology Services • Julie Nelson: Manager of Infrastructure • The memo should address the following: • General telecommunications standards • Details on areas of highest relevance to your client • Action items to begin a more meaningful dialogue with Central Medical Group • regarding this topic • Submit your memo, and provide constructive feedback to at least 2 of your • classmates. • Be sure to cite and reference all sources using APA style.
Phase 1 Discussion Board 2 Part II Resolution Gather information from the CTU Library, the Internet, or use the below websites on the following topics: • International Telecommunications Union (ITU) • Telecommunications Industry Association (TIA) International Telecommunications Union (ITU) http://www.itu.int/en/Pages/default.aspx Telecommunications Industry Association (TIA) http://www.tiaonline.org/ Once you have completed gathering your information, please provide an overview of each.
ITU (International Telecommunication Union) ITU (International Telecommunication Union) is the United Nations specialized agency for information and communication technologies – ICTs. They allocate global radio spectrum and satellite orbits, develop the technical standards that ensure networks and technologies seamlessly interconnect, and strive to improve access to ICTs to underserved communities worldwide. ITU is committed to connecting all the world's people – wherever they live and whatever their means. Through our work, we protect and support everyone's fundamental right to communicate.
Telecommunications Standards Development (TIA) • TIA is accredited by the American National Standards Institute (ANSI) to develop voluntary industry standards for a wide variety of telecommunications products. TIA's Standards and Technology Department is comprised of ten technology areas which sponsor more than 70 standards formulating groups. • These technology areas are Mobile Private Radio, Steel Antenna Towers, Multi Function Peripheral Devices, Satellites, User Premises Equipment, Premises Cabling (both copper and fiber), Mobile Communications Systems, Terrestrial Mobile Multimedia Multicast, Vehicular Telematics and Healthcare. Each area is represented by engineering committees and subcommittees that formulate standards to serve the industry and users well into the next century.
Task Type: Individual Project 2 Deliverable Length: 3–5 pages Points Possible: 100 Due Date: 10/17/2011 11:59:59 PM CT Weekly tasks or assignments (Individual or Group Projects) will be due by Monday and late submissions will be assigned a late penalty in accordance with the late penalty policy found in the syllabus. NOTE: All submission posting times are based on midnight Central Time. In the context of telecommunications standards, prepare a 3–5 page white paper that describes the general differences between and the pros and cons of current wireless standards 802.11b, 802.11a, 802.11g and 802.11n.
Phase 1 Individual Project 2 Resolution Research the CTU Library, Internet or the below website for information that explain the pros and cons of the current wireless standards 802.11b, 802.11a, 802.11g and 802.11n. http://compnetworking.about.com/cs/wireless80211/a/aa80211standard.htm
IEEE 802 Wireless Standards • The IEEE 802 Standard comprises a family of networking standards that cover the physical layer specifications of technologies from Ethernet to wireless. IEEE 802 is subdivided into 22 parts that cover the physical and data-link aspects of networking.
All the 802.11 specifications use the Ethernet protocol and Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA) for path sharing. The original modulation used in 802.11 was phase-shift keying (PSK). • However, other schemes, such as complementary code keying (CCK), are used in some of the newer specifications. The newer modulation methods provide higher data speed and reduced vulnerability to interference.
What constitutes a computer replacement for a human operator? • In private telephone networks, an operator has historically had to answer a phone to answer questions and transfer the caller. This was transformed into a system where routine callers were sent to a dumb system that let them input a number and then transferred them to that exchange; however, the operator was still around for confusing or extraordinary cases. Modern telephone systems are actually capable of handling almost everything autonomously using tools from voice recognition to repetitive menu options to analysis of caller responses. • In the public telephone system, human operators at the highest levels were quickly replaced with mechanisms to automatically transfer a call between areas. At the lowest levels, automated sequences could take a dialed number and transfer it to the appropriate area. The middle levels of intrastate or interstate toll calls took the longest time to be moved to an automated system largely due to federal regulations. Most telephone systems have stopped using physical circuits in favor of newer, less expensive, and easier to maintain virtual circuits.
What is the difference between a physical and a virtual circuit? • A physical circuit is a physical connection from one point to another that is wholly dedicated to that connection. For example, if a user makes a call from Dallas to Santa Fe, an operator (human or mechanical) would have to physically ensure that there was a solid circuit from the caller's home to the Dallas exchange, to some number of intermediary exchanges to Santa Fe's exchange, and then finally to the remote number. If there was no available circuit, then a no-lines- available signal would be sounded to the caller. • A virtual circuit takes advantage of computerized routers. Instead of worrying about a physical connection, the virtual circuit assumes that the two points are connected and that it has to find a route; therefore, it would try the most direct route from the home, to Dallas, to Santa Fe to the remote number. If the route did not exist, it would automatically try more circuitous routes (e.g., if necessary, through Kansas City or Chicago). When this call was finished, the system would immediately open up the amount of bandwidth that the phone call required for anyone to use in any other circuit.
What is bandwidth, and what affects bandwidth? • Bandwidth refers to the amount of data that a medium is capable of carrying. There are a number of different concerns: How much noise does the medium introduce? How much can the medium carry (e.g., fiber optic cables with more strands can carry more signals)? How efficient is the data representation algorithm (e.g., later modem protocols could fit more data into the same telephone connection)? Sometimes bandwidth and throughput are used in the same connotation. • Throughput is the amount of data actually being sent. If a home network uses cabling rated for 100 megabits per second (Mbps) signals, it does not mean that it will be sending 100 Mbps. Not only is there the potential for slower network cards or slower routers, there will be time when the users are asleep or otherwise not sending data. Similarly, if a computer can send data at 100 Mbps, it does not mean that it can process the data fast enough to send it at that speed or that there is even enough data to send to arrive at 100 Mbps. • Overhead is another metric that affects bandwidth and deals with the amount of data sent. If a user wants to send a text file to another computer, there will need to be some overhead attached to the file by the network that contains the remote address, packet numbering, and other related information.
What is a modem? • Modem stands for modulator-demodulator and essentially is an electro-aural conversion device: It takes the electrical signals that a computer wants to send, encodes them into a sound pattern, and plays that sound over a phone line. The remote modem takes the sound, decodes it into an electrical signal, and passes the information to the computer. Telephone lines can only hold so much information in accordance with their ratings. At a certain point, 56k modems were determined to need some scaling back and only connect at a certain speed to be sure that they did not require too much electrical power in the telephone lines and become a fire hazard. • Modems were initially slow enough that there are stories of people able to whistle with their lips or with a whistle to trick a remote computer into doing things. As time went on, the signals became faster and less able to be mimicked. Even at their fastest, telephone modems are still orders of magnitude slower than more modern connection methods.
What are the modern connection methods? • Most modern Internet Service Providers (ISP) use either digital subscriber line (DSL) or cable Internet connectivity, which utilize an existing infrastructure. As long as the public telephone line is not too old, the telephone company can utilize a portion of it to transmit data to and from the user and still allow use of the telephone line. In a nutshell, this involves encoding the data in the very high registers above levels at which a human can hear or speak. The problem is that some of this signal depreciates over distance, which means that the distance from a local trunk regulates the maximum connection speed. • Cable Internet utilizes the cable television infrastructure's coaxial cables that can carry a very large number of channels. Essentially, cable Internet utilizes some number of these channels to send Internet data instead of television signals. The connection speed for any given connection is dependent on the total throughput of a neighborhood because this is a shared line. Satellite Internet is similar to cable Internet but uses a satellite signal instead of cable. However, satellites are strictly a one-way connection (satellite to dish) so there is no way to send HTML requests and such to the ISP. As a result, most satellite users need a telephone connection to send upstream data. • Fiber optic Internet involves laying new cables. Some ISPs are laying fiber optic cable in a new infrastructure. This infrastructure is data oriented instead of being telephone or cable oriented. The telephone or television signal can be sent over the cable, but the change in focus allows for a much higher connection speed than traditional connections often on the order of a magnitude or more.
What is DARPA? • DARPA, the Defense Advanced Research Projects Agency, is a premier military think tank for finding new ways to utilize technology. DARPA was tasked with creating a redundant communications network in case any given node got disconnected. The telephone network was hierarchical so it meant that if something happened to just one or two key locations, it could effectively separate one part of the country from the other. • DARPA's solution was to develop a mesh network that connected each node to several others with no apparent hierarchy. Data were important rather than voice signals because this was a private project, and one of the biggest purveyors of raw data is the academic community. Academic institutions were some of the original backbones for DARPANet. As other organizations and companies began to see the economic benefits of having this type of connection, it grew to eventually become an international network known as the Internet.
What are some hurdles to Internet Service Providers (ISPs) offering different services? • Most telecommunications companies are converging into organizations that offer multiple types of data, such as telephone companies that offer cellular service or cable companies that offer Internet access. There is often more competition among the companies; however, much of this competition is minimized by reciprocal agreements where different telecommunications providers agree to split territory up accordingly. • This is also being threatened by new technologies such as fiber optic Internet access, which are not bound by these agreements. As a result, companies tend to offer more functionality for lower prices; however, the general side effect of this is that customer service tends to degrade.
What is cellular service? • Cellular service is a form of wireless telephone service. Rather than the standard telephone lines, a cell tower provides a wireless signal to all cellular devices within its transmission distance. The term cellular comes from the fact that each tower's transmission area is called its cell. Subscribers switch cells when they move from one cell to another cell, which is one of the complexities consistently being researched to find better ways of handling cells. • Cellular service comes in two forms: voice and data. Both are handled more or less the same way, but they are measured differently. Voice is typically measured in seconds of connection time. Data service is measured in kilobytes sent and received. A few odd types such as pictures or text messages are really data transmissions but are easily measured in whole units and so are often registered differently. Recently, a number of companies have begun to offer unlimited data packages.
What are some potential areas for convergence in networks? • One of the areas that is consistently revolutionizing is the convergence between wireless and wired desktops. Bluetooth, for example, was originally designed to be used for a Personal Area Network (PAN) to let consumers wirelessly connect an MP3 player to a cell phone or to a pager. However, desktop manufacturers have increasingly utilized it for wireless desktop issues because of its utility. • In addition, Bluetooth is often the protocol that bridges cellular and desktop systems because it can do exactly what it is intended to do: It connects devices over a short range. It is not useful for connecting computers together in a network because it is better utilized with burst data than sustained data; however, it is perfect for connecting wireless keyboards and mice or connecting cell phones, PDAs, pagers, or any other device to the computer for synchronization or other data interchange.
Where is cellular service headed? • Modern cellular networks are relying more on data transmissions with the idea of providing more utility and greater efficiency. The idea is to allow users to connect their PDAs or laptops to an already present cellular network. Cell phones will become more like computers, able to perform basic office functions, listen to music, keep appointments, or stream video. The goal of cellular networks is to provide similar functionality to wire broadband connections while not overloading their cellular networks and still making a profit. • On the other hand, there is a strong movement going the other way. A number of users find that they do not need advanced functionality. They think a phone should be just a phone with no more functionality than that and work should stay at work rather than being constantly carried with a person at all times because of an advanced networking device connected wirelessly. A dichotomous result is likely until a middle road is developed that appeals to both sides.
TCP/IP Network Protocols This presentation introduces the Transmission Control Protocol/Internet Protocol (TCP/IP) internetworking suite of protocols. The TCP/IP protocol suite is the standard protocol for all major network operating systems, making its mastery a prerequisite for all networking professionals. TCP/IP protocols comprise four major layers: internal networking, management, and control protocols; data transport protocols; logical addressing protocols; and physical addressing protocols. On one hand, each layer is dedicated to handling the tasks with which it is associated. On the other hand, the layer is responsible for interfacing with adjacent layers to provide end-to-end communication.
A TCP/IP protocol is either connection-oriented or connectionless. A connection-oriented protocol first establishes the connection, transfers the data, and finally closes the connection. A connectionless protocol, on the other hand, simply labels each packet (or message) with a destination address and other control information, and sends it. Another attribute of protocols is that a protocol is either reliable or unreliable. A reliable protocol performs error checking and correction. An unreliable protocol has no error checking mechanism. Its reliability, if needed, is provided by some other protocol or the invoking application. • The management and control protocol set, comprising Internet Message Control Protocol [ICMP], Simple Network Management Protocol [SNMP], Internet Group Management Protocol [IGMP], and Simple Mail Transport Protocol [SMTP] are not administered directly, but are controlled through operating system or application software configuration.
The major function of a transport protocol is to accept the continuous data stream provided by applications and divide it into packets. In TCP, this process is called segmentation. The TCP protocol is a connection-oriented protocol. It provides reliable communication by numbering and monitoring the reception of each packet. It ensures that the sender and receiver can exchange data effectively by using flow control methods. TCP provides flow control through (1) buffering, a process by which data is stored until it can be processed; (2) windowing, establishing the maximum rate at which the receiver can accept data; and (3) congestion control, where the choke points on the network are detected and managed. • Internetwork protocols handle addressing: determining the logical address of the network and the host. Internetwork protocols, such as IP, are used by routers to ascertain the path that messages should follow through the network, and which path is most efficient. Internetwork protocols also handle the conversion between the logical address used and the physical address, Media Access Control (MAC address), used by each device on the network. Internetwork protocols create data packets, and can further subdivide segments to accommodate different maximum transmission unit sizes on different network types.
Network protocols frame the segments received from internetwork protocols with the physical address of the immediate recipient, which is different from the final address in a routed network, and provide an error checking trailer for the datagram frame. • This allows frames which have been physically disrupted to be detected and dropped, so that upper-layer protocols will not waste time handling a defective message unit.
Overview of the OSI model Many standardization organizations such as the International Standard Organization (OSI) suggested approaching the problem of designing a computer network as a layered architecture. OSI has suggested a model called Open Systems Interconnection (OSI) to explain the functions involved in the design of a complex computer network.
OSI Seven-Layer Model The OSI model consists of seven layers. The seven layers are the physical layer, data link layer, network layer, transport layer, session layer, presentation layer, and application layer.
Physical Layer The physical layer comes at the bottom of the 7 layer model. This is the layer responsible for all data communications at the physical level. At this layer, we deal directly with the signal, and we are interested in issues such as modulation, multiplexing, encoding, and signal delays. An example of a device that is used at this layer is the repeater. A repeater is a device that repeats a digital signal when it becomes weak. Its function is similar to an amplifier without amplifying any noise.
Data Link Layer The data link layer is responsible for reliability of the data. The functions that are performed at this level are flow control and error control. Flow control algorithms try to match the speed of the sender and the receiver against each other. The sender should not be sending information at a speed that the receiver cannot handle. A very well-known protocol that is used for this purpose is called Sliding Window Protocol.
Network Layer The network layer is responsible for routing data from the source of the destination. The routing function is performed using a device called router. Routers contain tables which are, interestingly enough, called routing tables. When a router receives a data unit (or packet) from an input line, it checks its source and destination. Based on the source and destination, and using the routing table, the data unit is forwarded to one of the output lines of the router. A very well-known protocol that is used at this layer is the IP protocol.
Transport Layer The transport layer is responsible for the whole delivery of the message. An important function of this layer includes segmentation and reassembly. The data at higher layers are divided into smaller units (usually called packets). These data units are not delivered in order to the destination. Reassembling the data units is done at the transport layer. Well-known protocols at this layer are TCP or UDP.
Session layer The session layer is responsible for establishing a session between the communicating parties. The session layer allows two parties to start communications using a mode of communications such as half-duplex (one party sending at a time) or full-duplex (two parties sending at the same time)
Presentation Layer The presentation layer deals with data generated from the application layer. The presentation layer changes the format of the data as required. Functions that can fit in this layer are compression and encryption. We note here that these functions can be performed at the application layer, and there is actually not much functionality assigned to the presentation layer.
Application layer • The application layer is the layer where all applications run and generate data. Examples of these applications are File Transfer Protocol (FTP), email, Telnet, HTTP, etc. Although the OSI model was developed by a standardized organization, it does not have an implementation for computer networking protocol. Instead, it is a good reference model that explains all networking functions and how they interact with each other.
OSI Model Overview Cont’d In this presentation, we give some more detail regarding the seven layers of the OSI model. In the networking world, we define a protocol as a set of rules that specify exactly how communications take place between the different network devices. Each layer in the OSI model is formally defined by its own protocol. The protocol expresses all the details of how a given layer communicates with its adjacent layers, as well as its corresponding layer at the other machine. With this perspective in mind, the set of protocols in the OSI model is said to be a part of a suite of protocols. Protocols are used in both LAN and WAN contexts, and they may also be open or proprietary.
Network Protocols 1 Let’s look at some Internet protocols, currently used in many networks.
FTP Protocol • The File Transfer Protocol (FTP) is the standard protocol for file transfer of data between two computers. FTP is an example of a protocol that runs at the application layer. The protocol transfers files from one host to another using two channels. The first channel is used to transfer the data. The second channel is used to transfer control commands.
HTTP Protocol • The HyperText Transfer Protocol (HTTP) is the most common protocol that all users of the Internet are familiar with when using Internet browsers such as Internet Explorer or Netscape. The protocol uses a language called the Hypertext Markup Language (HTML) to view documents. • The kinds of pages displayed by the HTML language are called static pages because their content does not change from one browsing session to the next. To create dynamic pages, a Web server is required to create such documents using technologies such the Common Gate Interface (CGI) or ASP.NET.
DHCP Protocol • The Dynamic Host Configuration Protocol (DHCP) is used to assign an IP address to any computer or device attached to the Internet. There are two ways for computers to get IP addresses. The first method is called static assignment. In this method, a network administrator assigns an IP address to each computer in the network. • The administrator must keep track of all the addresses used in the network and their users. In a large network, such as the case of an ISP provider, static assignment is not efficient. First, there might not be enough IP addresses to assign to all users given the fact that users might not be connecting all the time. Second, it becomes untraceable to know who is assigned which IP address. In such situations, DHCP server assigns an IP address automatically to a computer when it needs to connect to the Internet.