+1(978)310-4246 credencewriters@gmail.com
  

Security Critique Wellness Center

[WLOs: 2, 3] [CLOs: 2, 7]

Prior to beginning work on this assignment, read pages 429 to 456 in Chapter 12 of

Systems Analysis and Design

and the

Health IT Privacy and Security Resources for Providers (Links to an external site.)

web page.

To prepare your paper, review both the

Bright Day Wellness Center (BDWC) Case Study

as well as the

Bright Day Wellness Center (BDWC) ePHI inventory

Download Bright Day Wellness Center (BDWC) ePHI inventory

Excel workbook. This workbook consists of data  recorded by the Bright Day Wellness Center manager during a personal  health information inventory requested by the BDWC board of trustees and  was executed by a health IT consulting firm hired to conduct the  inventory and advise the board on security risks at the center.

I

n your paper,

Analyze the electronic protected health information (ePHI) inventory  collected by the BDWC staff including all line items recorded in each  workbook (devices, online systems, and other ePHI locations).

Focus on high-risk line items based on the reading and the Office of National Coordinator required resources.

Critique the risk specific to the addition of physical therapy activity tracker biometric devices.

Analyze feasible technical, operational, and financial resources and actions needed to mitigate identified security risks.

Formulate a call to action statement summarizing the most significant risks for the board of trustees’ attention.The Security

Critique Wellness Center paper

Chapter 12
Managing Systems Support and
Security
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Learning Objectives (1 of 3)
•After this chapter, you will be able to:
• Describe user support activities
• Define the four types of maintenance
• Explain seven strategies and techniques for
maintenance management
• Describe techniques for system performance
management
• Explain system security concepts and
common attacks against the system
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Learning Objectives (2 of 3)
• Explain three tasks related to risk
management concepts
• Assess system security at six levels: physical
security, network security, application security,
file security, user security, and procedural
security
• Describe backup and disaster recovery
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Learning Objectives (3 of 3)
• List six factors indicating that a system has
reached the end of its useful life
• List future challenges and opportunities for IT
professionals
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
User Support (1 of 3)
•Successful systems often need the most
support
• Users want to learn features
•User training
• IT Department may develop a user training
package
• Training users about system changes is
similar to initial training
• Objective: show users how the system can
help them perform their jobs
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
User Support (2 of 3)
•Help or service desks
• Show people how to use resources effectively
• Provide answers to technical or operational
questions
• Make users more productive by teaching them
how to meet their own information needs
• Boost productivity using remote control
software
• Allows IT staff to take over a user’s workstation and
provide support and troubleshooting
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
User Support (3 of 3)
•Outsourcing issues
• Offshore call centers can trim expenses and
free up valuable human resources for product
development
• Customers may shop elsewhere if the quality
of tech support decreases
• Critical factors
• Phone wait times
• Performance of support staff
• Online support tools
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Maintenance Tasks (1 of 6)
•Ongoing maintenance expenses can
determine the economic life of a system
• Operational costs
• Maintenance expenses
• Maintenance activities
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Maintenance Tasks (2 of 6)
Figure 12-2 The total cost of operating an information system includes operational and maintenance
costs. Operational costs (green) are relatively constant, while maintenance costs (purple) vary over time.
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Maintenance Tasks (3 of 6)
•Corrective maintenance
• Diagnoses and corrects errors in an
operational system
• Standard procedures are set for minor errors
• Worst-case situation is a system failure
• Requires a patch
• When the system is operational again, the
maintenance team determines the cause, analyzes
the problem, and designs a permanent solution
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Maintenance Tasks (4 of 6)
•Adaptive maintenance
• Adds enhancements to an operational system
and makes the system easier to use
• Procedure for minor adaptive maintenance is
similar to routine corrective maintenance
• Users submit requests that are evaluated and
prioritized by the systems committee
• Can be more difficult than new systems
development
• Enhancements must work within constraints of
existing system
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Maintenance Tasks (5 of 6)
• Perfective maintenance
• Changing an operational system to make it
more efficient, reliable, and maintainable
• Cost-effective during the middle of the
system’s operational life
• Performed using software reengineering
• Software reengineering: uses analytical techniques
to identify potential quality and performance
improvements in an information system
• The more a program changes, the more it
becomes inefficient and difficult to maintain
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Maintenance Tasks (6 of 6)
•Preventive maintenance
• Requires analysis of areas where trouble is
likely to occur
• IT department initiates preventive
maintenance
• Results in:
• Increased user satisfaction
• Decreased downtime
• Reduced TCO
• Competes for IT resources
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Maintenance Management (1 of 6)
•The maintenance team
• System administrator: manages computer and
network systems
• Systems analysts: locates problem sources
• Programmers: applications, systems, and
database programmers
• Organizational issues: organizations have
groups that perform maintenance and new
systems development
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Maintenance Management (2 of 6)
•Maintenance requests
• Involve a series of steps
• Initial determination
• Consideration by the system review committee
• Task completion and user notification
•Establishing priorities
• Systems review committees separates
maintenance requests from new systems
development requests or evaluate all projects
together
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Maintenance Management (3 of 6)
FIGURE 12-7: Although the procedure varies from company to company, the
chart shows a typical process for handling maintenance requests.
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Maintenance Management (4 of 6)
•Configuration management
• Controls changes in system requirements
during software development
• Becomes critical as enterprise-wide
information systems grow more complex
• Important to systems with multiple versions
running in different hardware and software
environments
• Helps in organizing and handling
documentation
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Maintenance Management (5 of 6)
•Maintenance releases
• Documents and installs changes as a new
version
• Maintenance release methodology: retains all
noncritical changes and implements them
simultaneously
• All changes are tested together, resulting in fewer
versions and lesser expense
• New features of upgrades are available less often
• Service packs: maintenance releases provided
by commercial software suppliers
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Maintenance Management (6 of 6)
•Version control
• Process of tracking system releases or
versions
• Prior release is archived and restored in case the
new version fails
• Firms use commercial applications that handle
version control for complex systems
•Baselines
• Measure characteristics at a specific time
• Types: functional, allocated, and product
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
System Performance Management
(1 of 4)
•Fault management
• Includes monitoring the system for signs of
trouble, logging all system failures, diagnosing
the problem, and applying corrective action
•Performance and workload measurement
• System performance is measured using
benchmark testing and metrics
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
System Performance Management
(2 of 4)
•Response time
• Overall time between a request for system
activity and the delivery of the response
•Bandwidth and throughput
• Kbps (kilobits per second), Mbps (megabits
per second), and Gbps (gigabits per second)
• Examples of standards of metrics
• Arrivals, busy, completions, queue length
• Service time, think time, utilization, wait time
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
System Performance Management
(3 of 4)
•Turnaround time: applies to centralized
batch processing operations
• Measures the time between submitting a
request for information and the fulfillment of
the request
• Used to measure the quality of IT services
• Management uses current performance and
workload data as input for the capacity
planning process
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
System Performance Management
(4 of 4)
•Capacity planning
• Monitors current activity and performance
levels
• Anticipates future activity and forecasts
resources required to provide desired service
• Uses what-if analysis
• Requires detailed information and an accurate
forecast of future business activities
• Objective: provide effective support
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
System Security (1 of 4)
•Vital part of every computer system
•System security concepts
• CIA triangle: shows main elements used to
develop a security policy
• Confidentiality
• Integrity
• Availability
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
System Security (2 of 4)
Figure 12-14 System security must provide information confidentiality, integrity, and availability (CIA).
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
System Security (3 of 4)
•Risk management
• Risk identification
• List and classify assets and analyze possible threats
• Identify vulnerabilities and how they might be
exploited
• Risk assessment
• Risks need to be calculated and prioritized
• Risk control
• Strategies: avoidance, mitigation, transference, and
acceptance
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
System Security (4 of 4)
Figure 12-15 Risk management requires continuous risk identification, assessment, and control.
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Security Levels (1 of 12)
•System security
involves six
separated but
interrelated levels
Figure 12-19 Each security link has a specific
focus, and the overall chain is only as strong as
the weakest link.
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Security Levels (2 of 12)
•Physical security
• Operations center security
• Each entrance must be equipped with a suitable
security device
• Servers and desktop computers
• Install locks on server racks to avoid unauthorized
placement of keystroke loggers
• Tamper evident cases and BIOS-level passwords
can be used
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Security Levels (3 of 12)
• Portable computers
• Select an operating system with strong protection
• Mark case with company name and address
• Consider devices that have a built-in fingerprint
reader, facial recognition, and use the Universal
Security Slot (USS)
• Back up all vital data before using the computer
outside the office and link the system to a tracking
software
• Use location services
• Be alert to high-risk situations while traveling
• Establish stringent password protection policies
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Security Levels (4 of 12)
•Network security
• Encrypt network traffic: private key encryption
and public key encryption
• Wireless networks: WPA2 strengthens the
level of wireless protection
• Private networks can be used when speed is
necessary
• Virtual Private Networks (VPN) establish
secure connections for a large number of
computers
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Security Levels (5 of 12)
• Ports and services can be affected by port
scans and denial of service (DOS) attacks
• A port routes incoming traffic to the correct
application and a service monitors a particular port
• Firewalls allow or block network traffic from
each network interface based on preset rules
• Network intrusion detection system (NDIS)
alerts the administrator when it detects
suspicious network traffic patterns
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Security Levels (6 of 12)
FIGURE 12-22: In a DoS attack, an attacker sends numerous
authentication requests with false return addresses. The server tries
unsuccessfully to send out authentication approval and is eventually
disabled by the floor of requests. More sophisticated DoS attacks are
distributed (DDoS), as shown in this figure. Instead of a single computer,
the attacker uses an army of botnets (computers unknowingly infected
with malware that are difficult to trace) to attack the target.
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Security Levels (7 of 12)
•Application security
• Services that are not needed must be disabled
• Unnecessary or improperly configured service
could create a security hole
• Hardening removes unnecessary accounts,
services, and features
• Application permissions: must be configured to
be run by users who have specific rights
• Input validation helps safeguard data integrity
and security
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Security Levels (8 of 12)
• Patches and updates are used to repair
security holes, reduce vulnerabilities, and
update the system
• Software logs document all events and help
understand past attacks and prevent future
intrusions
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Security Levels (9 of 12)
•File security
• Encryption: scrambles the contents of a file or
document to protect it from unauthorized
access
• Permissions: describe the rights a user has to
a particular file or directory on a server
• User groups: administrators can create user
groups and assign file permissions
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Security Levels (10 of 12)
•User security
• Identity management: controls and procedures
necessary to identify legitimate users and
system components
• Password protection: policies need to specify
a set minimum length, complexity, and a limit
on invalid attempts
• Social engineering: intruder uses social
interaction to gain unauthorized access to a
computer system
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Security Levels (11 of 12)
• User resistance: users need to understand
and be a part of the organization’s
commitment to security
• New technologies can be used to enhance
security and prevent unauthorized access
• Security token is a physical device that
authenticates legitimate users
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Security Levels (12 of 12)
•Procedural security (operational security)
• Policies and controls that ensure secure
operations
• Defines how particular tasks are to be
performed
• Includes safeguarding procedures that would
be valuable to an attacker
• Organization must explain procedures and
issue reminders that will make security issues
a priority
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Backup and Recovery (1 of 2)
•Backup policies
• Backup media: includes tape, hard drives
optical and online storage
• Offsiting: storing backup away from main location
• Cloud-based storage is growing rapidly
• Backup types: full, differential, incremental,
and continuous
• Retention periods: backups are stored for a
specific time beyond which they are either
destroyed or reused
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Backup and Recovery (2 of 2)
•Business continuity issues
• A disaster recovery plan should be created
along with a test plan
• Often part of a business continuity plan (BCP):
defines how critical business functions can continue
during a major disruption
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
System Retirement
•Factors
• Maintenance increasing steadily
• Operational costs or times increasing rapidly
• Software package provides the same or
additional services more efficiently
• New technology offers a way to perform the
same or additional functions more efficiently
• Maintenance changes or additions are difficult
and expensive to perform
• Users request significant new features
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Future Challenges and
Opportunities (1 of 3)
•Trends and predictions
• Cybercrime will increase significantly
• Smartphones and tablets will become the
dominant computing platform
• Software-as-a-Service will become the norm
• Cloud computing will become the principal
computing infrastructure
• Insourcing will increase
• Large enterprises may require suppliers to
certify green credentials and sourcing policies
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Future Challenges and
Opportunities (2 of 3)
•Strategic planning for IT professionals
• System analysts should work backwards from
goals to develop intermediate milestones
•IT credentials and certification
• Professional organizations and IT industry
leaders offer continuing educational courses
and credentialed certifications
•Critical thinking skills
• System analysts should possess soft skills
and critical thinking skills
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Future Challenges and
Opportunities (3 of 3)
•Cyberethics
• As computers permeate more and more of our
lives, the decisions made by IT professionals
can have serious implications
• Situations may arise involving ethical
considerations that are not easy to resolve
• Ethical, social, and legal aspects of IT are
topics that today’s systems analyst should be
prepared to address
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Summary (1 of 3)
•Systems support and security
• Implementation of an information system until
the system no longer is used
•Types of system maintenance
• Corrective, adaptive, perfective and
preventative
•Maintenance team
• Systems analysts and programmers
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Summary (2 of 3)
•Configuration management and system
performance measurements
• Necessities of maintenance management
•Security is a vital part of every computer
system
• Risk management identifies, analyzes,
anticipates and reduces risk to an acceptable
level
• Data backup and recovery plans are essential
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Summary (3 of 3)
•All information systems eventually become
obsolete
• Intense competition is predicted in the future
•IT professionals should have a strategic
career plan
• Long-term goals
• Intermediate milestones
Systems Analysis Design, 12th Edition. ©2020 Cengage. May not be copied, scanned, or duplicated, in whole or in part, except for use as
permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use.
Bright Day Wellness Center (BDWC) Case Study
Background:
Bright Day Wellness Center (BDWC) is a health and wellness facility with one
location in
the San Diego California area. The facility offers the following services:
License chiropractic
visits, licensed physical therapy visits, licensed massage therapy services and
yoga instruction.
The facility is licensed to operate as a provider within the state of California
and provider staff
such as the chiropractors, physical therapist and massage therapist are
currently licensed
professionals in their fields.
In terms of information technology platforms, the center uses a claims and
billing
application called Pronto to collect and store insurance information for clients
and submit
claims for billable services. The system runs online through computers at the
wellness center.
Physical therapist also used a secure online system called PT FIMS which is
a clinical information
system that automatically calculates functional independence measure her
scores for PT clients
allowing compliant billing for physical therapy services. Clinical documentation
is done
manually and paper charts that are stored in file drawers in various locations
throughout the
center. BDWC has a website. Currently the website is not used as an
interactive tour but a
passive web page with information about the center. There are testimonials
and deidentified
images on the website for marketing purposes.
Current Challenge/Opportunity Scenarios:
Scheduling: the clinical leaders and board of trustees who govern the
wellness center would
like to investigate moving toward a secure online scheduling application for
used by both
clients and internal staff. There is a perception that there is a great deal of
inefficiency and
confusion with regard to clinical scheduling. This is especially true of billable
services such as
physical therapy and chiropractic visits. There is a local technology company
(the company who
runs the wellness center website) called Technology Zoom who has offered to
develop a
customized scheduling application for BDWC.
Biometrics: Recently the lead physical therapist attended a conference and
developed a lowcost deal with a vendor who provides PT biometric tracking activity devices for
clients who
require intensive physical therapy. The PT director at BDWC obtained five of
these devices and
allocated these devices to his most active current physical therapy patients.
The devices were
put on the BDWC network so that the physical therapist could see client data
uploads on a real
time basis from the devices through wireless connectivity. IP addresses for
these pilot testing
devices were provided remotely by a technician at the Technology Zoom
company who
maintains the BDWC network.
DWC Volume Information:
6000 billable client visits per year about 1/3 PT and the reminder chiropractic
750 massage appointments per year
350 Yoga clients
IT Scheduling Solutions: Financial Information:
A local information technology development company called Technology
Zoom Inc. has offered
to develop the clinical scheduling platform for BDWC.
• Cost of programming $85.00/hour
• Cost of analyst time $85.00/hour
• Cost of project manager time $110.00/hour
• Estimates for end user requirements gathering time required of PTs, office
staff
and chiropractors is 200 hours
• Programming time is unknown until requirements are completed and signed
off.
• Recent occupational therapy office scheduling application was 300
programming
hours and 200 analyst hours to develop.
In terms of investigating other purchased software options for client
scheduling, the
manager of the DWC has been meeting with sales representatives from a
software as a service
company such as Luma Health and others. Based on current volumes for
physical therapy and
chiropractic appointments, Luna helper has submitted a preliminary bed
determining that they
could run the BWC physical therapy and chiropractic appointments on a
secured software as a
service cloud basis through their application for $15,000 per month.
This fee includes all maintenance and upgrades and reporting for the software
once it is up and
running. The initial fee to get the clinic up and running and configured on the
software is
estimated to be approximately $35,000 in consultative and end-user training
fees. Luma
Software retrieved from:
Build vs. Buy Tool
Purpose
This Total Cost of Ownership (TCO) calculator provides enterprises with a framework
for comparing the cost of building a new application to that of buying a new software
package. The table below
lists the various cost categories associated with the lifecycle of an enterprise
application. The categories and items in this tool should not be taken as an exhaustive
list; there are spaces within each
section of the TCO spreadsheet to add additional costs as required.
Cost Categories
Project management • Costs associated with preparatory work and due diligence
associated with the software adoption.
• Includes requirements gathering, training, and evaluation.
Software • Software development costs in the case of building.
• The capital expenditure of software licenses and related fees in the case of buying.
Maintenance and support • Cost of upgrading and administering the hardware,
application, and database.
• The support staff labor hours and costs, training labor and fees, travel, support
contracts and management overhead.
Opportunity costs • Staff time allocated to the project.
• Time lost to schedule delays.
Instructions
1. Go to the worksheet labeled “TCO Calculator.” Fill in the appropriate values for each
cost category (cells to be filled in are highlighted in white). Please note that this
calculator does not account for
the depreciation of capital assets.
2. After filling in the necessary values, go to the Results tab to see a graphical
comparison of the two adoption approaches in terms of cumulative cost
Bright Day Wellness Center (BDWC) Case Study
Background:
Bright Day Wellness Center (BDWC) is a health and wellness facility with one location in
the San Diego California area. The facility offers the following services: License chiropractic
visits, licensed physical therapy visits, licensed massage therapy services and yoga instruction.
The facility is licensed to operate as a provider within the state of California and provider staff
such as the chiropractors, physical therapist and massage therapist are currently licensed
professionals in their fields.
In terms of information technology platforms, the center uses a claims and billing
application called Pronto to collect and store insurance information for clients and submit
claims for billable services. The system runs online through computers at the wellness center.
Physical therapist also used a secure online system called PT FIMS which is a clinical information
system that automatically calculates functional independence measure her scores for PT clients
allowing compliant billing for physical therapy services. Clinical documentation is done
manually and paper charts that are stored in file drawers in various locations throughout the
center. BDWC has a website. Currently the website is not used as an interactive tour but a
passive web page with information about the center. There are testimonials and deidentified
images on the website for marketing purposes.
Current Challenge/Opportunity Scenarios:
Scheduling: the clinical leaders and board of trustees who govern the wellness center would
like to investigate moving toward a secure online scheduling application for used by both
clients and internal staff. There is a perception that there is a great deal of inefficiency and
confusion with regard to clinical scheduling. This is especially true of billable services such as
physical therapy and chiropractic visits. There is a local technology company (the company who
runs the wellness center website) called Technology Zoom who has offered to develop a
customized scheduling application for BDWC.
Biometrics: Recently the lead physical therapist attended a conference and developed a lowcost deal with a vendor who provides PT biometric tracking activity devices for clients who
require intensive physical therapy. The PT director at BDWC obtained five of these devices and
allocated these devices to his most active current physical therapy patients. The devices were
put on the BDWC network so that the physical therapist could see client data uploads on a real
time basis from the devices through wireless connectivity. IP addresses for these pilot testing
devices were provided remotely by a technician at the Technology Zoom company who
maintains the BDWC network.
BDWC Volume Information:
6000 billable client visits per year about 1/3 PT and the reminder chiropractic
750 massage appointments per year
350 Yoga clients
IT Scheduling Solutions: Financial Information:
A local information technology development company called Technology Zoom Inc. has offered
to develop the clinical scheduling platform for BDWC.
•
•
•
•
•
•
Cost of programming $85.00/hour
Cost of analyst time $85.00/hour
Cost of project manager time $110.00/hour
Estimates for end user requirements gathering time required of PTs, office staff
and chiropractors is 200 hours
Programming time is unknown until requirements are completed and signed off.
Recent occupational therapy office scheduling application was 300 programming
hours and 200 analyst hours to develop.
In terms of investigating other purchased software options for client scheduling, the
manager of the DWC has been meeting with sales representatives from a software as a service
company such as Luma Health and others. Based on current volumes for physical therapy and
chiropractic appointments, Luna helper has submitted a preliminary bed determining that they
could run the BWC physical therapy and chiropractic appointments on a secured software as a
service cloud basis through their application for $15,000 per month.
This fee includes all maintenance and upgrades and reporting for the software once it is up and
running. The initial fee to get the clinic up and running and configured on the software is
estimated to be approximately $35,000 in consultative and end-user training fees. Luma
Software retrieved from:
https://www.lumahealth.io/cp-appointmentscheduling?ppc_keyword=%2Bscheduling%20%2Bhealthcare&gclid=CjwKCAjwyqTqBRAyEi
wA8K_4O_zXbb6jqfU3iZ26XVR1S6myuuBGxYqSEGcsno_IhWMfzD7emWjYhBoCzYwQA
vD_BwE

Purchase answer to see full
attachment

  
error: Content is protected !!