application , compliances , data-center-soc-noc , health-care-hipaa-hitech-hitech , security

Sample – Healthcare (HIPAA, HiTRust, HiTech) Tiered Application and System Support Services

October 8, 2018

Healthcare (HIPAA, HiTrust, HiTech) Tiered Application and System Support Services

Tiered Application and System Support Services

Measures include:

o   Time to Respond (Priority 1-4)

o   Time to Resolve (Priority 1-4)

o   % of Open Break Fix Issues that Exceed the SLA

o   Tier 1 Applications / System Availability (system uptime):

 

  • Cerner
  • Meditech
  • PACs
  • PPP
  • McKesson Star
  • Lawson
  • Core Network Systems
  • EICU

 

Tiered Application and System Support Services

  • Time to Respond – Amount of time required for an incident (ticket) to be assigned for work.

Ø  Monthly Goals:

Description Proposed Goal
Priority 1 (Urgent): 90% within 15 minutes
Priority 2 (High): 90% within 4 Business Hours
Priority 3 (Med): 90% within 1 Business Day
Priority 4 (Low): 90% within 3 Business Days

 

Name of SLA Proposed Goal
Time to Respond Priority 1 (Urgent) 90% within 15 Minutes
Time to Respond Priority 2 (High) 90% within 4 Business Hours
Time to Respond Priority 3 (Medium) 90% within 1 Business Day
Time to Respond Priority 4 (Low) 90% within 3 Business Days

 

Tiered Application and System Support Services

  • Time to Resolve – Amount of time required for an incident (service) to be restored.

Ø  Monthly Goals:

Description Proposed Goal
Priority 1 (Urgent): 90% within 4 Hours
Priority 2 (High): 90% within 8 Business Hours
Priority 3 (Med): 90% within 3 Business Days
Priority 4 (Low): 90% within 10 Business Days

 

Name of SLA Proposed Goal
Time to Resolve Priority 1 (Urgent) 90% within 4 Hours
Time to Resolve Priority 2 (High) 90% within 8 Hours
Time to Resolve Priority 3 (Medium) 90% within 3 Business Days
Time to Resolve Priority 4 (Low) 90% within 10 Business Days

 

  • % of Open Break Fix Issues that Exceed SLA – percentage of open Incidents (tickets) that exceed the SLA for all Priority levels in a given month.

Ø  Monthly Goal:  < 35%

Name of SLA Proposed Goal
% of Open Break Fix Issues that Exceed SLA < 35% of Open Break Fix Issues

 

 

 

 

 

  • Tier 1 Applications / System Availability

Ø  Monthly Goal:  >99.9%

Name of SLA Proposed Goal
Tier 1 Applications / System Availability >99.9% Availability
Tier 1 Applications / System Availability >99.9% Availability
Tier 1 Applications / System Availability >99.9% Availability
Tier 1 Applications / System Availability >99.9% Availability
Tier 1 Applications / System Availability >99.9% Availability
Tier 1 Applications / System Availability >99.9% Availability
Tier 1 Applications / System Availability

(Core Network Systems)

>99.9% Availability
Tier 1 Applications / System Availability >99.9% Availability

 

Customer Support Services

  • Measures include:

Ø  Total Call Volume

Ø  Average Speed to Answer

Ø  Call Abandonment Rate

Ø  First Call Resolution Rate

 

  • Total Call Volume – number of calls into each of the Help Desks in a given month.
Help Desk Proposed Goal
Denver  Administration xxxxxx
Houston HD xxxxxx
California Server xxxxxx
  • Average Speed to Answer / per Queue (Seconds) – average length of time required (in seconds) to answer calls into the Help Desk in a given month.

Ø  Monthly Goal:  < 55 seconds

 

Help Desk Proposed Goal
Denver  Administration < 55 seconds
Houston HD < 55 seconds
California Server < 55 seconds

 

  • Call Abandonment Rate / per Queue – rate of calls where the caller hung up while phoning the Help Desk in a given month.

Ø  Monthly Goal:  < 15%

Help Desk Proposed Goal
Denver  Administration < 15%
Houston HD < 15%
California Server < 15%

 

  • First Call Resolution Rate – rate of incidents resolved during the first call to the Help Desk.

Ø  Monthly Goal:  > 50%

Help Desk Proposed Goal
Denver  Administration > 50%
Houston HD > 50%

 

 

 

  • Measures currently include:

Ø  Tier 1 Application and System Back-Ups

v  Monthly Goal:  >75% Successfully backed up within window

Name of SLA Proposed Goal
Tier 1 Application and System Back Ups >75% Successfully

 

Security Services

  • Measures include:

Ø  Virus Protection on Currency Servers within 7 days

Ø  Virus Protection on Currency Desktops within 7 days

v  Monthly Goal:  > 90%

Name of SLA Proposed Goal
Virus Protection Currency Servers (Within 7 Days) > 90% Virus Protection Compliance
Virus Protection Currency Desk Tops (Within 7 Days) > 90% Virus Protection Compliance

 

  • Measures include:

Ø  Change Timeliness of Non-Routine Changes (Urgent, High, and Medium)

Ø  Change Accuracy of Non-Routine Changes (Urgent, High, and Medium)

Ø  % of Urgent and High Unplanned Emergency Changes

Name of SLA Proposed Goal
Change Timeliness of Non-Routine Changes (Urgent, High, and Medium) > 95% Of Changes completed within the Change window
Change Accuracy of Non Routine Changes (Urgent, High, and Medium) > 95% Change Success
% of Urgent and High Unplanned Emergency Changes < 20% of High and Urgent Changes Submitted as Emergency

 

Report and Review Services

  • SLA Review Reports published to the OCIO and Service Delivery Sub-Committee on time
  • Percentage of SLAs that meet or exceed targets (Scorecard Metric)
  • Scorecard published to the OCIO and Service Delivery Sub-Committee on time
  • Scorecard data received on time
  • Percentage of Scorecard measures that meet or exceed targets

Ø  SLA Dashboard and ITS Balanced Scorecard are published on the last business day of each reporting month

 

Name of SLA Proposed Goal
SLA Review Reports Published to OCIO and Service Delivery Sub-Committee on Time > 95% Reported on Time
Percentage SLAs that meet or exceed targets (SCORECARD METRIC) > 80% Reported Green (18 month goal)
Scorecard Published to OCIO and Service Delivery Sub-Committee on Time > 95% (15th of the Month)
Scorecard Data Received on Time > 95% (Received prior to the 26th of the Month)
Percentage of Scorecards measures that meet or exceed targets > 80% Reported Green

 

 

Report and Review Services

Measures include:

Ø  Customer Satisfaction (LITED) Reports Published to the OCIO and Service Delivery Sub-Committee on Time

Ø  LITED:  percent overall that meets overall expectations of IT Delivery in 5 focus areas. (SCORECARD METRIC)

Ø  LITED:  percent of Action Plans completed on Time (SCORECARD METRIC)

Ø  SLA Review Reports Published to OCIO and Service Delivery Sub-Committee on Time

Ø  Percentage of SLAs that meet or exceed targets (SCORECARD METRIC)

Ø  Scorecard Published to OCIO and Service Delivery Sub-Committee on Time

Ø  Scorecard Data Received on Time

Ø  Percentage of Scorecards measures that meet or exceed targets

 

Customer Satisfaction (LITED) Reports Published to the OCIO and Service Delivery Sub-Committee on Time

Ø  Published on the last business day of the reporting month

Name of SLA Proposed Goal
Customer Satisfaction (LITED) Reports Published to OCIO and Service Deliver Sub-Committee on Time > 95% Reported on Time

 

LITED:  Percent overall that meets overall expectations of IT Delivery in 5 focus areas. (SCORECARD Performance Review and National Scorecard METRIC)

Ø  Did IT meet the overall expectations of Service Delivery in the following Focus Areas:

  • Operations Service Delivery (OSD) – includes Help Desk, Desktop Support and Direct Customer Support
  • Program & Project Delivery (PPD) – includes EPMO, Legal, Contract & Vendor Management
  • Service Quality (SVC)
  • Value Creation (VAL)
  • Relationships (REL)

 

Name of SLA Proposed Goal
LITED:  % overall that meets overall expectations of IT Delivery in 5 focus areas. (SCORECARD METRIC) > 75% Reported Meets Expectations

 

 

LITED:  Percent of Action Plans completed on time.  (SCORECARD Performance Review and National Scorecard METRIC)

Name of SLA Proposed Goal
LITED:  % of Action Plans completed on Time (SCORECARD METRIC) >95% Completed

 

SLA Review Reports published to the OCIO and Service Delivery Sub-Committee on time

  • Percentage of SLAs that meet or exceed targets (Scorecard Metric)
  • Scorecard published to the OCIO and Service Delivery Sub-Committee on time
  • Scorecard data received on time
  • Percentage of Scorecard measures that meet or exceed targets

Ø  SLA Dashboard and IT Balanced Scorecard are published on the last business day of each reporting month

Name of SLA Proposed Goal
SLA Review Reports Published to OCIO and Service Delivery Sub-Committee on Time > 95% Reported on Time
Percentage SLAs that meet or exceed targets (SCORECARD METRIC) > 80% Reported Green (18 month

goal)

Scorecard Published to OCIO and Service Delivery Sub-Committee on Time > 95% (15th of the Month)
Scorecard Data Received on Time > 95% (Received prior to the 26th of the Month)
Percentage of Scorecards measures that meet or exceed targets > 80% Reported Green

 

Tiered Applications and System Support Services

Customer Support Services

Business Continuity Management Services

Security Services

Change Management Services

IT Release and Project Management Services

Report and Review Services

Contracting and Vendor Management Support Services

 

In relation to the clinical needs of the patient

    1. In anticipation of Medicare AND insurer changes
  1. These are not the only influencers of cost & revenue (i.e. Case Managers, Physicians, OR Staff, Service Line Leadership)
    1. Cerner
    2. Meditech
    3. PACs
    4. PPP
    5. McKesson Star
    6. Lawson
    7. Core Network Systems
    8. EICU

 

Corporate Future Growth Strategy Involves Significant Influx Of New Physicians, Staff, And Clinical Facilities.

  • Align newly acquired operations with Corporate security standards quickly and efficiently – without impact to acquisition/integration timelines.

 

Address security gaps at time of acquisition.

  • Avoid inheriting non-compliant systems or processes
  • Synergy with tech-refresh activities associated with the acquisition

 

Due Diligence

  • Identify any security issues that are material to the acquisition.
  • Assess amount of security investment needed to bring acquired operation into compliance with Corporate standards.

 

 

Pre-Integration

  • Risk assessment to identify gaps in infrastructure and processes.
  • Remediation to stop-gap any critical items.
  • Establish roles and provision access for new staff.
  • Overlay Corporate standard security technologies.

 

Post-Integration

  • Bring systems and processes into alignment with Corporate standards.
  • Ensure and maintain compliance.

 

Internal Scans

  • Vendor being used for initial scans to allow for implementation of program by staff
  • Internal team will lead vendor initiative and implement program simultaneously

 

External Scans

  • All Corporate external addresses
  • Denver address space represented here
  • Remaining results to be reviewed with groups next week

 

Acquisition Scans

  • Qualys acquisition represented
  • Rescan April 2019
  • Remediation results reported after rescan
  • Chattanooga Heart scan report to be completed next week.

 

Divestiture Scans

  • No active divestitures

 

Future State Vision

  • Consistent, holistic enterprise-wide approach.
  • Cover all information assets.
  • Coordinate security and business resilience.
  • Enable access to accommodate physician growth and workforce mobility.
  • Establish a control structure framework to meet and manage HIPAA and PCI compliance.

 

Program Maturity Objectives

  • Meet defined customer service objectives.
  • Predictable cost for sustainable compliance.
  • Active management and significant reduction of risk.
  • Adoption across entire enterprise.
  • Business decisions influenced by trends and metrics.
  • Program covers new and emerging risks (mobile, virtualization etc.).

 

www.bestitdocuments.com