Data Center Recommendations

From Clinfowiki
Jump to: navigation, search

Data Center Recommendations for Mission Critical Applications

The health care industry relies on many mission critical applications which must be available to clinicians 24 hours a day. The systems themselves need to be housed in a location where they can be accessed yet be secure. This post lists the primary considerations for the infrastructure required whether considering an internal Capitol expense or an outsourced data center. When determining where to host the applications such as EHR’s or PACS, consider these key elements:

Physical Specifications Make sure the location is on flat, stable ground with no known faults, flood plains, flight paths or other geological threats. The cages or racks should be bolted to the floor and the building should be up to code on seismic considerations. The data center floor should be static dissipative. Consider a 24/7 Network Operations Center (NOC) for monitoring and incident management or consider outsourcing this activity. Mechanical System The cooling system needs to be redundant and cost effective in at least an N+1 configuration. Servers need to be in a controlled humidity to a range 45% + or - 5 degrees. There needs to be a smoke detection system. Alerts from these systems should be reported and logged in the NOC. Fire suppression system should be in place. Power Infrastructure Power density is important and ~200 watts per square foot (5 kW per cabinet) is recommended for a current data center. Redundant A/B, 120/208V power options should be available. Power needs to available 24/7, so N+1 Uninterruptible Power Supplies (UPSs) either battery or flywheel are required. A separate electrical utility feed and diesel generators in an N+1 configuration are recommended. Safety/Access Control/Surveillance Only authorized personnel should be allowed in the data center and all access should be logged. Authorized personnel via a security system like an electronic prox card with photo and/or biometric IS’s can ID block unauthorized access. An intrusion detection system (IDS) needs to be in place with alarming. Include appropriate cameras with a history log of 90-days which of recording provide internal and perimeter surveillance. The NOC should monitor the following systems; infrastructure power monitoring, Internet circuits, data center temperature and humidity, generators, switchgear, UPSs, cooling plant and life safety. Network Infrastructure A minimum of two carriers to the Internet should be available. Find tier one carriers to reduce latency and provide enough bandwidth to send large files quickly. Make sure the carrier offers an service level agreement (SLA) for uptime and QoS.

Submitted by (Lorraine Bessmer)