8 PCs one computer using the thunderbolt optical cables

[shadowtech27]

Alright so basically me and my dad are building up a medical clinic. i just have a few questions to ask. i was watching a LTT video of the 8 gamers one cpu video and then saw linus' personal setup at his house using the thunderbolt optical cable to run his peripherals in another room. i was wondering if i can combine the two ideas and have 8 rooms each with its own peripherals doing all the patient input and whatnot all using the thunderbolt optical cable all using one PC locked away in another room. idk if this is possible but your input would be great, Thanks

[ALwin]

2 minutes ago, shadowtech27 said:

Alright so basically me and my dad are building up a medical clinic. i just have a few questions to ask. i was watching a LTT video of the 8 gamers one cpu video and then saw linus' personal setup at his house using the thunderbolt optical cable to run his peripherals in another room. i was wondering if i can combine the two ideas and have 8 rooms each with its own peripherals doing all the patient input and whatnot all using the thunderbolt optical cable all using one PC locked away in another room. idk if this is possible but your input would be great, Thanks

And if that single point of failure fails, you lose the ability to monitor all eight patients....

[Electronics Wizardy]

There is a correct way to do this. Buy a system like a dell r7910, install a tesla gpu, then use xen to manage all the vms.

 

You can then use thin clients like a dell wyse for all the pcs.

 

This way that you are proposing may work, but isn't supported and will have issues and id stay away from it.

[Wolther]

No.. Don't do this as there are many issues that can come with it. And you never know if an issue will occur during a critical point. I'd just suggest cheap PCs for each room and a server for them to all get data from/input to

[shadowtech27]

7 minutes ago, ALwin said:

And if that single point of failure fails, you lose the ability to monitor all eight patients....

huh you do have a point there. 

 

8 minutes ago, Electronics Wizardy said:

There is a correct way to do this. Buy a system like a dell r7910, install a tesla gpu, then use xen to manage all the vms.

 

You can then use thin clients like a dell wyse for all the pcs.

 

This way that you are proposing may work, but isn't supported and will have issues and id stay away from it.

okay so basically atm this idea could be risky and have a few downsides. the thing is that we dont want the patients near the computers, messing around with the files and potentially exposing HIPPA protected data about other patients. is there anything you guys recommend to deal with the issue of people using the PCs while the doctor/nurse isnt in the room? because the combination i proposed up there was my only idea to deal with it.

[ALwin]

3 minutes ago, shadowtech27 said:

huh you do have a point there. 

 

okay so basically atm this idea could be risky and have a few downsides. the thing is that we dont want the patients near the computers, messing around with the files and potentially exposing HIPPA protected data about other patients. is there anything you guys recommend to deal with the issue of people using the PCs while the doctor/nurse isnt in the room? because the combination i proposed up there was my only idea to deal with it.

Can you clarify?  This "central machine" you are thinking of is also going to be hooked up to medical monitoring and life support devices or is it just going to be connected to "dumb" PC terminals that would let people check emails, browse the web, etc?

 

If it's going to be connected to medical devices and life support systems, I really recommend you NOT build your own PCs.  While it may be more cost effective, you may prefer having enterprise level type of support from companies such as DELL or HP, or perhaps suppliers with experience in supplying computer equipment for hospitals.

 

You can store all sensitive information inside a secure database, behind access control accounts, no?  Aren't patients' medical histories stored in some sort of database application and not kept in Excel/Word files?

[shadowtech27]

2 minutes ago, ALwin said:

Can you clarify?  This "central machine" you are thinking of is also going to be hooked up to medical monitoring and life support devices or is it just going to be connected to "dumb" PC terminals that would let people check emails, browse the web, etc?

 

If it's going to be connected to medical devices and life support systems, I really recommend you NOT build your own PCs.  While it may be more cost effective, you may prefer having enterprise level type of support from companies such as DELL or HP, or perhaps suppliers with experience in supplying computer equipment for hospitals.

 

You can store all sensitive information inside a secure database, behind access control accounts, no?  Aren't patients' medical histories stored in some sort of database application and not kept in Excel/Word files?

basically the computers are just going to be used to access files "read/write" only type of thing. nothing SUPER major is going to be relying on these machines. but the central PC(in the office) is going to store the patient files and theres going to by an offsite pc as a backup(backups will occur everynight to the offsite). i just want something to access patient files and write to them as well but not have the Actual PC in each room susceptible to tampering from other people (ex.a usb drive with malware to automatically install on the pc causing and violating multiple HIPPA rules)

[Logarithm]

2 minutes ago, shadowtech27 said:

huh you do have a point there. 

 

okay so basically atm this idea could be risky and have a few downsides. the thing is that we dont want the patients near the computers, messing around with the files and potentially exposing HIPPA protected data about other patients. is there anything you guys recommend to deal with the issue of people using the PCs while the doctor/nurse isnt in the room? because the combination i proposed up there was my only idea to deal with it.

Lock the computers every time you leave them. You are proposing a far too complicated solution for a relatively easy to deal with problem. Just use small local clients and a central server. It's really a much better, cheaper, and easier to maintain solution.

[shadowtech27]

2 minutes ago, Logarithm said:

Lock the computers every time you leave them. You are proposing a far too complicated solution for a relatively easy to deal with problem. Just use small local clients and a central server. It's really a much better, cheaper, and easier to maintain solution.

If there isnt any other way of really securing them i think we'd actualy have to go that route. we just care alot about the patients and there extremely confidential files.  

[ALwin]

13 minutes ago, Logarithm said:

Lock the computers every time you leave them. You are proposing a far too complicated solution for a relatively easy to deal with problem. Just use small local clients and a central server. It's really a much better, cheaper, and easier to maintain solution.

Yeah just have a central server and local clients.  Install password control, user accounts, firewalls and anti-virus/malware tools.  Also, I think you can have USB ports and such disabled and don't give administrative accounts to people who shouldn't have them.  In fact, when you buy/build the machines, buy ones with the fewest number of USB ports (no more than necessary), no optical drives, etc.

[ALwin]

2 minutes ago, shadowtech27 said:

If there isnt any other way of really securing them i think we'd actualy have to go that route. we just care alot about the patients and there extremely confidential files.  

I think if you have a strong enough digital security, you can relax a bit.  Also as these machines are going to be near sensitive medical equipment, don't use wifi or have wifi adapters.  Use cables.

 

You can also lock the PC cases inside a cabinet so that people cannot connect or disconnect devices.  Only the keyboard, mouse, and monitor will be outside the cabinet.  There are special designed cabinets for such a purpose.

[Logarithm]

2 minutes ago, shadowtech27 said:

If there isnt any other way of really securing them i think we'd actualy have to go that route. we just care alot about the patients and there extremely confidential files.  

How would the solution that you are proposing be any better?

[PaintChips]

DIY in the medical field should be reviewed by a lawyer for possible HIPPA issues, small regional type clinics can typically stick with HIPPA compliant terminals/thin clients which don't have any data physically stored on them. If you *must* deploy PCs in each room opt for a business class PC or motherboard which supports locking all the USB ports from any external storage devices, Dell, HP and a few B-series mobos support Intel Small Business Management Toolkit. There are security mounts/locking keyboard-mouse trays to secure a computer so the USB ports/mouse/keyboard can't be accessed or tampered with.

 

Back when I formed a startup we used thin clients to cut expenses for part-time staffers so they didn't have physical access to certain hardware/data(they were restricted to cloud/web services which was great from a security standpoint), Dell & HP are better for the medical field as they have devices which are geared for the medical field with durability in mind too.

[LAwLz]

Do NOT fuck around when it comes to medicine.

Do not give users access to computers which stores sensitive information.

Do not cut corners.

Do not design your security yourself.

[ALwin]

The PCs can be secured in a cabinet like this so that no one can attach or detach devices to copy data.  And don't give internet access to those PCs (if you don't need Internet access) so that people can try to copy and email data.

 

 

[.spider.]

7 minutes ago, shadowtech27 said:

If there isnt any other way of really securing them i think we'd actualy have to go that route. we just care alot about the patients and there extremely confidential files.  

Than let experts set your system up.

With proper encryption, DMZs and the required firewalls and firewall rules.

[shadowtech27]

Just now, ALwin said:

Yeah just have a central server and local clients.  Install password control, user accounts, firewalls and anti-virus/malware tools.  Also, I think you can have USB ports and such disabled and don't give administrative accounts to people who shouldn't have them.  In face, when you buy/build the machines, buy ones with the fewest number of USB ports (no more than necessary), no optical drives, etc.

okay great thanks so much for your input that helps alot

 

does anyone have any recommendations for the PCs that are going to be in the patient rooms. like the most simple PC ever that can handle simple email, read/write files, etc nothing fancy. 

 

I also need recommendations for the central pc that will connect with all the other smaller PCs to serve as a host type of thing so people can login to there accounts and preform little bit more complicated tasks. also i need reccomendations for the offsite Pc that will just handle storing the back ups of the central PC

[ALwin]

5 minutes ago, PaintChips said:

DIY in the medical field should be reviewed by a lawyer for possible HIPPA issues, small regional type clinics can typically stick with HIPPA compliant terminals/thin clients which don't have any data physically stored on them. If you *must* deploy PCs in each room opt for a business class PC or motherboard which supports locking all the USB ports from any external storage devices, Dell, HP and a few B-series mobos support Intel Small Business Management Toolkit. There are security mounts/locking keyboard-mouse trays to secure a computer so the USB ports/mouse/keyboard can't be accessed or tampered with.

 

Back when I formed a startup we used thin clients to cut expenses for part-time staffers so they didn't have physical access to certain hardware/data(they were restricted to cloud/web services which was great from a security standpoint), Dell & HP are better for the medical field as they have devices which are geared for the medical field with durability in mind too.

I agree with this comment that you may have to consult a lawyer just to be sure that you cannot be liable for using custom built PCs instead of getting pre-builts from authorized suppliers.

[shadowtech27]

Just now, ALwin said:

I agree with this comment that you may have to consult a lawyer just to be sure that you cannot be liable for using custom built PCs instead of getting pre-builts from authorized suppliers.

oh yea of course we not using any custom PC for this. but there isnt really an industry standard when it comes to small clinics for the Computers they use. usually what ive seen are regular PC bought at your nearest PC store. 

[ALwin]

Just now, shadowtech27 said:

oh yea of course we not using any custom PC for this. but there isnt really an industry standard when it comes to small clinics for the Computers they use. usually what ive seen are regular PC bought at your nearest PC store. 

You may want to call a company like DELL and see what sort of digital security systems/tools they offer with some of their products (especially at the non-consumer/home, but for work/small and medium business level).

[shadowtech27]

10 minutes ago, LAwLz said:

Do NOT fuck around when it comes to medicine.

Do not give users access to computers which stores sensitive information.

Do not cut corners.

Do not design your security yourself.

we just want the most cost effective but secure options. we are not running a multi millions dollar clinic yet. but im mostly looking into the hardware side of things. we are going to hire someone to do all the security for us like the firewalls and what not. since im not very savvy in that department

[ALwin]

1 minute ago, shadowtech27 said:

we just want the most cost effective but secure options. we are not running a multi millions dollar clinic yet. but im mostly looking into the hardware side of things. we are going to hire someone to do all the security for us like the firewalls and what not. since im not very savvy in that department

That's good, and for the physical security (preventing people connecting USB keys with malicious programs I suggested a security cabinet in a previous comment.  I even posted an image of an example.

[shadowtech27]

Just now, ALwin said:

That's good, and for the physical security (preventing people connecting USB keys with malicious programs I suggested a security cabinet in a previous comment.  I even posted an image of an example.

i was thinking just now if using a laptop/tablet type of situations would work the best since now the physicians/and nurses can have the computer on them at all times. and maybe instead of using of a offsite backup of our own. maybe using a secure cloud service might work as well. unless there is any problems with that as well 

[ALwin]

2 minutes ago, shadowtech27 said:

i was thinking just now if using a laptop/tablet type of situations would work the best since now the physicians/and nurses can have the computer on them at all times. and maybe instead of using of a offsite backup of our own. maybe using a secure cloud service might work as well. unless there is any problems with that as well 

I considered recommending laptops, but was thinking perhaps you would worry about losing them or forgetting to charge the battery  And of course, the issue with wifi signals near potentially sensitive medical devices so you would need people to plug in/out the ethernet cables.

[vorticalbox]

worried about people taking data? There is a reason there are polices in place to stop this sort of thing.

 

locking PCs when you're away, using a key card to unlock the computer or a secure password that needs changed every x days.

 

having a machine near people you don't want seeing data is a necessity when working with external clients of any sort.