When every minute counts…
We have very few simple hospitals to treat sophisticated diseases, at affordable costs, in tier-2, tier-3 cities and rural areas
he day 13/7 was a dark day for the city of Mumbai. A few minutes before 7 pm, three bombs exploded within minutes at three of the most crowded areas of the nation’s commercial capital. Just before the cell phone networks jammed, my wife called me to give me this news. 7:10 pm - I whipped out my smartphone and logged on to some popular news sites. No reports yet. Had I logged on to Twitter, I would have seen a stream of tweets, from citizens reporting live from the street. The next day, it was heartening to read in the newspapers about how Mumbai’s resilient citizens used Twitter to offer help and crucial information. @qtfan (a tweeter from medical services) said, ‘am a doc Text me on if U need med help/ call JJ Hospital on 022-23735555...#Here2Help’. Other Tweeters offered all forms of help: pickups, drops, food, and volunteering their blood for donation. They even shared their numbers – something tweeters do not usually do. Later, someone took the initiative of compiling and circulating an Excel spreadsheet with 250 names and numbers of Mumbai’s citizens who pledged all kinds of help. In situations like this, when every minute counts, sharing information is crucial. It is imperative that the critically wounded receive treatment as quickly as possible. The public willingly offered their vehicles to rush the injured to hospital; the doctors and medical staff at Mumbai’s leading hospitals responded quickly and efficiently, notwithstanding all the challenges and inadequacies. The doctors were worried about their stocks of blood running out. Some hospitals could not accommodate more patients due to unavailability of beds. And specialists needed to move between hospitals to attend to patients on an emergency basis. Many relatives could not trace their injured kin. Technology can play an important role in situations like the one I just described. For instance, the interconnection of information networks of hospitals, through health information exchanges (HIS), could make a big difference. An HIS could offer important information such as the list of blood donors (with contacts), the list of specialists, availability of beds in hospitals and details of patients admitted. And it could offer all this information to the public on the Web. In India, we face a typical problem with healthcare: We have a few sophisticated hospitals to treat sophisticated (or complicated) diseases, and these are mainly in urban areas. We have very few simple hospitals to treat sophisticated diseases, at affordable costs, in tier-2, tier-3 cities and rural areas. Our Principal Correspondents, Ayushman Baruah and Vinita Gupta, report on how information technology (IT) can play a key role in bridging the rural-urban divide and in making quality healthcare available to the mass at an affordable cost. u Brian Pereira is Editor of InformationWeek India. firstname.lastname@example.org
informationweek august 2011
Cover Design : Deepjyoti Bhowmik
22 cover story IT: A lifeline of Healthcare IT has transformed the healthcare sector by streamlining operations and ensuring enhanced and real-time diagnosis and treatment for patients
Taking healthcare to the bottom of the pyramid
Hey Doc! Just ask Watson
With hospitals increasingly feeling the need to adopt IT, solution vendors are working towards tapping this opportunity amid tricky challenges
IBMâ€™s Watson technology powers a popular game show in the U.S. But the analytical and natural language processing capabilities of the machine has useful applications in the field of medicine. The day is not far when Watson will help medicos take more accurate life-saving decisions
How cloud can improve medical image sharing Memorial Hermann Healthcare System utilizes a a secure, high-speed system to transfer thousands of diagnostic-quality images to caregivers
How to make medicine smarter
How mobile tech can fight war on diabetes
Blood centers use web-based business intelligence Business intelligence software, LogiXML, enables Blood Centers of America to buy and sell blood supplies online
Do you Twitter? Follow us at http://www.twitter.com/iweekindia
informationweek august 2011
Find us on Facebook at http://www.facebook. com/informationweekindia
Johns Hopkins Medicine uses intelligent IT support for medical innovation and streamlining processes
ONC-funded Beacon Communities will pilot a mobile health campaign to aid in the diagnosis and treatment of the prevalent chronic illness
If youâ€™re on LinkedIN, reach us at http://www.linkedin.com/ groups?gid=2249272
THE BUSINESS VALUE OF TECHNOLOGY
20 HP puts its printers in the cloud Most of the company’s printers are web-enabled, cloud-aware and have an e-mail address — so that you can print from anywhere, anytime, using any device. Say goodbye to stodgy device drivers and troublesome paper jams!
42 Tablet test iPads and other mobile consumer devices have made their way into the exam room, bringing with them concerns about security, tech support, and infection control
56 ‘IPv6 seeds have to be planted now’ Yves Poppe Head-IPv6, Tata Communications
58 ‘IaaS will reduce our operating cost’ William Blausey Senior Vice President and CIO Eaton Corporation
SAP sets up Center of Excellence for HANA in India
Indian IT services market to reach USD 9.5 billion
news analysis............................................ 20
CMS Infosystems gears up for UID
Mobile transactions to reach USD 350 billion by 2015
Manappuram Finance inks 10-year IT deal with IBM
Private cloud market to create one lakh jobs by 2015
technology & risk................................... 68
World’s data more than doubling every two years
analyst angle........................................... 69
Wipro Infotech restores ESIC portal
TFM&A marks its footprint in India
Microsoft launches Office 365 in India CA sees huge growth in service assurance business
down to business......................................72 Global cio....................................................73
august 2011 i n f o r m at i o n w e e k 7
VOLUME 3 No. 03 n August 2011
print online newsletters events research
Managing Director Printer & Publisher Director Group Commercial Director Editor Senior Associate Editor Principal Correspondent Principal Correspondent Copy Editor
: Sanjeev Khaira : Sajid Yusuf Desai : Kailash Shirodkar : Pankaj Jain : Brian Pereira : Srikanth RP : Vinita Gupta : Ayushman Baruah (Bengaluru) : Shweta Nanda
Head Office UBM India Pvt Ltd, 1st floor, 119, Sagar Tech Plaza A, Andheri-Kurla Road, Saki Naka Junction, Andheri (E), Mumbai 400072, India. Tel: 022 6769 2400; Fax: 022 6769 2426
Design Art Director Senior Visualiser Senior Designer Designer
: Deepjyoti Bhowmik : Yogesh Naik : Shailesh Vaidya : Jinal Cheda
Marketing Deputy Manager Advertising Co-ordinator
: Sanket Karode : Jagruti Kudalkar
online Manager—Product Dev. & Mktg. : Viraj Mehta Deputy Manager—Online : Nilesh Mungekar Web Designer : Nitin Lahare Operations Head—Finance Director—Operations & Administration
: Yogesh Mudras : Satyendra Mehra
Sales Bengaluru Manager—Sales : Kangkan Mahanta email@example.com (M) +91 89712 32344 Delhi Manager—Sales : Rajeev Chauhan firstname.lastname@example.org (M) +91 98118 20301 Mumbai Manager—Sales : Rakesh Tendulkar email@example.com (M) +91 97696 42004 Production Deputy Manager : Prakash (Sanjay) Adsul Circulation & Logistics Assistant Manager : Bajrang Shinde Subscriptions & Database Manager Database : Manoj Ambardekar firstname.lastname@example.org Senior Executive : Deepanjali Chaurasia email@example.com
associate office- pune Jagdish Khaladkar, Sahayog Apartment 508 Narayan Peth, Patrya Maruti Chowk, Pune 411 030 Tel: 91 (020) 2445 1574 (M) 98230 38315 e-mail: firstname.lastname@example.org International Associate Offices USA Huson International Media (West) Tiffany DeBie, Tiffany.email@example.com Tel: +1 408 879 6666, Fax: +1 408 879 6669 (East) Dan Manioci, firstname.lastname@example.org Tel: +1 212 268 3344, Fax: +1 212 268 3355 EMEA Huson International Media Gerry Rhoades Brown, email@example.com Tel: +44 19325 64999, Fax: + 44 19325 64998 Japan Pacific Business (PBI) Shigenori Nagatomo, firstname.lastname@example.org Tel: +81 3366 16138, Fax: +81 3366 16139 South Korea Young Media Young Baek, email@example.com Tel: +82 2227 34819; Fax : +82 2227 34866
Abhilash Purushottaman, CA Technologies ..........................................................18 Arvind Subramanian, BCG India ............................14 Biju Velayudhan, G. Kuppuswamy Naidu Memorial Hospital .......22 Dr Hemant Kumar, Dell Services ...........................31 Dr Jai Menon, Bharti Airtel .......................................53 Dr Kamlesh Bajaj, DSCI...............................................52 Dr Manish Gupta, IBM Research - India ..............32 Dr Srinivasa Raghava Vegi, Wipro Infotech ......31 Felix Mohan, Airtel ......................................................53 Gaurav Porwal, Renaccess Healthcare.................25 Jayantha Prabhu, Essar Group ................................54 Kandasamy Sankaran, CSC India ...........................26 Manoj Chugh, EMC India & SAARC ......................16 Neena Pahuja, Max Healthcare ..............................25 Neeraj Sharma, HP IPG India ...................................21 P Unnikrishnan, HP .....................................................53 Pari Natarajan, Zinnov Management Consulting..........................16 Peter Gartenberg, SAP, Indian Subcontinent ...10 Sanjeev Khaira, UBM India .......................................18 Sanket Akerkar, Microsoft Corporation India ...17 Satvinder Pal Singh, Fortis Healthcare ................25
Printed and Published by Sajid Yusuf Desai on behalf of UBM India Pvt Ltd, 6th floor, 615-617, Sagar Tech Plaza A, Andheri-Kurla Road, Saki Naka Junction, Andheri (E), Mumbai 400072, India. Editor: Brian Pereira, Printed at Indigo Press (India) Pvt Ltd, Plot No 1c/716, Off Dadaji Konddeo Cross Road, Byculla (E), Mumbai 400027.
Shuvankar Pramanick, AIMS....................................23
RNI NO. MAH ENG/2001/4730
Suhas Kelkar, BMC Software ...................................67
Sriram Rajan, IBM India /South Asia .....................14 Stephen Miles, CA Technologies ...........................18 Sudev Muthya, CMS Infosystems ..........................12 Sudhir Reddy, MindTree ...........................................55 Sumeet Parashar, CSC (India) ..................................53
ADVERTISERS’ INDEX Company name Page No. Interop IBM Schneider -APC Fujitsu Symantec Tyco Socomec Airtel Cisco Zoho Ad IBM Juniper
Editorial index Person & Organization
Website Sales Contact
2-3 www.interop.com/mumbai/list firstname.lastname@example.org 5 www.ibm.com/in/xoffers 9 www.schneider-electric.co.in 11 www.symantec.com/en/in 13 www.cisco.com email@example.com 15 www.in.fujitsu.com firstname.lastname@example.org 19 www.ManageEngine.com/it360 email@example.com 29-30 37 www.te.com 41 www.socomec-ups.co.in firstname.lastname@example.org 75 www.ibm.com 76 www.juniper.net
Suresh Shenoy, Wockhardt ......................................24 Susheela Venkataraman, Cisco India ...................27 Tushar Kanade, Deenanath Mangeshkar Hospital ...........................................................................24 V P Nandakumar, Manappuram Group of Companies .....................14 Vyomesh Joshi, HP IPG ..............................................21 William Blausey, Eaton Corporation .....................58 Yves Poppe, Tata Communications ......................56
Important Every effort has been taken to avoid errors or omissions in this magazine. In spite of this, errors may creep in. Any mistake, error or discrepancy noted may be brought to our notice immediately. It is notified that neither the publisher, the editor or the seller will be responsible in respect of anything and the consequence of anything done or omitted to be done by any person in reliance upon the content herein. This disclaimer applies to all, whether subscriber to the magazine or not. For binding mistakes, misprints, missing pages, etc., the publisher’s liability is limited to replacement within one month of purchase. © All rights are reserved. No part of this magazine may be reproduced or copied in any form or by any means without the prior written permission of the publisher. All disputes are subject to the exclusive jurisdiction of competent courts and forums in Mumbai only. Whilst care is taken prior to acceptance of advertising copy, it is not possible to verify its contents. UBM India Pvt Ltd. cannot be held responsible for such contents, nor for any loss or damages incurred as a result of transactions with companies, associations or individuals advertising in its newspapers or publications. We therefore recommend that readers make necessary inquiries before sending any monies or entering into any agreements with advertisers or otherwise acting on an advertisement in any manner whatsoever.
informationweek august 2011
News s o f t wa r e
SAP sets up Center of Excellence for HANA in India Think SAP and another three-letter acronym springs to mind: ERP (Enterprise Resource Planning). But the German global software monolith has kept up with the times and expanded its portfolio to include mobility offerings, analytics, in-memory computing, and cloud offerings for SMEs — through subscription services. It is also moving from a direct model to one that intimately involves a large ecosystem of partners and developers. This was evident from the large turnout (1,100) of visitors, customers and partners at the Mumbai leg of the SAP World tour on July 15. And if you thought using and learning SAP meant investments in time and training, it’s time to take another look: the company is making it easier to use and update SAP systems through mobile devices (smart phones and tablets) and social networking interfaces such as Twitter. SAP acknowledged Indian talent and recognized India as an innovation hub. In fact, core development for the popular real-time analytics application, SAP HANA, was done at SAP Labs India. In terms of manpower, SAP India, which is seeing “double-digit” growth here, is the second largest subsidiary for the global company. Speaking at a press conference at SAP World, Peter Gartenberg, MD, SAP, Indian Subcontinent said, “We have seen a tremendous customer interest in HANA and to address this we are announcing our Center of Excellence, together with our partner HP.” The CoE is set up at SAP’s Bandra-Kurla complex office, in Mumbai.
Following its acquisition of Sybase last year, SAP is also making a big push into the wireless and mobility space, with products like Sybase Afaria (for iPads) and others. There have been many takers for the Sybase Unwired Platform in India, claims SAP.
informationweek august 2011
Added Gartenberg, “All of our customers, regardless of size or segment, are seeing powerful use cases for mobilizing their business processes. Our mobility strategy is resonating well in India, especially in light of the dramatic growth of mobile subscribers. Also, we see more smart devices coming online. The cost of smart devices is dropping, along the lines of what we saw with mobile phones in the market. We are also seeing all kinds of tablets in the market and price points are dropping for tablets. We see customers in India skipping the desktop and putting their businesses on mobile devices now. It is exciting to see the growth in the SME market around mobility — it is where we see volumes of orders.”
SAP Labs India works on product localization for both the local and global markets. “Our large base of Indian developers understand the local conditions (for business) better than those of other markets. That helps us bring our entire portfolio to market faster. So when we bring a product to market, it does not have a lot of product gaps in terms of localization — so lesser customization and, hence, lesser cost,” said Gartenberg. SAP also “puts in a lot of localization effort” into the public sector portfolio. Hindi localization is one of the big initiatives that it has taken to address that. In addition, SAP India has a number of activities at the state and national level, the APDRP (energy smart grid) is one example.
SAP is also pursuing the SME/SMB segment by making enterprise offerings such as HANA available to SME customers via cloud-based subscription services. “The cloud is one of the more
Peter Gartenberg, MD, SAP, Indian Subcontinent
exciting portfolios. We’ve seen an accelerated adoption for our Business by Design product in India in the SME markets, particularly in the B & C class cities. The same SME customers use our cloud offerings like BI on Demand, to get the same capabilities of HANA — which used to be in the realm of the largest enterprises. SMEs are now leveraging that technology over the cloud, to do things that were once possible only in very large organizations,” informed Gartenberg. SAP has also announced “a number of” partnerships for the subscription model. Last year it partnered with Wipro for this purpose, and more recently it partnered with IBM for a CRM on Demand solution.
SAP is also excited about its in-memory computing technology and foresees a huge demand for it in the enterprise. The company is also building a bigger hardware ecosystem for in-memory computing. Its partners for this are HP, IBM, Fujitsu, Dell and others. “We see this as truly disruptive, particularly in the data warehousing market. This will offer people a better, cheaper and quicker way to use true large-scale business analytics (with in-memory computing appliances),” said Dale. SAP is showcasing its in-memory computing appliance at its Center of Excellence in Mumbai. It also announced that it will ship a database product (powered by Sybase technology) with its ERP offerings soon. —Brian Pereira
News I T- I TE S
Indian IT services market to reach USD 9.5 billion The Indian IT services market is on pace to reach USD 9.5 billion in 2011, an 18 percent increase from 2010 revenue of USD 7.6 billion, according to Gartner. India’s domestic IT services market ranks third in the Asia-Pacific. The market is forecast to grow to USD 15 billion by the end of 2014. “India’s domestic IT services is a large emerging market in high-growth mode,” said Arup Roy, Principal Research Analyst. “Coupled with other factors such as openness to adopt technology, and a maturing sourcing approach, it represents an attractive target potential for providers of all sizes. The top 10 providers have a cumulative market share of just 42 percent, indicating a highly fragmented market served by many small players with no large, dominant, wellentrenched player. However, this scenario varies widely by submarket such as by industry vertical.” India’s IT services market is quite small as compared to large markets, such as the U.S. or the U.K., but it does offer a growth opportunity to service providers because of the buoyant market conditions. Gartner analysts said the market has a critical mass that is worth tapping and has the potential to expand further with “as a service” type service offerings. “With a historic focus on cost, rather than on value
for money, of services, as well as a propensity for scope creep in Indian services deals, new market entrants must be careful about the opportunities they target,” Roy said. “These providers should consider providing as-a-service/ pay-as-you-go offerings to counter some of these market challenges.” He further added, “There is still room for new players, and the barrier to entry is quite low. Hence, this market presents an immense opportunity for any large credible player to consolidate its position and grab market share in a big way. In the recent past, the cost of labor and infrastructure in Tier1 cities has been rising, but it still is one of the lowest in the world. It also varies widely by region, and in some regions, providers can offer extremely competitive rates.” India’s growth fundamentals are on relatively solid footing and can support sustainable growth and development in the near future. High GDP growth rate leading to growth across industries is the key to sustained IT services growth potential. Government infrastructure projects will strongly drive IT, in conjunction with the expansion of the financial services and manufacturing subsectors. —InformationWeek News Network
S o f t wa r e
CMS Infosystems gears up for UID India’s ambitious UID project is throwing up a huge list of opportunities for Indian vendors. A CLSA report predicts the opportunity to be close to USD 10 billion worth of investments in IT consulting, system integration and computer hardware over the next five-six years. The huge scale of the UID project is attracting vendors from every part of the IT ecosystem to offer services. A case in point is CMS Infosystems, which is leveraging its expertise in high-volume printing. CMS is using its ‘Print to Post’ centers to offer services to the UIDAI. The ‘Print to Post’ centers are a result of the partnership between CMS and the Department of Post (DoP) for providing complete printing and mailing services, to a cross section of government and corporate clientele looking for print outsourcing, postprinting and dispatch solutions. This ‘one-stop-shop’, was termed as ‘Print
informationweek august 2011
to Post.’ This center manages the entire mail-out processes including offset printing, variable data printing, collating, automated insertion, envelope sealing and addressing, right up to the last mile of the process, which is dispatching the printed documents to the end-customer in various segments and verticals. When UIDAI decided to issue unique IDs to the citizens of India, they found the Print to Post centers apt for its requirements. “The UIDAI has outsourced its entire requirement to us for using the facilities built up in these centers. We provide a complete solution to UIDAI, encompassing the following aspects, adhering to the specifications and formats laid out by the UIDAI,” states Sudev Muthya, President - IT Business, CMS Infosystems. CMS is involved in providing an end-to-end solution that includes pre-
Sudev Muthya, President - IT Business, CMS Infosystems
printing of static data like corporate logo; printing of variable data like name, address and other personal information; printing of individual pictures; lamination of the UID cards; dispatch of UID cards to the citizens of India; and finally submission of the MIS to the UIDAI. “We are building up capacity to produce 5 lakh UID cards a day. This includes data formatting, in regional languages, printing, lamination, cutting and insertion,” states Muthya. —Srikanth RP
Mobile transactions to reach USD 350 billion by 2015 The Boston Consulting Group (BCG), which released a study titled The Rush to Mobile Money: Madness or Master Stroke, states that mobile phones are now poised to become the platform that will launch mobile money as an everyday form of currency in India. The study estimates that by 2015, USD 350 billion of payments and banking transactions could flow through mobile phones — including government payments, POS and bill payments, banking transactions,
remittances and business payments. This compares with just over USD 235 billion of annual credit and debit card transactions in India today, a figure dominated by around USD 215 billion of cash withdrawals at ATMs. According to the study, five primary categories of mobile payments and banking will emerge by 2015: l Government payments: USD 40 billion of mobilebased transactions including disbursements under the Mahatma Gandhi National Rural Employment Guarantee Act. l Peer-to-peer remittances: USD 70 billion of domestic and international money transfers between migrant works and their families. l Bill payments and point-of-sale
informationweek august 2011
Manappuram Finance inks 10-year IT deal with IBM
purchases: USD 40 billion of payment transactions as the mobile phone doubles up as both — a payment instrument (like a debit card) and a point-of-sale terminal — to authenticate and receive the payment. l Business payments: USD 60 billion of payments by small and medium businesses to their employees and business associates. l Consumer banking: USD 150 billion through a combination of banking the unbanked and expanding convenient payment services to existing banked customers. “It is far less costly to offer banking and payments services using mobile technology than to build new branches. Mobile-enabled business correspondents, who are authorized to conduct business on behalf of banks, can service a customer for 8 to 15 cents per transaction — far below the USD 1 to USD 1.5 cost at a branch,” says Neeraj Aggarwal, Partner and Director, BCG India. There is clearly a lot of excitement around this opportunity. However, the business case for telecom operators is not straightforward. Mobile money will not be a large generator of fees for operators. The total fee pool of USD 4.5 billion will be split across several entities — banks, telecom operators, device makers, and service providers. “More than half of Indian households, 110 million altogether, do not have a bank account. Yet, of the households without a bank account our primary research estimates over 42 percent have at least one mobile phone,” says Arvind Subramanian, Partner & Director, BCG India.
Manappuram Finance, the creditrated gold loan company, has signed a 10-year multi-million dollar deal with IBM to transform its IT systems. As per the deal, IBM will build and manage the entire IT infrastructure for Manappuram Finance, as well as deliver application transformation benefits through the implementation of business solutions in the areas of finance, human resource management, business intelligence collaboration tools and document management. V P Nandakumar, Chairman, Manappuram Group of Companies said, “IBM’s understanding of our requirements and strong delivery capabilities will ensure that we get the support needed to realize our growth plans.” Sriram Rajan, Vice President - South, IBM India/South Asia informed, “IBM will deploy technologies, processes and best practices to enable Manappuram Finance to focus on its core business and offer a superior customer experience.” IBM’s relationship with Manappuram started in 2009 when the company engaged IBM for an IT strategy project to support their rapid growth plans. IBM helped Manappuram to identify and address gaps in their business processes and IT systems, analyze risks and methods to mitigate them, and recognize areas for operational efficiency and business process transformation. IBM also prioritized and recommended a roadmap to build a strong technology platform, architecture and landscape to drive the business growth of the company.
—InformationWeek News Network
—InformationWeek News Network
World’s data more than doubling every two years
Private cloud market to create one lakh jobs by 2015
EMC recently announced results of the EMC-sponsored IDC Digital Universe study, Extracting Value from Chaos, which revealed that the world’s information is more than doubling every two years — with a colossal 1.8 zettabytes to be created and replicated in 2011, which is growing faster than Moore’s Law. The study’s fifth anniversary, measuring and forecasting the amount of digital information created and copied annually— analyzing the implications for individuals, enterprises, and IT professionals — has huge economical, social and technology implications for big data and other opportunities. In terms of sheer volume, 1.8 zettabytes of data, which was created in the 2011 global Digital Universe, is equivalent to: l Every person in India tweeting 3 tweets per minute for 6,883 years nonstop. l Over 32 days of (1.8 zettabytes) data download by the entire population of India (1.21 billion appx.). l Every person in the world having over 215 million high-resolution MRI scans per day. l Over 200 billion HD movies (each 2 hours in length) — would take a person 47 million years to watch every movie 24x7. l The amount of information needed to fill 57.5 billion 32GB Apple iPads.
There is an increased preference of cloud adoption over the next five years in India, according to a study by EMC Corporation and Zinnov Management Consulting. Titled Private Cloud Landscape in India, the study finds that the total cloud market in India, currently at USD 400 million, will reach a market value of USD 4.5 billion by 2015; of which private cloud adoption will dominate and account for USD 3.5 billion in revenues, growing at over 60 percent. The study also brings to attention that while private cloud market will create one lakh jobs by 2015 from 10,000 today, companies today are under-skilled in addressing cloud computing implementations in India. It recommends companies to invest in competency building internally to take advantage of cloud computing technologies. The study estimates that the skilling and reskilling market in the country will grow fast as cloud computing becomes critical to IT strategies. Leading public and private educational institutions, along with IT enterprises are expected to play a key role in enhancing workforce skills to match the industry demand for cloud computing. According to the study, the cloud computing market growth is attributed to the increased maturity of Indian enterprises towards cloud computing and the CEO/ CIO mandate for an enterprise-wide cloud strategy. The total cloud spend as a percentage of the total IT spend as such is expected to rise from 1.4 percent in 2010 to 8.2 per cent in 2015. It notes that IT/ITeS, telecom, BFSI, manufacturing and government sectors will contribute the most to the
—InformationWeek News Network
informationweek august 2011
cloud market in India, with nearly 78 percent of the total market. According to the study, there is an increased preference of private cloud over public cloud over the next five years in the country. It also estimates that private cloud deployments could result in potential savings of up to 50 percent on the IT investments on average, with cost optimization in areas such as telecom and networking, hardware, software, internal labour, etc. Pari Natarajan, CEO, Zinnov Management Consulting said, “Cloud computing will re-shape the
Indian IT market by generating new opportunities for IT vendors and driving changes in traditional IT offerings. There is a high chance that companies that are not adopting IT today and don’t have major investments in datacenters and server farms will directly move to the cloud model.” Manoj Chugh, President, EMC India & SAARC said, “Today, the Indian market has technology vendors offering the best technologies and facilities, such as the EMC-Cisco Cloud Experience Center in Bangalore, to make informed decisions.” The findings are based on a comprehensive survey of over 100 CIOs & IT decision makers in India across industry verticals conducted during January 2011 to May 2011. —InformationWeek News Network
Wipro Infotech restores ESIC portal Wipro InfoTech has rectified the technical issue faced by insurance portal of Employees’ State Insurance Corporation (ESIC). The IT enablement project, Project Panchdeep, had faced a technical issue, which had affected the functioning of the portal for the last couple of weeks. ESIC is a statutory corporation under the Ministry of Labour & Employment, Government of India (GoI), and is the implementing agency of a pioneering, Social Security Scheme in India. Anand Sankaran, Senior Vice President and Business Head - India, Middle East and Africa, Wipro said, “The technical problem is completely resolved now, and the system is back to normal performance. The problem occurred due to a unique technical issue with the application software.” Dr C S Kedar, DG, ESIC said “The portal was experiencing some technical problems, due to which employers were having trouble accessing the application to generate their monthly contribution and register their employees. Wipro identified the problem and put in place a solution
to resolve the issue. The application performance has since improved and the portal is up and running once again.” Project Panchdeep includes five important components, namely Pehchan, Milap, Pashan, Dhanwantri and Pragati. Project Pehchan includes all services related to identification, authentication and verification of Insured Persons (IPs) through the use of biometric cards. The other four components include Milap for all services related to provisioning network and bandwidth; Pashan for all services related to hardware for data center, Disaster Recovery, desktops/PCs/ laptops and middleware; Dhanwantri for all services related to hospitals and dispensaries and finally Pragati for all services related to insurance and ERP modules. Project Panchdeep provides online facilities to employers and insured people for registration, payment of premium and disbursement of cash benefits. It additionally automates medicare services to all insured people. —InformationWeek News Network
S o f t wa r e
Microsoft launches Office 365 in India Microsoft has announced commercial availability of Microsoft Office 365 in India. It is offering attractive prices starting USD 2 per user (approximately Rs 90) per month, (excluding applicable taxes) this will allow SMBs and enterprise customers to access Microsoft’s popular e-mail, collaboration, conferencing and productivity capabilities online. More than 12,000 Indian organizations, have signed up for Office 365 trials. For the first time ever, customers can also avail Microsoft Office, the world’s most popular productivity offering, on subscription basis off the cloud. ‘Microsoft Office 365, provides the familiar enterprise class productivity
solutions on a flexible usage and payment model, delivering streamlined communication with high availability, comprehensive security and simplified IT management. Customers who have already started using the services are realizing savings from reduced hardware, software and operational costs,” said Sanket Akerkar, Managing Director, Microsoft Corporation India. The Office 365 plan for Small Businesses is optimized for organizations with 25 users or less. At approximately USD 6 per user per month, this plan includes Office Web Apps, Exchange Online, SharePoint Online, Lync Online. —InformationWeek News Network
TFM&A marks its footprint in India UBM India, a leading event organizer, is poised to create a platform for marketing and advertising professionals of the industry to share their views on the future role of technology in marketing and advertising. It is introducing in India, the world’s leading and multiple award-winning integrated marketing & advertising solutions event – ‘Technology for Marketing & Advertising (TFM&A).’ The conference and expo is scheduled to be held at Nehru Centre, Worli, Mumbai on November 4 and 5, 2011. “TFM&A offers industry insights, trends and developments through seminars to marketing, media and advertising professionals, as well as provides a meaningful platform for leading suppliers of data, CRM, direct, digital and online marketing solutions. It delivers the perfect blend for truly integrated marketing and advertising campaigns,” said Sanjeev Khaira, MD,
UBM India. Bringing TFM&A to India would combine the phenomenal growth and demands of corporate India with the global leading event. Some of the signed exhibitors of TFM&A include: Direxions, SoftGainz,
Loylty Rewardz, Alterian, Strategic Outsourcing Services (Adtech), Experian, Magnon Solutions (Adtech), Vdopia, My Datawise and Zoho CRM The tentative conference program would include : l Key notes on social media /SAAS, strategic outsourcing, to name a few. l A CMO panel discussion on ‘Direct marketing Vs advertising marketing.’
Discussion on ‘Traditional media Vs new media’ l Discussion on ‘Direct marketing Vs loyalty program marketing’ l Discussion on ‘Online Vs mobile marketing’ l Over 30 case study presentations Strategic Outsourcing Services has signed Magnon Solutions as a Gold Partner and Mail Order Solutions as a Silver Partner for the show. Also, Experian is the Keynotes Hall Partner. Some of the media partners and online partners for the event are 4Ps Business & Marketing, WatBlog, Bank Systems & Technology, THF Digital and Audience Matters. In addition, the show’s supporting associations are Direct Marketing Association India, The Internet and Mobile Association of India, The Advertising Club Bombay and The Indus Entrepreneurs. —InformationWeek News Network
S o f t wa r e
CA sees huge growth in service assurance business will lose their customers. Thus, it is The traditional role of IT in managing very crucial to measure and manage IT the business was to react when a according to the needs of the end-user problem occured. But today, IT needs to and business transactions to deliver an be proactive and strategic to monitor exceptional end-user experience,” said the problem much before it occurs. Stephen Miles, VP - Service Assurance, And service assurance (SA) is one such Asia Pacific, CA Technologies. solution that can help organizations to Speaking on CA do so. CA, which has a rich portfolio Technologies’ expectations of solutions to do this, is betting big from SA business, Abhilash on this trend. CA’s service assurance Purushottaman, Solution business is growing at about 15-20 Strategist - India and SAARC percent every year, contributing for CA Service Assurance over 50 percent of CA India’s Business Unit at CA revenue. Technologies said, “Web 2.0 has proved “Currently, our service that the empowerment assurance business in is now moving from India is expanding at business to customer. Stephen Miles, VP - Service about 15-20 percent, but The organizations, which Assurance, Asia Pacific, CA given the strong demand do not understand this,
informationweek august 2011
across sectors like telecom, BFSI and government, we are confident that it will reach 30 percent.” Purushottaman claimed that if a company invests in CA’s SA tool, then it can reduce the IT problem fixing time by 40 percent and can obtain 400 percent of ROI in the next five years. CA service assurance business claims to provide end-to-end service and transaction visibility for not only physical environment but also for virtualized and cloud environment. Thus, the company sees cloud computing as a huge opportunity for this particular business. To make this portfolio more appealing, every year CA is investing around 30 percent on people and acquisitions. —Vinita Gupta
HP puts its printers in the cloud
Most of the companyâ€™s printers are web-enabled, cloud-aware and have an e-mail address â€” so that you can print from anywhere, anytime, using any device. Say goodbye to stodgy device drivers and troublesome paper jams! By Brian Pereira
HP IPG predicts that the opportunity for managed printing services will grow from USD 18 billion in 2010 to USD 25 billion by 2013
informationweek august 2011
he way users access, create, store and consume content is changing. And the Imaging and Printing Group (IPG) at HP has kept a sharp eye on this transformation over the years. The group is now responding by introducing a new range of webenabled printers and managed printing services, for which it sees a USD 292 billion market opportunity by 2013. Currently, there is a market for 3 million units in India, and HP has 55 percent market share; it leads in the large-format category with 90 percent market share.
Using internal studies the IPG identified four key trends: Firstly, there is a content explosion; digital content is growing 10-fold every year and the number of printable content is increasing by a factor of 3x. Secondly, mobile devices like smartphones and tablets are becoming the preferred devices for accessing the web; HP IPG predicts that by 2013, 26 billion incremental pages will be printed from mobile devices and 85 percent of smartphone users will want to print. Thirdly, content such as photos, newspapers, magazines, documents are moving from analog to digital; over 200 billion pages are moving to
digital every year. And fourthly, the industry and consumers are moving from a device- or hardware-centric model to service-based business models. HP IPG predicts that the opportunity for managed printing services will grow from USD 18 billion in 2010 to USD 25 billion by 2013. Retailing publishing services will soar from USD 5 billion in 2010 to USD 12 billion by 2013. In this scenario, workers and consumers would need to print from any device, at any location, on-demand. Responding to this transformation HP IPG believes the printer needs to be “web-enabled” and “cloud-ware.” Speaking at a press conference in New Delhi on July 7, Vyomesh Joshi, Executive Vice President, HP IPG said, “We decided that above a certain price point, every printer will be connected to the web. It will be cloud-aware, and it will have an e-mail address. So if I take a picture on my smartphone, I can send the picture to the e-mail address of that printer, it goes to the cloud and gets printed.” In a short demo Joshi printed documents on his smartphone and on Google Docs to a printer on stage, wirelessly, via the cloud. This was done in a few minutes via a service called ePrint. To do this one has to first register their HP web-enabled printer
“We decided that above a certain price point, every printer will be connected to the web. It will be cloud-aware, and it will have an e-mail address”
Executive VP, HP IPG
(support for ePrint) at the ePrint center (www.hp.com/go/eprint). The printer will then be assigned a unique e-mail address. And to print documents one has to simply send it to the printer’s e-mail address. Speaking to InformationWeek after the press conference, Neeraj Sharma, Vice President, HP IPG India said, “We have been shipping printers with the ePrint function since the past one year. These printers cost ` 8,000 onwards. Apart from AirPrint [wireless printing from Apple devices] we’ve got ePrint even in enterprises. Wireless printing will complement printing from wired devices.” When asked about the security aspects, Sharma said, “The ePrint Center (HP’s cloud printing service) allows you to define people who will be able to use your printer.” Sharma also informed that much of the innovation on ePrint was done at HP’s R&D labs in India.
“We want to focus beyond the metros, in places where there is faster urbanization happening. We see a lot of potential for this service in the education sector in these (tier-2 and tier-3) cities,” said Sharma.
With media increasingly moving from analog to digital, HP IPG also wants to play an important role in the digital or Web Press. “Just like photos, we are transforming book publishing. The same thing will happen to magazines. Digital lets you print what you need and where you need,” said Joshi. Joshi whipped out a novel titled Kate, which is a detailed account about the royal wedding in the UK. He said a publisher in Paris produced 5,000 copies of the book in just four days. The technology that enables this is HP Web Press, an enhanced version of its digital press, it introduced a few years ago. “The Web Press can print 25 – 50 million pages a month; over one billion pages were printed on HP Web Press in 2010,” informed Joshi. He further added, “Some publishers in India have evoked a keen interest in the Web Press.” We believe that if there is indeed a market for this technology, the day is not far when we could get our customized newspapers and magazines, all with our favourite topics and articles! The writer was hosted in New Delhi by HP-IPG India.
(L-R) Ajay Gupta, John Solomon, Vyomesh Joshi, Neeraj Sharma
u Brian Pereira email@example.com
august 2011 i n f o r m at i o n w e e k 21
: A lifeline of IT has transformed the healthcare sector by streamlining operations and ensuring enhanced and real-time diagnosis and treatment for patients By Vinita Gupta
he healthcare industry, like most other industries, has added enormous business values by utilizing IT — benefitting both, the patients and hospitals. While the patients benefit by getting faster and advanced healthcare services, the hospitals are able to streamline the processes and reduce human errors and cost. The IT systems in healthcare industry have drastically matured. Earlier, each hospital branch maintained its own records, so data consolidation was a challenge. However, in the last few years the technology in hospitals has moved from a distributed to a centralized model. Particularly, large hospitals with many branches have a centralized system, allowing patients’ data to be accessible across all branches. Let’s discuss some of the IT systems in use and the benefits hospitals are incurring from it.
INTEGRATED HOSPITAL SYSTEM Most hospitals today are implementing a number of comprehensive hospital systems, such as Hospital Information System
informationweek august 2011
(HIS), Hospital Management System (HMS), Laboratory Information System (LIS) and Clinical Support System (CSS). These systems cater to all hospital departments like billing, material, clinical, pathology, radiology, customer care, and so on. It also eliminates the scope of human errors and physical movement of reports across the hospital. For instance, from the last three years G. Kuppuswamy Naidu Memorial Hospital is using an integrated LIS to help speed up the laboratory process. The LIS automatically identifies the tests to be performed along with the patient’s age, sex etc., with the help of a barcode label that is stuck to the vaccutte. The results are fed into the system and can be analyzed by anyone with a proper authentication.
In case of an emergency, this system proves useful as it eliminates the need of a printed report. Also, from the last two years, the hospital is utilizing a CSS (the software was developed in-house), which serves as a searchable database of diseases and clinical manifestations. “The CSS helps us to predict the future health condition of the patients and also the preliminary measures or steps that need to be carried out. This has been incorporated in the obstetrics department of the hospital,” says Biju Velayudhan, Senior Manager and Head IT, G. Kuppuswamy Naidu Memorial Hospital. To increase the effectiveness of the healthcare service, the systems should be advanced and integrated to manage various functionalities across
Key IT pain points in Healthcare in India Consolidation of IT System
28% Data Management & Storage
12% Growing Data Volumes
11% Rising Cost of IT
11% Source: Forrester Research, 2010
the hospital and should be readily available to the doctor. For example, Asian Institute of Medical Sciences (AIMS) was using Tally, which provided offline information, and was not able to keep up with increasing transactions. Also, it couldn’t integrate with the billing software, HIS, or other medical solutions deployed. This resulted in delay in the generation of reports like patient’s bill, as well as business and financial reports. Hence the hospital developed software named HMS Expert with Microsoft Dynamics NAV 4.0 , which easily integrates with all the healthcare equipment and applications. For instance, when a patient is admitted in a hospital, a job ID is created for him in HMS Expert. Using the HIS system, a text message is sent to the attendant’s mobile stating the bed number and other charges incurred on a daily basis. “HMS Expert has significantly enhanced our efficiency and customer satisfaction, along with reductions in operating expenses. We have lowered
“HMS has significantly enhanced our efficiency — we have lowered patient waiting time by 60 percent”
Shuvankar Pramanick CIO at AIMS t patient wait time by 60 percent from 20 minutes to six-seven minutes,” informs Shuvankar Pramanick, CIO at AIMS.
Usually, when a patient goes for an X-ray, the report is not available immediately as drying of the film takes time. To overcome this problem, the hospitals have implemented solution like PACS (Picture Archival and Communication System), which ensures that electronic images generated during diagnostic tests, like X-ray, CT Scan, MRI, etc., are available throughout the hospital electronically and these stored images
are accessible to the medical team beyond the doors of the radiology department. As the images are stored electronically, they can be shared from one place to another over the network — making it easier to get second opinion from domain specialist clinicians or doctors. Major hospitals like G. Kuppuswamy Naidu Memorial, Max Healthcare, Deenanath Mangeshkar and AIMS use PACS software.
PATIENTS’ DATA IS VITAL
Hospitals need to maintain a stateof-the-art IT infrastructure, which ensures protection of patients’ data
august 2011 2011 ii n nf fo or rm m at at ii o on nw we ee ek k 23 23 august
Cover Story and medical records round-the-clock. Thus, various system-driven hospitals have deployed huge-capacity storage, virtualization, Disaster Recovery (DR) and network solutions. For instance, in G. Kuppuswamy Naidu Memorial, the data is pushed to the DR server and kept updated online. Currently, the hospital has around 10 servers and about 20-22 terabyte of data in multiple SAN storage boxes. Since the data explosion is huge, the hospital is still planning to further increase the capacity. Likewise, Deenanath Mangeshkar Hospital has implemented VMware’s server virtualization technology, which has not only enabled the hospital to improve the availability of critical systems, but has also eased the IT team’s maintenance task. After virtualization, the hospital has not experienced a single server downtime. Tushar Kanade, Manager – Systems, Deenanath Mangeshkar Hospital reveals, “As a healthcare provider, we never stop working. The virtualized infrastructure provides a degree of surety that the systems, necessary for efficient, accurate and high-quality patient care will always be available.” Also, SevenHills Hospital has implemented intelligent network infrastructure, which raises an alarm whenever there is an unauthorized change to the network physical layer. The technology offers the much needed constant, real-time
informationweek august 2011
“CSS helps us to predict the future health condition of patients and preliminary measures to be carried out”
Manager and Head IT, G. Kuppuswamy Naidu Memorial Hospital t view in the network physical layer that the hospital was looking for, as its vital systems are connected to the network. Along with the data protection, archiving patients’ data is of utmost importance. It is the process of moving the data, which is no longer actively used, to a separate data storage device for long-term retention. Suresh Shenoy, Senior Vice President - IT, Wockhardt believes that since a lot of vital patient-centric
data is generated in a hospital on a day-to-day basis, a solution to handle this high volume of data is definitely required.
INCREASING VIDEO USAGE
Most of the villages in India do not even have basic healthcare facilities, and the others are not advanced enough to tackle all the healthcare challenges. Due to the shortage of human and infrastructural resources, the patients in rural areas are not able to access advanced services on time. Thus, the hospitals are looking at solutions like telemedicine and video conferencing (VC). With the help of telemedicine and VC technology, the doctors in different locations are able to share their expertise on a particular health disease. For example, since last threefour years, Deenanath Mangeshkar Hospital has been using video conferencing (VC) to connect and provide efficient services to two small hospitals near Pune. Accordingly, Fortis Healthcare uses Microsoft Office Communications Server (OCS) 2007 that manages all real-time communications, including instant messaging, VoIP, audio and video conferencing. The OCS could suffice connections between the desktop to IP and various hospitals. However, to increase the quality of the video, the hospital has deployed a VC solution. Dr Sanjay P Sood, a Healthcare IT expert and one of the pioneers of telemedicine in India, opines that IT not only enhances efficiency, but also increases quality of care — extending
the reach of specialized medical services to patients in any part of the world. He says, “In India the broadband Internet was instrumental in bringing about a revolution in the telemedicine domain, leading to the development of eHealth and webbased telemedicine systems.”
Looking at mHealth
If there’s an emergency and the doctor is not in the hospital, then he needs to reach the hospital before he looks at the patient’s report and starts the treatment. In order to cut down on the wait time involved in such cases, the hospitals are looking at handheld devices, like iPad or tablet PCs, which could be utilized by the doctors to access the patient’s information and get vital alerts while on the move. Currently, not many hospitals in India are using handheld devices. But in the coming years, Wi-Fi devices and smartphone usage in hospitals is likely to increase in a drastic way. For example, Deenanath Mangeshkar Hospital has a Wi-Fi network and by next year, it is planning to provide tablets to its doctors, so that they can access data and prescribe medicines even while travelling. On the similar lines, AIMS is planning to provide its dashboards tools (medical and business analysis) to the mobile phones. Satvinder Pal Singh, DGM - IT, Fortis Healthcare believes that there is a need to have specific handheld tools for the healthcare sector. He says, “Healthcare is a very sensitive industry as it deals with a person’s life. The tablets available today are not capable of handling it properly.”
Some of the hospitals today are looking at solutions like SaaS and
“EHR aims at improving the quality of patient care to the best-in-class standards at our hospitals”
Chief Information Officer, Max Healthcare t private cloud computing to help them reduce cost and effectively support the performance and growth plans, as in the case of Max Healthcare. “We created a private cloud environment for our critical healthcare applications to provide the desired scalability and performance,” says Neena Pahuja, Chief Information Officer, Max Healthcare Also, Fortis Healthcare is in the process of utilizing private cloud computing. As the hospital is growing at a rapid pace, developing each and every application in every new branch is a major challenge. Thus, it considered a private cloud to optimize their network, bandwidth and hardware cost. The execution of cloud will also make patient’s data available from anywhere. Another healthcare center that has adopted cloud technology is Renaccess Healthcare. To support its huge expansion plans, the dialysis center needed a solution that was scalable enough to include new centers and machines. But, the dialysis center did not have enough money to invest on hardware and software, hence it opted for a SaaS model (Hosted Microsoft Dynamics AX 2009). “SaaS eliminates the need of capital expenditure. With the application hosted on the cloud, the company was not required to invest in software, servers, database,
“There is a need to have specific handheld tools for the healthcare sector.”
Satvinder Pal Singh
DGM-IT, Fortis Healthcare t
operating systems, firewall and antivirus. The expenditure would have approximately been ` 3,00,000 to ` 5,00,000 annually per center,” informs Gaurav Porwal, Director, Renaccess Healthcare.
So what’s the next step for hospitals? The next leap for the hospitals is the capture and retrieval of electronic clinical data — bringing in much needed standardization, practice and monitoring of evidence-based medicine together with culture of safety and improvements. The Electronic Health Record (EHR) is one such system that uses patient’s data to provide the relevant alerts to support wellness. EHR will enable hospitals to move from reactive treatment to preventive healthcare. “We at Max Healthcare are currently in the process of implementing a system for EHR, which is aimed at improving the quality of patient care to the best-in-class standards at our hospitals,” states Pahuja. G. Kuppuswamy Naidu Memorial Hospital is also planning to have an electronic medical record system, which will provide online alerts on drug-to-drug interaction, drug-to-food interaction, allergic complications etc. Also, these details will be available to doctors online through Wi-Fi technology or smartphones, when they are out of hospitals. The way technology has revolutionized the healthcare sector clearly ascertains that IT is the lifeline of hospitals.
u Vinita Gupta firstname.lastname@example.org
august 2011 i n f o r m at i o n w e e k 25
Taking healthcare to the bottom of the pyramid With hospitals increasingly feeling the need to adopt IT, solution vendors are working towards tapping this opportunity amid tricky challenges By Ayushman Baruah
he healthcare industry in India is one of the largest sectors, both in terms of revenue and employment, with a total value of more than USD 34 billion, which is roughly 6 percent of the country’s GDP. It is estimated to grow to USD 40 billion by 2012 according to a PwC Report on Healthcare in India. The same report states that only 25 percent of India’s specialists reside in semi-urban areas and 3 percent in rural areas, leading to a population of 700 million being deprived of healthcare facilities. Consequently, in India we have affordable hospitals to treat simple diseases and speciality hospitals to treat complicated diseases. What we don’t have is affordable hospitals to treat complicated diseases. And this is where IT can play a key role in bridging the existing rural-urban
informationweek august 2011
divide and making quality healthcare available to the masses at an affordable cost. “The opportunity for India arises from the fact that it can leapfrog legacy to adopt the latest technological advances around cloud, mobility, Healthcare Information
Services (HIS), computerized physician order entry (CPOE), and building of health information exchanges (HIE). This will help gather clinical and patient information that can be used to perform healthcare analytics to ensure better outcomes,” says Kandasamy Sankaran, Director - Health Services, CSC India. Hospitals are increasingly feeling that paper records are expensive to maintain and are time consuming. Consequently, more and more hospitals are working towards creating electronic medical records (EMRs) which allow customers to digitize their records and provide faster access to patient information. Leading handset brands and a clutch of telecom operators and value-added service developers are collectively betting on possibilities of using mobile phones for purposes like diagnostic and treatment support, remote disease monitoring, health awareness and communication. A Mumbai-based medical equipment company has recently rolled
out an ECG application along with a mobile operator for mobile handsets.
Healthcare IT market size in India ◆
The Indian healthcare sector faces serious challenges, such as poor infrastructure, non-availability of experts (disparate distribution), low doctor-patient ratio (large population), lack of proper medical education and mushrooming of a parallel industry of counterfeit drugs. These challenges have given rise to trends like telemedicine, which may be defined as the use of computers and telecommunication technologies to provide medical information and services from distant locations. It is generally used for providing different types of services, such as telecardiology, teleradiology, telepathology, telepsychiatry and Early Warning System (for the prevention and control of endemic and infectious diseases). Susheela Venkataraman, Managing Director, Internet Business Solutions Group, Cisco India feels that while India is a pioneer in telemedicine, the challenge is to scale and make it mainstream. “From a Cisco point of view, unless remote telemedicine (care-at-a-distance) is incorporated into the overall process, it will continue to be treated separately from a mainstream hospital, which is really not the case.” Telemedicine in a traditional sense is about remote medicine. The concept is based on how a patient and doctor in two different locations can converse. However, it’s not only limited to conversation and also involves the diagnosis. She cites the example of teleradiology, where the images taken in a hospital in the U.S., can be transmitted to an experienced radiologist in Bangalore, who can share
Total Healthcare market size
◆ ◆ ◆ ◆
Revenue (US$ Million)
Source: Forrester Research, 2010
his opinion and analysis. “This is almost similar to BPO processes. This practice cuts down on the turnaround time and money because there is a shortage of radiologists in the U.S.” Telemedicine and mHealthcare are gaining stronger foothold in India, with bandwidth being addressed through 3G and other efforts. Sankaran of CSC says, “Telemedicine is a fast-growing trend in India and with the support of IT, satellite and fiber optic network, telemedicine can provide specialized healthcare to remote corners of the country.” Today, several major private hospitals have adopted telemedicine and many of them have opted for public private partnerships (PPPs). Some of the hospitals include Apollo, AIIMS, Narayana Hrudayalaya, Arvind Hospitals and Sankara Nethralaya. Apollo Telemedicine Networking Foundation (ATNF), a not-for-profit organization of the Apollo Hospitals Group, is credited with being the first to set up a rural telemedicine center in 1999 in Aragonda, Andhra Pradesh. Presently, ATNF claims to be India’s single largest provider in the area of telemedicine, with over 150
“Unless remote telemedicine is incorporated into the overall process, it will be treated separately from a mainstream hospital”
MD, Internet Business Solutions Group, Cisco t
telemedicine centers across the globe. ATNF’s flagship web-enabled telemedicine application, Medintegra WEB, enables doctors, nursing homes and hospitals to reach out to patients in inaccessible areas and provide interactive healthcare using modern technology and telecommunications. The software collects the patient’s data and converts it into a secure and confidential EMR. This data is then transferred to the Telemedicine Specialty Center, where it is studied by an authorized specialist. Based on the investigation, the specialist offers his/ her opinion which is transmitted back to the grassroots (peripheral), where the doctor is able to treat the patient accurately and without any delay. Indian Space Research Organization (ISRO), which began its telemedicine pilot project in 2001, with the aim of providing medical treatment at the grassroots level has currently enabled about 382 hospitals in the country with the facility. Telemedicine systems are being offered by the corporate sector of companies, such as Wipro, GE Healthcare and Siemens. E-learning is also a trend fast picking up among doctors, as it offers a common learning platform that goes beyond physical barriers. Last year, around 70,000 doctors had applied for renewing of registrations after the Medical Council of India made it mandatory for doctors to get re-registered every five years. This was a huge challenge for doctors, especially those serving in rural
august 2011 i n f o r m at i o n w e e k 27
Cover Story areas, as they found it difficult to earn the mandatory 30 credit hours by attending ‘recognized’ conferences or by publishing books in order to renew their registration. Addressing this, the Maharashtra Medical Council (MMC) recently announced that medical education seminars can now be held online, and doctors could attend virtual
classrooms from the comfort of their homes and update their knowledge on a regular basis.
Among the key factors responsible for pushing the growth in healthcare is medical tourism, which may be defined as the provision for costeffective private medical care in collaboration with the tourism industry for patients requiring surgical and other forms of specialized treatment. According to a survey by the Associated Chambers of COMBATING Commerce and Industry of India (ASSOCHAM), COUNTERFEIT DRUGS medical tourism in India The Indian pharma industry has grown and will experience an annual matured over the years. With the domestic growth rate of 30 percent market growing steadily — projected to touch from 2010 to reach a USD 20 billion by 2015, as per a report by whopping ` 95 billion by Ernst & Young — the Indian pharmaceutical 2015. It is estimated that industry is today the largest manufacturer of around 150,000 people generic drugs. However, the growth of the across the globe travel to pharmaceutical industry has also given rise to India every year for medical a parallel industry of counterfeit medicine. treatment and surgeries, and India is fast becoming the hub for at the same time enjoy their counterfeit drugs, accounting for one-third of recuperative holidays. the counterfeit medicine produced worldwide, ASSOCHAM estimates as per WHO statistics. In a measure to uphold that the cost of surgery in the credibility of exports from India, the India can be one tenth or less Directorate General of Foreign Trade (DGFT) of what it is in the U.S. and has issued a change in export regulations, Western Europe. A heart-valve stating that primary packaging should replacement that would cost incorporate 2D barcodes on blister strips, USD 200,000 or more in the vials and bottles, encoding a unique product U.S., for example, would cost identification code, batch number, expiry date about USD 10,000 in India, and and serial number. that includes round-trip air travel While the above strategy might prove fare. Similarly, a metal-free dental effective in ensuring the quality of pharma bridge worth USD 5,500 in the exports, it clearly fails to address the U.S., would cost approximately proliferation of counterfeit drugs in the USD 500 in India. domestic markets. There is a need for systems Medical tourism involves that can help to establish the authenticity ventures between healthcare of the product at the time of purchase. To providers and the hospitality address this, Sproxil has developed a solution industry. For instance, Apollo that helps determine the authenticity of a Hospitals has partnered with product by leveraging the capabilities of a SitaCare, the medical tourism arm of mobile phone. “Customers can text message Sita Travels. Apollo reportedly also an item’s unique code and get an instant has a tie-up with Tamil Nadu Tourism response confirming the genuineness Development Corporation. As per the of the brand,” says Dr Ashifi Gogo, pact, any tourist availing Sita Travels’ CEO, Sproxil. tour package will get a 15 percent off on the Apollo Preventive Health Check. The check can be conducted in any of the Apollo Hospitals or clinics spread
informationweek august 2011
across the country.
THE VENDOR OPPORTUNITY
The IT adoption by the healthcare sector in India is largely driven by product vendors. The opportunity is humungous for large- and mid-sized healthcare IT service vendors, who have relevant skills and experience. These service providers bring in value with understanding of the healthcare organization’s business and help them with appropriate healthcare IT products to ensure better business outcome. The market for IT in healthcare in India is poised to grow at a CAGR of 21.8 percent to reach USD 609.5 million by 2013, according to a Forrester Research report, IT in the Healthcare Industry - Emerging Trends and Market Opportunities in India. Multinational companies like GE Healthcare, Cisco Systems, Microsoft, Google, IBM, Logica, Computer Sciences Corporation (CSC), Dell, TCS, HCL and Wipro, to name a few, have entered the healthcare space. Most of these companies also have a separate business vertical dedicated to the healthcare segment. In September 2010, Max Healthcare and Dell Services, formerly Perot Systems, entered into a 10-year agreement valued at USD 20 million under which Dell Services agreed to provide infrastructure management and EHR implementation to Max Healthcare. Dell Services partnered with Max Healthcare to convert the information technology infrastructure of all eight Max Healthcare facilities into a private MPLS (Multi-Protocol Label Switching) cloud running remotely from Dell Services data center in Noida. Few years back, Wipro implemented an integrated HIS across six hospitals of Municipal Corporation of Delhi. Also, Wipro’s one of the biggest e-governance projects with the Employee State Insurance Corporation (ESIC) has just gone live. Almost 50 million beneficiaries are covered under the scheme. “This project covers endto-end solution for over 2,000 plus hospitals, dispensaries, regional offices,
branch offices and state directories pan India,” says Dr Srinivasa Raghava Vegi, General Manager, Wipro Infotech. MindTMED platform by a Bangalore-based IT company, MindTree, is a solution that allows doctors to connect with patients regardless of the physical distance between them. It is a ready-to-deploy solution that can help any hospital or doctor to remotely diagnose the patient’s condition, prescribe relevant medication, and continuously monitor the health and its progress while maintaining and updating EHRs. Cisco offers a range of solutions in the healthcare space, including HealthPresence and Nurse Connect. While the former is about remote interaction between doctors and hospitals, the latter integrates certain nurse call systems with Cisco wireless phones to enhance communication between patients and care providers. “If a nurse is busy and not at her station, the emergency call from a patient will be routed to her handheld device. The nurse can click a button to communicate that she is busy and the call will get diverted to the next available nurse,” says Venkataraman. Cisco has also initiated work in the preventive health space, which is often ignored but very relevant in our country. “Some of our projects in this area are currently underway. The main focus is on information empowerment and spreading awareness and counselling. We are exploring technologies like remote display system for providing information to citizens, especially in the rural areas. Also, with remote care solutions like HealthPresence, health screening camps are conducted in the rural
“In India, some of the multi-specialty hospitals have old infrastructure, which makes it difficult to adapt to new technologies”
Dr Hemant Kumar Director, Dell Services areas to spread awareness about various diseases. Post the camp, the patients can follow up individually and have a face-to-face interaction or a discussion about the HealthPresence solution with the doctor,” elaborates Venkataraman. Juniper Networks’ portfolio for healthcare includes security for WLAN deployments, multi-audience access, healthcare data center consolidation and simplification, firewall security upgrades, intrusion prevention system (IPS) deployments, network-based user authentication, resilient network routing, supporting EMR and patient health information (PHI).
“For a long time technology was not a priority for hospitals, but this can change if we are able to show them clear ROI with timelines”
technologies like cloud and virtualized environments. Fragmented setups and lack of physical space further add to the challenges in technology adaptation,” says Dr Hemant Kumar, Director, Dell Services.“ He further adds, “There is resistance to change. For instance, hospital staff, habituated to legacy systems and writing on paper, resists moving to new systems and automated environment.” According to Sankaran of CSC, IT vendors face serious challenges in motivating hospitals to invest in technology. “There are concerns of organizational culture — scepticism towards ICT adoption and additional cost of building ICT infrastructures. There is a lack of willingness to recruit, select and employ competent resources to install and use ICT and invest on their training and development.” However, some industry observers feel the trend is changing. “For a long time technology was not a priority for hospitals, but this can change if we are able to show them clear ROI with timelines, similar to what they see when they add an extra bed or a CT Scan machine. Standardization is another big challenge,” enlightens Dr Raghava Vegi of Wipro. Despite challenges of integrating IT into the healthcare system, solution providers will still have to find their way out to motivate hospitals to invest in IT. With 70 percent of India’s 1.2 billion population living in rural areas, the role of IT in healthcare will reach its tipping point and be meaningful only when it is able to percolate to the bottom of the pyramid.
Dr Srinivasa Raghava Vegi
u Ayushman Baruah
THE INTEGRATION BLOCKS
While IT vendors are providing customized solutions for the healthcare vertical, the challenges lie in integrating IT into the healthcare system in India. Major challenges include lack of standardized processes and in-house IT expertise; reluctance of medical, nursing and other staff to learn and apply technology upgrades; fear of IT failure (paper system appears more reliable); and cynicism about services from vendors. “In India, some of the multispecialty hospitals have old infrastructure, which makes it very difficult to adapt to new
General Manager, Wipro Infotech t
august 2011 i n f o r m at i o n w e e k 31
Just a ! c o D sk Wa y e H tso
IBM’s Watson technology powers a popular game show in the U.S. But the analytical and natural language processing capabilities of the machine has useful applications in the field of medicine. The day is not far when Watson will help medicos take more accurate life-saving decisions By Brian Pereira
here is a popular game show in the U.S., called Jeopardy! If you’ve watched it on TV, or perhaps tried your hand at the game, you would have witnessed firsthand, the intellectual duel between a human and a machine. The technology behind this game is called ‘Watson’ and it was developed by a team of engineers at IBM. But nobody invests over USD 2 billion in a machine that powers a wordplay game. IBM believes Watson’s first business application will be solving problems in the healthcare industry.
informationweek august 2011
Named after IBM founder Thomas J. Watson, this is an analytical computing system that specializes in analyzing natural human language, and provides specific answers to complex questions at rapid speeds. Watson has the ability to analyze the meaning and context of human language, and rapidly process information to find more precise answers to questions posed in natural language. Watson, however, is far beyond a simple Q&A machine. It demonstrates advances in technology that will create a new class of systems that can learn and talk. “We have been talking to clients
about its potential applications in industry and the one area that has emerged as the highest priority is healthcare,” informs Dr Manish Gupta, Director, IBM Research – India. Dr Gupta is also Chief Technologist, IBM India/South Asia.
Watson’s analytical capabilities can be applied to areas like radiology, oncology, cardiology, primary care and biopharma. l Radiology: It provides the potential to create algorithms to automatically identify and flag
anomalies on MRIs and images much smaller than a radiologist can see with the human eye. It has the potential to interact with and guide the radiologist to do deeper analysis and additional imaging to identify a potential problem. l Oncology: The technology can be used to potentially guide physicians and patients to examine the value tradeoffs between benefits and harms across cancer treatment and screening options, allowing patients to make more informed decisions or prompt physicians with decision aids and coaching. l Cardiology: Watson-like capabilities could be used to guide cardiologists to avoid the most common mistakes in the field by ingesting and analyzing treatment data and test results, as well as automatically looking for causes for concern, such as the overuse of diuretics, the presence of pulmonary edema, or too much digitalis as noted in a blood test. Thus, it can direct cardiologists on balancing the most effective drug dosage or procedures. l Primary care: Due to its ability to combine diagnosis data and treatment recommendations with analytics and locate specialists in a patient’s health plan, who live
“Healthcare has emerged as the highest priority area where IBM’s Watson technology can be applied”
Dr Manish Gupta
Director, IBM Research – India t within 15 miles of the patients’ home and have the highest cure rate; it can provide patients better care under their primary care team. It can be used to attain more effective treatment and reduce the expenditure on the treatment of costly chronic illness. l Biopharma: With its capacity to track drug interactions, contraindications and model, combined with analyzing data from numerous clinical trials; Watson can help biopharma companies to pioneer new areas for maximizing profit and developing new therapies.
HOW IT ANALYZES
For healthcare, the way it does the diagnosis is similar to what a doctor does in his clinic. When you go to a doctor, you describe your symptoms and he prescribes certain treatment. The symptoms that you describe are
INTO THE HEART AND SOUL OF WATSON What does it take to build a machine that requires high-performance computing capabilities in the teraflop domain? After all, scanning millions of digitized documents in three seconds is something that only “big iron” systems can do. When IBM’s research scientists set out to tackle the challenge of developing Watson, they asked IBM to provide the most advanced, commercially available system, which was developed for running many analytics processes at once. The system comprises a cluster of Power 7 servers – in fact there are a total of 10 racks of Power 750-based servers. The computing power of Watson can be compared to over 2,880 computers with a single processor core, linked together in super high-speed network. The computational power is 80 teraflops. To put all this in perspective, a computer with a single processor core takes more than two hours to perform the deep analytics needed to answer a single Jeopardy! clue. Watson does this in less than three seconds. And for that it needs 15 TB of memory, to accommodate a massive database. Watson is designed according to Unstructured Information Management Architecture – UIMA for short. This software architecture is the standard for developing programs that analyze unstructured information such as text, audio and images.
equivalent to asking a question in a Jeopardy! game. The doctor relies on his medical knowledge and his years of experience to make a diagnosis. Often the doctor comes up with a hypothesis, considering two or three possibilities. Because of his experience he is able to make an accurate diagnosis. If in doubt, he probably asks you to do a couple of medical tests or refers you to a specialist. Dr Gupta explains that this is analogous to what the Watson system does. “When you ask a question, it searches through its bank of millions of documents and comes up with many potential answers. As it combines all these results, it narrows this down to relatively few possibilities, say about three or four. It also estimates the confidence it has in the answer being correct.” With 15 TB of memory, Watson stores not just Electronic Medical Records (EMR) but all the information around a patient’s case — symptoms, findings, physician notes, patient interviews and family history. Then it uses analytics technology to automatically consider all the texts, reference materials, prior cases, and all the latest knowledge in journals and medical literature to propose a differential diagnosis. While widespread adoption of Watson technology in the healthcare sector is still some time away, IBM’s research team is working in close collaboration with the medical fraternity in the West and is also in discussions with several hospitals. —With inputs from a technical paper on Watson, provided by IBM u Brian Pereira email@example.com
august 2011 i n f o r m at i o n w e e k 33
Better clinical analytics means better clinical care Healthcare providers are incorporating BI capabilities in new ways to improve patient outcomes By Marianne Kolbasuk McGee
outheast Texas Medical Associates, a midsize doctors’ practice in Beaumont, Texas, has slashed its hospital re-admission rate by 22 percent in the last year. It also has reduced the number of visits it gets from diabetes patients around the holidays by 15 perent (such patients sometimes stop watching their diets and testing their blood around the holidays). The improvements — mostly the result of fewer complications — came about because the practice, known as SETMA, has found a way to keep its patients healthier. SETMA hasn’t stumbled onto some miracle cure. Its doctors are using business intelligence and analytics to fine-tune their care. The practice is employing tools from IBM Cognos to improve therapeutic and preventive care programs and boost staff productivity, in addition to reducing hospital re-admissions. Two years ago, the practice invested in the Cognos tools to analyze data extracted from patient records. The Cognos products include dashboard software and tools for trending and auditing data. The extracted data resides in a data warehouse with records for 65,000 SETMA patients, including 7,500 patients with diabetes and 26,000 with hypertension. The data analysis tools are being used not only by BI specialists but also by senior management and clinicians. The tools let SETMA analyze the health and treatment trends of patients and audit the performance of SETMA clinicians to ensure that they provide evidence-based standards and adhere to best practices and quality-of-care
informationweek august 2011
measures from a number of sources. For example, SETMA’s use of the Cognos tools for daily audits on quality measures provides clinicians with specific goals for the patients they see during the day. “Healthcare is behind the times in the use of BI,” says James Holly, CEO, SETMA. “But everything that BI can do in other industries, it’s doing for us at Southeast Texas Medical Associates, leveraging data to improve care.”
How Tools Help
Using the analytics tools, SETMA clinical support staff can run patient reports prior to a patient’s visit to review an individual’s health status, determining whether screenings or blood tests are due, so that those tests can be ordered and completed before the visit. With much of that necessary work done prior to the office visit, doctors can discuss the findings with patients and develop a care plan during the scheduled appointment. That proactive effort even includes sending reminders to diabetic patients around the holiday season to encourage extra vigilance about exercise, glucose testing, and diet, says Holly. One year after implementing these preventive efforts for diabetic patients to better control their blood sugar and related complications, SETMA had a 15 percent decrease in patient visits during the holiday season. Data analysis lets SETMA identify issues that can play a role in patient outcomes. Hospital re-admission shortly after discharge is one good example of an issue doctors follow closely. Within the first six months of using the Cognos tools, hospital re-admissions
of SETMA patients were reduced by 22 percent. SETMA used the analytics tools to compare patients who didn’t get re-admitted to those who did, taking into account patient characteristics such as age, gender, ethnicity, followup care, and how soon follow-up care was received once the patient left the hospital. Using the Cognos tools to analyze patient EMR data, ICD-9 billing codes, and other information, SETMA identified patterns that showed groups of patients who are more likely to be re-admitted, and the factors that contribute to that. SETMA saw that patients who live alone and those in lower socioeconomic groups were at greatest risk for readmission. The data revealed, for instance, that patients who live alone are less likely to adhere to their followup care instructions while lower-income patients often can’t afford medications prescribed for ongoing treatment once they’re out of the hospital. The findings prompted SETMA to institute new post-hospitalization treatment plans that include help setting up immediate at-home care and interventional support services for patients who live alone. SETMA also created a foundation to help low-income patients pay for their medications. Before using the Cognos tools, it would take SETMA about 36 hours to run “daily” patient-encounter reports using the NextGen EMR database and query functions. That means SETMA was always at least a half-day behind in seeing if patients had received the evidence-based care they should have gotten from clinicians based on their health situation. Now applying the
Cognos tools to data in the data mart, complex analysis can be completed in seconds, says Holly.
Analytics For More Personalized Care
Meanwhile, Moffitt Cancer Center in Tampa, Florida, is among larger healthcare providers focusing on analytics to personalize the treatment of cancer patients. Moffitt recently announced it is collaborating with Oracle on a new health and research informatics system in which analytics plays an important role. The new system, built with Oracle Health Science technology, will support Moffitt’s Total Cancer Care program, a comprehensive approach that provides individualized, evidence-based care. With patients’ consent, Moffitt aggregates and analyzes data, including diagnoses, treatments, follow-up care, and bio-specimens such as tumor samples from thousands of individuals cared for at nearly 20 cancer treatment hospitals in the U.S. that participate in the Total Cancer Care program. Oracle and Moffitt are working on adding new data sources to the Oracle Healthcare Data Warehouse Foundation data model, including DNA sequencing data from patient tissue, including malignant tumors. The new system will also support the analysis of DNA sequencing data and other sources of patient data, in the hopes of providing more rapid insights into the effectiveness of treatments. The analysis could yield new findings about the effectiveness of specific cancer treatments on patients with common bio-markers and other similarities, enabling researchers and clinicians to more quickly advance personalized treatments for others.
Decision Tool Offers Free Cancer Help
Even healthcare providers that don’t have the manpower, IT budgets, or tech know-how to collect and analyze their own patient data can tap the decision support resources of others. CollabRx and the American Society of Clinical Oncology recently released a free, webbased decision support tool to help
cancer patients and oncologists identify the best choices of tests, treatments, and clinical trials based on details about an individual’s cancer type and other information. The new Targeted Therapy Finder — Melanoma app is the fruit of collaboration between ASCO and CollabRx, a California startup launched about three years ago by Jay “Marty” Tenenbaum, a melanoma survivor, Tech Entrepreneur, and Former Chief Scientist at Commerce One. While the app for melanoma, a type of skin cancer that’s often deadly, is the first tool to be offered, the collaboration between CollabRx and ASCO could lead to decision support tools for other cancers as well, says Tenenbaum. The web tool, which can run on mobile devices, helps doctors and patients identify diagnostic tests, treatments, and clinical trials associated with specific subtypes of melanoma and other characteristics of the patient, says Tenenbaum. Patients or doctors enter information about an individual’s melanoma, including the disease’s stage, origin, metastatic sites, and genetic mutations, into the app, and it narrows down drugs and clinical trials to consider.
Four Tips For Successfuly Using BI
Make sure data being analyzed is properly scrubbed and that data fields are normalized and accurate so that queries reveal valid comparisons
Realize that insights gained from data analysis will often lead you to do further inquiries to drill down even more on the findings
Give as many users access to the BI tools as possible to stretch the value of the tools.
Make sure the displays of your analytics are intuitively designed so that they require little explanation
The therapy-finder application transforms the contents of the knowledge base into personalized, actionable information that can help patients and physicians make informed decisions about tests and treatments, says Tenenbaum. Each cancer has a decision algorithm, represented in a set of decision/ workflow tables, or DWTs. As a part of the partnership, ASCO is providing CollabRx with access to its published melanoma content, including data presented in abstract format at the society’s annual meetings and study results described in peerreviewed journals such as the Journal of Clinical Oncology. The vision for the Cancer Commons database is to include outcome information about how patients are responding to various treatments. “Every day in oncology, there are thousands of experiments that go on but no one captures that data, or has the ability to analyze it,” he says. The ability to analyze and share outcome data on patients who have uncommon combinations of genetic mutations, chronic conditions, and other characteristics could make it easier for oncologists to zero in on treatments for patients who have rare similarities. Clinical trials for new treatments are often considered failures if only a handful of patients out of thousands respond positively to the new drugs, says Tenenbaum. But for the few patients who do respond well, those trials are hardly failures. When Tenenbaum received his melanoma diagnosis several years ago, it was as though “my hair was on fire,” he recalled. The anxiety of receiving a serious health diagnosis is often made worse by the fact that “five different doctors will give you five different suggestions” for treatment. Lives can be saved by getting patients matched up with the best available drug options sooner. “That’s what we’re trying to do,” says Tenenbaum. Source: InformationWeek USA
august 2011 i n f o r m at i o n w e e k 35
How cloud can improve medical image sharing Memorial Hermann Healthcare System utilizes a a secure, high-speed system to transfer thousands of diagnostic-quality images to caregivers By Neil Versel
ouston-based Memorial Hermann Healthcare System has effectively set up a medical imaging exchange in the cloud that helps assure diagnostic-quality images are available at any time throughout the health system. The system uses a secure, high-speed platform that meets HIPAA
requirements. The Memorial Hermann Image Gateway connects the picture archiving and communications systems (PACS) at all 11 hospitals and 28 imaging centers in Texas’ largest integrated delivery network, including the level 1 trauma center at the flagship Texas Medical Center. The platform, a major component of the Memorial Hermann Information Exchange (MHiE), can distribute and manage medical images on behalf of independent physicians and other referring hospitals in southeast Texas. “It creates a PACS-to-PACS connection by way of the cloud,” said Robert Weeks, Director - IT, Memorial Hermann Healthcare System. The network, hosted by DICOM Grid, a Phoenix-based cloud platform founded by neuroradiologists, went live in April at Memorial Hermann hospitals at Texas Medical Center, in suburban The Woodlands, and at more distant facilities in Beaumont and Huntsville, Texas. It has since been rolled out to other facilities, automatically feeding
informationweek august 2011
images into the GE Healthcare PACS at each location. According to Weeks, Memorial Hermann chose the cloud after DICOM Grid demonstrated that it could send huge PACS files at high speeds with adequate security. Weeks said he was sold on DICOM Grid’s patented “splitmerge” technology that encrypts then strips PHI from medical imaging data before an image goes out over the Internet, then decrypts and re-matches patient identifiers when the image gets forwarded to an authorized viewer. The system also maintains diagnostic quality of images even as files are compressed for faster transmission, Weeks said. Just as a video on DVD is of good quality but short of high definition, a radiological study on a CD is not diagnostic quality. The Memorial Hermann
Image Gateway improves on the practice of saving medical images to CD by keeping the high resolution needed for diagnostic purposes and by making images available on demand at multiple sites, according to Weeks. “We can actually have our radiologists and imaging technicians read from the cloud,” he said. Since the system has been online, Memorial Hermann has been uploading 6,500 studies a night to the cloud, Weeks reported, including
1,500 to 1,800 new images and thousands of historical images. The huge health system has 50 digital imaging modalities in its emergency departments, all linked to the Memorial Hermann Image Gateway, and the 28 imaging centers produce upwards of 100,000 studies a month, according to Weeks. Weeks informed that the image gateway proved its worth with the very first case it handled. A 10-yearold girl came to Memorial Hermann Beaumont Baptist Hospital in the middle of the night with a broken hip. It was determined that she needed to be transferred by air to the trauma center at Memorial Hermann Texas Medical Center. Images taken at the Beaumont ER were automatically routed to the trauma center’s PACS. “Prior to [the patient’s] arrival, we were able to examine the studies and prepare our plan of care. We were ready when she arrived,” Weeks said. Having the images from the referring site also eliminated the need to perform duplicate tests, according to Weeks. Trauma transfers are the first of three use cases for Memorial Hermann’s cloud-based imaging. The others include any referral involving imaging and as a real-time backup to any PACS installation in the health system, Weeks said. Future plans call for making the network available to outside organizations via the MHiE. Weeks envisions any healthcare provider with proper credentials being able to access the imaging exchange directly from a PACS or through a Memorial Hermann web portal. Source: InformationWeek USA
Blood centers use web-based business intelligence Business intelligence software, LogiXML, enables Blood Centers of America to buy and sell blood supplies online By Ken Terry
lood Centers of America (BCA), whose members supply about 35 percent of blood transfusions nationwide, first began using customized dashboards from LogiXML, a McLean, Virginia-based firm, more than five years ago. At first, BCA used LogiXML for benchmarking performance on metrics, ranging from payroll and staff hours to the number of red blood cell units collected. Previously, the blood centers had sent this data to BCA headquarters, where an employee entered it into spread sheets and disseminated them via e-mail. BCA used a similar approach to generate reports on which centers had excess blood supplies and which needed more blood. This system was too slow and cumbersome, so BCA looked for a vendor to custom-develop a new online ordering system. Greg Bishop, Director - Technology, BCA eventually decided to do the development himself, using LogiXML’s toolkit. It took him about two weeks to develop a prototype of the dashboard, which uses LogiXML’s product at the front end and an SQL database at the back end. Now BCA’s blood centers can use the web-based application to enter data, either directly or through files in specified formats that LogiXML can unload into the database. LogiXML also e-mails the status of blood supplies twice a day to the centers. After seeing which centers have excess supplies, a center that needs blood can enter an order into the system. To initiate a purchase, a center only needs to click a listing, complete the form including entering quantities desired, and submit. Upon submission,
informationweek august 2011
an e-mail is automatically sent to the offering center, which can then accept or deny the purchase offer. According to Bishop, BCA has shown its dashboard interface to nonBCA centers and has offered access to the system to non-member blood centers in the event of a catastrophes like Hurricane Katrina or a terrorist attack. Over the past decade, web-based business intelligence (BI) has been widely adopted in various industries. According to Chor-Ching Fan, Senior
we’re owned by the blood centers we serve. I have local users in my office, but the majority of the 1,200 users are in other blood centers across the country. So I wanted something for which they didn’t have to install any software. They just fire up their browsers, go to our web page, and click on a membersonly link and log in. The only software that’s installed is on my server.” For security purposes, BCA uses a role-based approach that gives
BCA has offered access to the system to non-member blood centers in catastrophes like Hurricane Katrina or a terrorist attack
Director - Product Management, LogiXML, nearly half of all BI applications are now being deployed over the Internet. However, he added, a lot of vendors that sell web-based systems are still primarily focused on client-server applications. The advantages of web-based BI, he said, include: l Familiar form: Because people are used to web browsers, it takes them less time to learn how to use dashboards. l Instantaneous Access: End users don’t have to download or install software. l Accessibility: Web-based BI can be deployed on tablets or smartphones, as well as desktop PCs. Explaining why BCA decided to use this approach, Bishop said, “We’re a blood center cooperative, which means
particular people access to different elements of the LogiXML dashboard. For example, Bishop said the centers order non-blood supplies through group purchasing organizations and only some people have access to the GPO contracts. The benchmarking aspect of the dashboard has helped blood centers improve their performance on key metrics, he pointed out. For example, one center was discarding 24 percent of its plasma because it wasn’t fit for injection, and the BCA benchmark was 6 percent. After emulating the best practices of other centers, that organization has reduced its discard rate to 9 percent. BCA has also used LogiXML to create a discussion forum on various aspects of blood center operations. Source: InformationWeek USA
How to make medicine smarter Johns Hopkins Medicine uses intelligent IT support for medical innovation and streamlining processes By Doug Henschen
onsult with your doctors early and often. That’s not just good advice for patients; it’s what Stephanie Reel, the top IT officer at Johns Hopkins Medicine, says healthcare technology leaders must do to master intelligent medicine. Speaking at the recently held InformationWeek Healthcare IT Leadership Forum in New York, Reel, Head of IT at Johns Hopkins Medicine since 1994 and Chief Information Officer at the University since 1999, said the institution’s success in technology innovation is directly attributable to its habit of involving clinicians in IT projects. That point was backed up by Dr Peter Greene, Johns Hopkins’ Chief Medical Information Officer who joined a panel discussion, What’s Next In Intelligent Medicine. There have been plenty of innovations at Johns Hopkins Medicine, a USD 5 billion-a-year organization, which includes a renowned medical school, five hospitals, a network of physician offices, and massive research operations. The institution was among the pioneers of electronic health records (EHRs) through a clinical information system deployed in the early 1990s. The effort succeeded, Reel informed, as it was initially supported by half a dozen clinicians who worked with IT to develop the system. This interdisciplinary group has since grown to include about 75 people, and it still meets every month to “listen to the people on the front lines who are trying to make a difference,” Reel said. Johns Hopkins’ clinical information system has evolved to embrace the latest EHR technologies, and it has also become the foundation for what
Johns Hopkins calls “smart order sets.” These order sets have built-in checks, balances, and analytics to ensure that appropriate procedures, tests, and protocols are followed for each patient. Among the hundreds of smart order sets now in use at Johns Hopkins, one guides decision on appropriate regimens for diabetics. Hundreds of variables and possible recommendations are pre-programmed into the order set, but the right regimen is determined though the combination of known patient history, up-to-themoment clinical measures, and feedback provided by doctors on a series of questions conditionally asked by the system based on known patient data and the clinician’s answers to key questions. Smart order sets are developed by specialists and extensively studied by peerreview groups before they are embedded into patient care workflows. “The challenge is that you have to do a lot of custom work that isn’t included in off-the-shelf EHR products, so you can’t take on everything,” said Greene. Johns Hopkins has prioritized based on risk, developing smart order sets for high-morbidity scenarios, such as diabetic management and anticoagulation management. The institution has been widely recognized for its work on preventing venus thromboembolism (VTE), a dangerous blood-clotting condition that has been decreased by embedding intelligent risk-factor algorithms into admissions, post-operative, and patienttransfer order sets. Also to minimize alert fatigue — the
common problem whereby so-called intelligent systems and devices fire off many alerts that are simply ignored — Johns Hopkins has built role-based and history-driven rules into many of its smart order sets. Cardiologists, for example, would be assumed to be aware of the dangers of ordering both Cumadin and Ameoderone for the same patient whereas an intern would be shown an alert. But if an intern had already cleared such an alert for a particular patient on a particular day, the system recognizes that history and won’t alert that intern again that day regarding that patient. At the cutting edge of intelligent medicine is personalized care. Smart order sets are part of Johns Hopkins’ strategy on that front, and the institution also has at least half a dozen departments working on other forms of personalized care. The Department of Oncology, for instance, is exploring the use of genomics — study of the DNA of individual patients and of cancer cells. In the future, the DNA of both the patient and his or her cancer will be “readily available and integrated into every decision we’re making about your care,” Greene said, though he acknowledged that might be years from now. Given that there are 3 billion base pairs in the human genome, the most advanced work will involve big-data computing. Reel and Greene encouraged their peers to push the use of predictive analytics and use of data on the clinical side of their operations. The next step in intelligent IT support for medicine, she said, would be to work with clinicians to minimize time-wasting usability, interoperability, and security hurdles. That, she said, will give doctors more time with their patients. Source: InformationWeek USA
august 2011 i n f o r m at i o n w e e k 39
How mobile tech can fight war on diabetes ONC-funded Beacon Communities will pilot a mobile health campaign to aid in the diagnosis and treatment of the prevalent chronic illness By Nicole Lewis
s the value of technology used to fight diabetes becomes more apparent, two Department of Health and Human Services-funded projects — Southeast Michigan Beacon Community in Detroit, and the Crescent City Beacon Community in New Orleans — will launch public health campaigns that rely on mobile devices to help individuals assess their risk of type 2 diabetes and provide them with relevant health information, such as local health and wellness resources. Both communities fall under the Beacon Community Cooperative Agreement Program — a three-year project of the Office of the National Coordinator for Health IT (ONC), which provides USD 250 million in funding to promote real-life implementations of health IT in 17 diverse communities throughout the United States. The public health campaigns, which were announced at the American Diabetes Association’s annual conference in San Diego, will also be supported by the American Diabetes Association, the Centers for Disease Control and Prevention (CDC), and mobile health (mHealth) provider Voxiva. The model for this project is the national Text4Baby campaign that delivers evidence-based health tips via text message to expectant women and new mothers. Voxiva is a founding partner of Text4Baby and will provide
informationweek august 2011
the mHealth platform for the pilots in Detroit and New Orleans. According to Paul Meyer, Chairman and President, Voxiva, individuals will be able to complete an interactive risk assessment from their cell phones using SMS. By starting with text messaging, Meyer said the program can reach the broadest possible audience, including those with lower incomes. “Based on their responses and corresponding risk level, they will be connected to care or other resources in the community. Like text4baby, they can sign-up to receive health educational messages about diabetes. They will also be able to enroll in SMSbased services to help them improve their diet, exercise more, and lose weight,” Meyer said in an interview. He further added, “Over 79 percent of Medicaid beneficiaries are active users of text messaging. Individuals do not need a smartphone or web access to benefit from these services.” Aaron McKethan, Director of the Beacon Community Program at ONC, said Beacon Communities are using technology to improve healthcare delivery in their local communities, and can assist diabetics to better manage their illness. “The mobile health campaigns planned for Detroit and New Orleans are geared toward helping more patients understand their risk factors for the disease and connect them to their doctors, clinics, and other community resources to better manage their health,” he said. Dr Vivian Fonseca, Professor of medicine, the Tullis-Tulane Alumni Chair in diabetes, and Chief of
endocrinology at Tulane University Medical Center, said there are currently 385,000 people living with diabetes in Louisiana, including about 90,000 in the New Orleans metropolitan area. “I am delighted that this effort is being started in New Orleans which has a population that has been very severely affected by diabetes and its complications,” Fonseca said. With an emphasis on reaching out to those who may have diabetes, but have not been diagnosed, and those at risk for diabetes, mHealth campaigns allow engagement with a large population while simultaneously tailoring information to the individual based on his or her own risk factors. In most cases, this involves ensuring that patients connect to medical personnel, who can help them manage their condition before costly complications arise. The CDC and American Diabetes Association will work with ONC, the Beacon Community grantees, and Voxiva to design, deploy, and test the campaigns in the two large urban areas. This collaboration will assist in the design of the tools and interventions, as well as the development of effective communications that make the best use of local resources. The public health campaigns will also be designed to evaluate the effectiveness of this approach in connecting people at risk of diabetes to the care they need. The American Diabetes Association, CDC, ONC, and ONC’s Beacon Communities plan to work with other stakeholders, who wish to run similar campaigns in the future. Source: InformationWeek USA
iPads and other mobile consumer devices have made their way into the exam room, bringing with them concerns about security, tech support, and infection control By David F. Carr
informationweek august 2011
ince gadget-happy doctors got their hands on the iPad last year, many have turned it from a toy into a professional tool. Dr Jeffrey Westcott, cardiology Board Chair at Swedish Medical Center, a four-hospital complex in Seattle, even sees it as a lifesaver. It can “help me avoid mistakes by knowing more about the patient when I’m asked to make a decision.” Just the other day, he got a phone call from a pain doctor who wanted to attach electrodes into the epidural area around the spine of a mutual patient and wanted to take her off her anticoagulant in preparation for the surgery. Westcott was at home when he got the call, but he had his iPad and logged into his hospital’s Epic electronic medical records system’s iPad client and was able to see that the woman had an artificial aortic valve and must remain on the drug for that reason. “I didn’t have independent recall of that lady, but within two seconds I was able to look it up,” he says. “That’s a big deal, and it happens every day. She could have had a stroke.” Westcott also sees great potential in using the iPad to educate patients on their conditions and treatment. He’s so enthusiastic that he’s been working as an unpaid consultant to 3D4Medical, a medical imagery company, to create more vivid and accurate animations of common heart conditions. Dr Lacy Harville of East Tennessee Cardiovascular Surgery Group has been doing the same. When 3D4Medical raised the issue of a consulting fee, Harville brushed it aside, saying “I just want to have this for my own patient’s benefit.” Harville, too, thinks these graphics and the accessibility the iPad is giving him are saving lives. They help him convince patients that they really need surgery when, for example, they’re suffering from a condition like a leaking heart valve that leaves them weak but not really feeling ill. For years, he has used hand-drawn sketches, but 3D4Medical’s animation makes the point more clearly. “When they can
see a normal valve, and then see how a damaged one works, it just clicks 10 times better,” he says. Despite all the benefits, many hospitals and healthcare technologists are still trying to sort out where the iPad and other mobile devices fit into their medical bags. Ensuring information security and protecting patient privacy both loom large in the context of devices that can easily walk out the door. If it’s a doctor’s personal device, rather than hospital property, it’s going to exit at the end of every shift. While that lets the doctor quickly look up medical records when called at home or at a restaurant, it also opens up the possibility that the device will be left behind on a restaurant table. Mobile device security is relatively easy to deal with. Strict password policies and the ability to remotely wipe the memory of a device that’s lost or stolen can alleviate most security concerns. But other issues are challenging the widespread use of mobile devices in medical settings, including the lack of native support for many non-Windows devices, the inability to disinfect many mobile devices, and device overload, where clinicians are finding themselves toting around too many of them.
Coal Miner Doctors
Doctors and nurses are no strangers to mobile electronics, often looking “like coal miners, with tools hanging all over them,” says Yadin David, Founder of Biomedical Engineering Consultants and an IEEE Senior Member. Instead of adding another device to their collection of pagers, mobile phones, and bar-code readers, the goal should be to use one smart device to replace several existing gadgets, he says. Mobile computing in the hospital means everything from computers on rolling carts to tablet computers with stylus input for taking notes or collecting electronic signatures. It’s a market in which Apple’s products have had a big impact. When the iPhone came on the scene, its touch screen gave it a larger viewing area than a BlackBerry with its keyboard and made it possible to envision new
applications. Even more important was last year’s introduction of the iPad, with a 10-inch screen suitable for reviewing radiology images and detailed medical reports. All these features have won the iPad many fans in healthcare, but that doesn’t necessarily mean it’s going to be a standard-issue device. Many hospitals already use Windowspowered tablets, including medicalgrade devices like the Panasonic Toughbook H1 designed for healthcare environments. There are also alternatives like the Samsung Galaxy Tab, Motorola Xoom, and Research In Motion PlayBook all smaller tablets that have been promoted as being small enough to fit in a lab coat pocket. (Westcott suggests things might go the other way, with lab coats being designed to have bigger pockets to fit the iPad.)
Healthcare technology professionals are adopting different strategies for handling the demand for mobile computing. Some are determined to standardize on one device or operating system, while others embrace a “bring your own” approach where practitioners are allowed to connect their personal devices to the enterprise network. “I don’t expect this to stabilize,” says Charles Colander, CIO at Elmhurst Memorial, a 340-bed hospital in Elmhurst, Illinois. “Flexibility continues
to be the key attribute we need to maintain.” So much of mobile technology comes down to personal taste, like whether a doctor wants the iPad’s 10-inch screen or something smaller, he says. But Colander questions whether any devices that come out of the consumer marketplace should be on a hospital’s technology shopping list. “They’re just not medical grade, so infection control is a big challenge. At least if the doctor buys it for himself, some of that goes away because he’s the only one handling it.” The Panasonic Toughbook H1 may not be as sexy as the iPad, Colander says, but it’s designed for hospital use, including routine disinfection and the use of a stylus instead of a touch screen. “Frankly, the stylus-type input for full-function use works better with our applications,” he says, noting that software originally designed for Windows desktops can be difficult to use with a fingertip touch. Opinions on infection control and mobile device use vary widely. iPad commercials show doctors happily using the tablet to view medical diagnostic images, but “it’s obviously not a healthcare device” says John Curin, head of the healthcare practice at Burwood, an IT consulting firm. “I couldn’t disinfect it if I wanted to.” iPad defenders stress that its sleek case and lack of a keyboard mean fewer nooks and crannies in which bacteria can hide. Dr John Halamka,
Five Mobile Strategies Set a standard: Establish and communicate a policy for your organization Bring your own: If you allow personal mobile devices on your network, make sure they meet minimum security and privacy standards. Go virtual: Virtual desktop technology can put Windows-based applications on iPads and other mobile devices that don’t run Windows. That way, data isn’t stored locally. Access via the web: Web applications are another way to provide clinicians with access on the device of their choice Try native apps: Medical software vendors are starting to ship native apps for iOS and other mobile operating systems. If demand is high enough, consider creating your own iPad applications
august 2011 i n f o r m at i o n w e e k 43
Feature the CIO of Beth Israel Deaconess Medical Center in Boston and a frequent technology innovator, says the iPad is “completely disinfectable.” Even though Apple advises against wiping it with disinfecting solution, doing so seems to cause no harm, he says. “In a case, an iPad is actually a pretty rugged device for clinicians who spend much of their day reviewing information and want to use this to say, ‘let me show you what the gall bladder is,’” says Halamka, who’s also a practicing physician. Halamka’s Harvard-affiliated hospital system has about 300 iPads and 1,500 iPhones on its network, all physician-owned devices. Other devices and operating systems are
native iPad support. Some hospital CIOs also see a virtual client as a security measure. Because the user interface is streamed to the device, no patient data or other sensitive information is downloaded or stored on the device. Medical software makers are starting to deliver native iPad clients as well. The Epic Canto app provides read-only access to medical records. The startup DrChrono has created a complete medical records system for small practices, delivered over the Internet and accessed on iPads. Other native iPad apps starting to reach the market are more specialized, such as AirStrip Cardiology for remote access to electrocardiogram results. The University of Chicago Medical
with sterilizing fluid without having to touch the iPad itself. Initially, Patel’s program used Apple tools to enforce standard security, and Patel had to provide her own tech support because she moved forward before her IT department was ready to set a mobile computing standard. Now the hospital is planning to implement a device management system from MobileIron that will support multiple phone and tablet operating systems. Being a trailblazer has been worth it, Patel says. “Now that we’ve demonstrated it’s feasible and doable, IT is working with us. We have their ear on what’s going to be helpful and useful, and what’s not going to be helpful at all.”
Despite all the benefits, many hospitals are still trying to sort out where the iPad and other mobile devices fit into their medical bags
equally welcome, once his IT team verifies that they meet minimum security and encryption standards, he says. IT can’t expect to manage mobile devices like corporate desktops that run a standard operating system image, locked down against user changes, Halamka says. “These are lifestyle devices, not something the IT department is requiring them to use.”
Lack Of Native Support
Beth Israel Deaconess was well prepared for the advent of mobile devices because it had already established a policy preventing patient data from being stored or cached on any device except a secure server, and its medical record applications run on any web-enabled device, Halamka says. In many other medical facilities, iPad users wind up accessing patient information through Windows, using a remote or virtual desktop interface like a Citrix client. That’s partly because most hospital information systems lack
informationweek august 2011
Center is providing virtual access via Citrix for the iPads it’s providing to each of its 115 resident doctors. Residents use the iPads to retrieve medical records, view medical images, and read journal articles from the hospital’s digital library, says Dr Bhakti Patel, who organized the program. So far, the iPads are being used only for data retrieval and order entry and not for note taking. The residents take them home at night, but the Wi-Fionly models aren’t ideal for remote access. Residents are on their feet and on the move all day, so having a personal device they can use to access medical records means they don’t have to jockey for a seat at a shared computer, Patel says. Access through Citrix has proven to be fast enough for use in emergency situations, she says. The medical center solved the portability and disinfecting issues by fitting the iPads with a hard-cover case that has a ModulR shoulder strap attached. The case can be wiped clean
Doctors haven’t always been enthusiastic about mobile devices. Jeff Cash, CIO of Mercy Medical, a 260-bed hospital in Cedar Rapids, Iowa, recalls the advent of personal digital assistants, when he had to buy PDAs and loan them out just to get physicians to try them. The iPad phenomenon is different. “I haven’t had a doctor ask us to provide him with an iPad yet. It’s more like, ‘I have it, and I want to introduce it into my work life at the hospital,’” he says. Cash supports those requests with PatientKeeper software, which is middleware that adds a physicianfriendly user interface to existing medical records systems. The native iPad client is tailored for the touch screen, making it easier for doctors to record patient notes by choosing from template options that require minimum typing. Vendors must design the system with that in mind for an iPad app to be successful, Cash says. He’s working with PatientKeeper to develop a physician order-entry app that would let doctors enter instructions for nurses to follow up on among other things. The iPad isn’t universally accepted in healthcare. The Ontario Shores Centre for Mental Health Sciences in Ontario, Canada, recently standardized on Windows-powered tablets from
Mobile software makers are starting to deliver native iPad clients, such as Epic Canto, DrChrono, AirStrip Cardiology, and so on Motion Computing, which has been making mobile computers for healthcare for years. They’re “very rugged and drop tested, and they’re small and easy to carry. For the clinical purpose that we have, they’ve worked very well,” says Dr Ilan Fischler, a Psychiatrist and the hospital’s acting Medical Director. The iPad doesn’t provide all those advantages, he says. Ontario Shores’ IT group has gone with one standard supported device and has a “hard-and-fast rule against consumer devices,” says Tammy Young, the technical analyst who led the Motion Computing implementation. “We don’t want 100 different devices out there. If a physician purchases an iPad and asks to be put on the network, we don’t do that.” The Motion tablets run Windows 7, so they can be managed and secured just like desktops, Young says. They get a full copy of the hospital’s Meditech healthcare information system client; sensitive patient data is stored on
informationweek august 2011
the server, not the device; and data on the device is encrypted. So far, there haven’t been problems with the devices being lost or stolen. “If iPads were rolled out, we probably would see them walking off all the time because they’re a cool device,” Young says. The Motion tablets look much more clinical. “That may be an advantage all its own.” Seattle Children’s Hospital’s CTO Wes Wright has an informal policy allowing devices like iPads on his network, but he isn’t interested in supporting native iPad access to hospital systems. By allowing access only via Citrix, he hopes to keep his network more secure. However, he says, it might make sense for Citrix to create a mobile emulator that would combine virtual access with a user interface based on that of phones and tablets, rather than projecting a Windows desktop user interface onto these devices. If the hospital does eventually buy tablets, he’s leaning
toward the Windows-powered Asus Slate. Meanwhile, Wright is wondering if tablets are even necessary for his hospital, which is wired well enough that the best way to deliver computer access at the bedside might be to put Wyse Xenith thin-client terminals in every room, hung from a swivel arm mounted on the wall. “We could put those almost anywhere you would want to have a handheld device,” he says. Whatever his technology preference, however, Wright wouldn’t dream of trying to take a doctor’s iPad away. “I saw that train coming, and I got out of the way,” he says. And that’s the same train that many other healthcare IT professionals are either getting out of the way of or getting on board with, as the doctors and other clinicians they work with insist on mobile and remote access to patient records and other vital data. Source: InformationWeek USA
A brief preview The world’s leading global business technology event is living up to its name by attracting a huge list of business technology leaders and exhibitors By Srikanth RP
n its third avatar in India, INTEROP is demonstrating why it is the leading global business technology event. The ‘Call for Papers’ program, received an overwhelming response. We have received over 200 submissions from the cream of the IT industry. From the submissions received, we have every reason to believe that this year too INTEROP will be everything that one has come to expect from the leading business technology event. We have over 50 speakers from all over the world spread across 30-plus sessions, six keynotes, over three plenary panel discussions, and several workshops and special sessions, in parallel tracks. Our approach has been to bring together a mix of subject experts, experienced practitioners, distinguished analysts, technology gurus and promising young enterpriseIT professionals from India. The added bonus is the large exhibit floor adjoining the conference halls, where delegates and visitors can see the latest technologies being showcased and demonstrated by leading technology vendors, all in one place. These include names such as Cisco, HP, Wipro, RSA and EMC. Among keynote speakers, we have prolific speakers such as John McCool,
informationweek august 2011
SVP and GM, Data Center, Switching and Services Group, Cisco and Anand Sankaran, Senior Vice President and Business Head - India, Middle East & Africa business of Wipro. John McCool is a part of Cisco’s Data Center, Switching and Services Group, which accounts for over a third of Cisco’s product revenues. McCool is responsible for the strategy, engineering, and marketing direction of Cisco’s comprehensive family of enterprise Ethernet switching products, application networking, and system solutions. Similarly, Anand Sankaran from Wipro, is a prolific speaker, and carries out the P&L responsibility for Wipro Infotech. Sankaran has been with Wipro for the last 19 years and has held several key positions in the organization. Some of them include General Manager - Managed IT Services, Wipro Infotech, Head - Sales - Professional Services, Wipro Infotech, Head - Sales, Alliances and Market Making - Markets and National Sales Manager - Wipro Acer. For the attendees, we have an interesting mix of panel discussions. On Day One, we have a panel discussion titled ‘Lessons from India’s toughest and largest projects’. This panel discussion will share insights from experienced CIOs on what does it take to prepare,
plan and execute some of India’s toughest projects? Another panel discussion shares some practical tips on how CISOs can communicate complex security plans to largely non-technical board members. We also have an extremely interesting session by Dr Pawan Agrawal, CEO, Mumbai Dabbawala Association. This interactive session titled, ‘Lessons for CIOs from the Mumbai Dabbawala,’ elaborates how the Dabbawalas of Mumbai deliver more than 2 lakh lunch boxes everyday with no errors. There are many lessons to be learnt from a community that uses no sophisticated technology but still manages a supply chain that is the envy of global organizations. As the number and diversity of vendors increase, CIOs will need to adhere to best practices to get the most out of vendors. We have a speaker of international repute, who has kindly consented to deliver a session on this crucial topic. Ellen Daley, VP & Practice Leader, Forrester Research will share best practices and experiences in an interactive session, titled ‘How CIOs can successfully navigate the vendor landscape’. Daley says that CIOs today stare at a seismic expectation gap between demands of their digital-savvy employees, customers and business
speakers leaders who expect accelerated speed and agility — yet an IT organization laden with yesteryears metrics and not keeping pace with these rising demands. “CIOs turn to vendor partners to meet this expectation gap. As a result, these vendor partnerships rise in importance as they link to faster business innovation and results that constituents demand. The CIO role thus becomes similar to an orchestrator, driving business results with a hybrid set of internal and partner resources,” says Daley. CIOs cannot miss this mustattend session.
Learning from the masters
For budding CIOs, we have practical case studies, where experienced CIOs will share how they have executed a particular project. A case in point is the session by Venkata Krishnan, Head of IT, Mahindra Vehicle Manufacturing. His session titled ‘Building a future ready IT enabled plant’ details how organizations can build a future ready plant from scratch. He will highlight how the entire project rollout for the Mahindra Chakan plant was undertaken right from the grassroots level to a full fledged manufacturing facility. Another session by Sheshagiri Rao, Head - IT, Indian Rayon elaborates on how Indian Rayon reduced time for releasing payments and gained huge savings by implementing a comprehensive e-payment system for its 700 vendors. We also have an extremely interesting session on social computing, that is extremely relevant today. One of the most experienced and respected CIOs in the industry, Umesh Jain of Yes Bank, will share his perspective on how social media can be used by the banking industry. With more customers using social media and taking decisions by taking feedback from their peers, its impact just cannot be ignored. This session will help attendees understand the use cases of social media in the BFSI industry.
A huge focus on cloud
If your company is a prominent player
in the emerging world of cloud, you cannot afford to miss the sessions dedicated to the cloud at INTEROP Mumbai 2011. From setting up a cloud, deploying, architecting and measuring ROI — we have almost every possible topic covered with respect to the cloud. We have Ramprasad Kan, Chief Technologist, Wipro Technologies presenting a session titled, ‘Managing a private cloud’. Wipro was one of the first vendors to build a private cloud in India. This session will provide valuable insights about key issues to focus on implementing private clouds. Another key speaker in the world of clouds, Janakiram MSV, Technology Evangelist, Amazon Web Services, shares his unique expertise and best practices in a session titled ‘Architecting for the cloud.’ You must attend this session to understand the design patterns and guidelines for architecting scalable, reliable and available cloud applications. In a hybrid world of on-premise and cloud-based applications, managing user identity will be critical. We have a veteran speaker, Ravi Gururaj, VP, Engineering, Data Center and Cloud Division, Citrix who will deliver a key session, titled ‘Managing user identity in hybrid cloud environments’. This session will focus on the network bridging and network-based identity management solutions that enable administrators to get a single view of all the enterprise applications and manage user provisioning and tracking from a central management console. Another session delivered by Vijay Kumar, Principal Technology Architect, Infosys will focus on ‘Testing of the cloud.’ This session will share details on the different testing methodologies, tools and approaches that can be carried out in the cloud environment and for cloud applications. If you are thinking about how you are going to present your business case for moving to the cloud, attend an insightful session, ‘How to calculate ROI for moving enterprise applications to the cloud,’ by Shreekanth Joshi, Associate Vice President - Cloud
Dr Pawan Agrawal
august 2011 i n f o r m at i o n w e e k 49
Key speakers at INTEROP Mumbai 2011 l
John McCool, SVP and GM, Data Center, Switching and Services Group, Cisco
Anand Sankaran, Senior VP and Business Head - India, Middle East & Africa business of Wipro
Janakiram MSV, Technology Evangelist, Amazon Web Services
Ramprasad Kan, Chief Technologist, Wipro
Ellen Dalley, VP, Forrester Research
Slavik Markovich, VP, CTO, Database Security, McAfee
Umesh Jain, CIO, Yes Bank
K V Krishnamurthy, Head IT, Corporate Centre, Mahindra & Mahindra
Raj Dhingra, Global CEO, NComputing
Faraz Ahmed, CISO, Reliance Life Insurance
Ravi Gururaj, VP Engineering, Data Center & Cloud Division, Citrix
KK Mookhey, Founder, NII Consulting
Services, Persistent Systems. On the subject of cloud, can we forget the security aspect? To understand how we can use the cloud securely, we have an insightful session from Faraz Ahmed, CISO, Reliance Life Insurance, who tells us how the cloud can be used in the enterprise context while complying to regulatory standards.
Social media gets the attention
The conference topics at INTEROP Mumbai 2011 reflect the changing nature of the industry, and accordingly, we have multiple sessions related to the ‘Consumerization of IT,’ and its impact on the enterprise. With unprecedented proliferation of Wi-Fi-enabled smartphones and tablets, IT departments are under pressure to allow employee-owned devices onto their enterprise networks. Some companies are treating this as an opportunity to cut IT costs and empower employees to be more creative and productive at their jobs. Others are skeptical about the security risks these personal devices may bring along into the enterprise. On this topic, we have an apt session, titled ‘Bring your own device: An IT dream or a security nightmare?’ by Kaustubh Phanse, Principal Wireless Architect,
informationweek august 2011
AirTight Networks. On similar lines, we have another session, by Dr Prasad Ramanathan, Associate VP, Research and Innovation, iGate Patni, who stresses on the importance of Enterprise Mobile App portals, which can be used by enterprises to enforce security policies for mobile devices. Another extremely interesting session, delivered by Abhilash Sonwane, Senior Vice President, Elitecore Technologies, talks about how social media networks can be the next frontier of corporate espionage. Sonwane will show how individual tidbits of information lying across social media, when seen together as an applied jigsaw puzzle, can reveal surprising insider information about the company that wouldn’t be readily available to outsiders. You would not want to miss out on this session. Another session, titled, ‘Tweet, Like, and Skype Your Network into Disaster,’ by Mohit Puri, Country Manager, WatchGuard Technologies, elucidates the key threats faced by enterprises from social media, and highlights how enterprises can build effective defense mechanisms. We also have Prabhu Singh, Head ClusterLogic, E-Logic Systems who will present a case study on how the Adityapur Auto Cluster (AAC) is taking
its SMEs to the next level by using social media techniques.
Security remains a key area of interest
With the increased usage of technologies such as cloud computing and mobile-based solutions, the security landscape too has evolved considerably. This year, we have some of the best speakers who are known for their domain knowledge on security. We have an interesting workshop by Slavik Markovich, VP, CTO, Database Security, McAfee, who will present an in-depth session on SQL Injection — one of the most prominent attack vectors used by hackers. Although SQL injection is well understood, it still stars in top 10 attack problems and many websites and applications are still vulnerable. In this session, Slavik will show how hackers use advanced techniques to exploit SQL injection vulnerabilities and steal information from the compromised application and other databases on the network. Reconnaissance techniques, error manipulation, blind SQL injection, worms and back-doors will be explained and demonstrated against live servers and a demo web application.
Panel discussions l
Lessons from India’s toughest and largest projects
Talking to your board about security
The new CIO order
Tales from the cloud
Lessons for CIOs from the Mumbai Dabbawala - Dr Pawan Agrawal, CEO, Mumbai Dabbawala Association
Deep Dive into SQL Injection – Slavik Markovich, VP & CTO, Database Security, McAfee
We also have one of India’s most well-known security experts, KK Mookhey, Founder, NII Consulting, who will share his insights on ‘Advanced Pertinent Threats, and how to defend against them.’ Last, but not the least, we also have an interesting session by Sachin Raste, Security Research Analyst, MicroWorld Software Services who shares his knowledge on the implications of multi-vector attacks for organizations, and offers tips on how enterprises can secure mission critical applications and data to ensure business continuity.
In the past few years, there has been a lot of focus on the user experience and the way humans and machines interact and exchange information. Usercentric designs are gaining importance and newer ways of interacting with computers and other devices are getting more intuitive and interesting. Natural User Interface makes use of the normal (natural) human modes of interaction viz. fingers, hands, eyes, head, facial expression, body motion, speech and thoughts to interact with digital information. We have an extremely interesting session by Ashish
Must Attend Sessions l
How social media networks can be the next frontier of corporate espionage
Abhilash Sonwane, Senior Vice President, Elitecore Technologies
Advanced Pertinent Threats, and how to defend against them - KK Mookhey, Founder, NII Consulting
How CIOs can successfully navigate the vendor landscape – Ellen Daley, VP & Practice Leader, Forrester Research
Cloud Sessions @ INTEROP Topic Speaker Managing a private cloud
Ramprasad Kan, Chief Technologist, Wipro Technologies
Architecting for the cloud
Janakiram MSV, Technology Evangelist, Amazon Web Services
Testing of the cloud
Vijay Kumar, Principal Technology Architect, Infosys
Calculating ROI for moving enterprise applications to the cloud
Shreekanth Joshi, Associate Vice President - Cloud Services, Persistent Systems
Managing user identity in hybrid cloud environments
Ravi Gururaj, VP Engineering, Data Center & Cloud Division, Citrix
Harnessing the cloud securely for enterprise computing
Faraz Ahmed, CISO, Reliance Life Insurance
Varerkar, Head - User Experience and Microsoft Practice, L&T Infotech, who shares research into NUI technologies and how L&T Infotech has leveraged it to create an Executive Table. Security needs to be balanced by usability. For long, information executives have been struggling to find the right balance such that we achieve optimum level of security without impairing user experience. But what if we change the game and make security invisible? We have one such session, by Tejas Lagad, Product Manager, Nexus who explains how enterprises can meet stringent security and regulatory guidelines without disrupting normal work processes of users.
INTEROP Mumbai 2011 also remains a platform for honoring the best of talent in the IT space in India. Accordingly, we have three award ceremonies, the Global CIO award, the Future Strategist awards and the EDGE awards. The Future Strategist Award is an initiative from InformationWeek to identify the next CIO-in-the-making. This award is conferred on a person in an organization who is deemed most suitable for the CIO role. The Global CIO award is an award given by InformationWeek to CIOs whose
responsibilities extend to the global level. The EDGE Award is an initiative by InformationWeek to identify, recognize and honor end-user companies in India that have demonstrated the best use of technology to solve a business problem, improve business competitiveness, and deliver quantifiable ROI to stakeholders. Winners from FSA, Global CIO, and EDGE will be felicitated in an award ceremony, spread over three days of INTEROP.
None of the wonderful sessions would have been possible without the support of our exhibitors. INTEROP Mumbai 2011 will see more than hundred exhibitors with an expected audience of more than 5,000. The platinum sponsors for INTEROP include HP, Cisco and Siemens Enterprise Communications. Gold partners include EMC, Digisol, Riverbed and Wipro, while we have a Silver partner — Druva Software. Bronze sponsors include Emulex, L&T Infotech, NComputing, Network Hardware and Stellar Data Recovery. Our Lanyard sponsor is Wipro. u Srikanth RP firstname.lastname@example.org
august 2011 i n f o r m at i o n w e e k 51
DSCI Excellence Awards 2011
Award validates best practices and security frameworks within organizations; evokes discussions on public-private partnership for national cyber security; and creates a platform for companies to share security initiatives
informationweek august 2011
he Data Security Council of India, a NASSCOM initiative, announced the winners of the DSCI Excellence Awards at a ceremony in New Delhi on July 22, 2011. Sachin Pilot, Honâ€™ble Minister of State, Communications & IT, Government of India, presented the awards to
the winners. Through its Excellence Awards , DSCI aims to annually honor organizations and individuals who have taken strategic, proactive and innovative security efforts to help their organization address real risks; elevate the role of the security function and its contribution in the overall business ecosystem of an organization; and bring about awareness towards the need for information security within organizations and society at large, to harness security as a lever for economic growth. Sachin Pilot, Honourable Minister, lauded the steps taken by the winning organizations and individuals in establishing safe practices in their organizations and also highlighted the initiatives being taken by the government towards promoting data protection, while emphasizing the role of public partnership in building trustworthiness of Indian companies. While congratulating the winners, Dr Kamlesh Bajaj, CEO, DSCI said, â€œGiven the constantly evolving threat landscape in which we operate today, and our dependency on technology for our business operation, there is a need to approach security in a way that not only safeguards our data, but also builds
confidence in our stakeholders. The results of DSCI Excellence Awards evaluation process have re-affirmed the very high standards of information security deployed by Indian companies.” The awards ceremony was the culmination of a detailed evaluation process developed by DSCI, in consultation with PricewaterhouseCoopers, with eminent experts from the industry serving on the Jury panel to decide the winners. InformationWeek had an exclusive press conference immediately after the awards ceremony and spoke to the winners. Said Felix Mohan, Senior Vice President and Global Chief Information Security Officer, Airtel, “The DSCI Award is a validation of the best practices and the implementations, within a company. It serves the same purpose as benchmarks and surveys — ways that organizations use to find out where they stand, vis-à-vis others, and what are the best practices they are following.” According to Sumeet Parashar, CISO, CSC (India), “This (awards event) also creates a platform for the industry to come together and share what everyone is doing, in a more structured format. The proposed DSCI workshop (in November 2011) will also be meaningful for all of us and we can learn from each other.” P Unnikrishnan, Worldwide Manager, BCP & Security, HP said, “Such Awards create healthy competition in the industry and it helps us improve controls. This also motivates organizations to improve their information security frameworks, and hence the overall security level in the industry.” Dr Jai Menon, Director – Global Innovation & IT, Bharti Airtel said, “An award of this nature actually signals a point of inflection. We now have a clear recognition and a wake up (call) to say that India will lead through a new set of standards, a new genre of what data security really means — because data has proliferated everywhere, especially with 3G and BWA.” The organizations honored with DSCI Excellence Awards are: l Bharti Airtel for Security in Telecoms l HDFC Bank for Security in Banks l Cognizant Technology Solutions for Security in IT Services Company (Large) l IBM Daksh Business Process Services for Security in Global BPO l Financial Technologies (India) for Security in IT Services Company (SME) l Hewlett-Packard GBS, Global E-Business Operations for Security in Captive BPO l CSC for Raising Security Awareness In addition, there were two special awards for ‘Security Leader of the Year’: l Felix Mohan, Global CISO, Bharti Airtel (Domestic Industry) l Raja Vijay Kumar Adapa, VP & Global Information Security Leader, Genpact (IT-BPO)
Dr Jai Menon, Director – Global Innovation & IT, Bharti Airtel receiving the award for Security in Telecom
Dr Kamlesh Bajaj, CEO, DSCI said there is a need to approach security in a way that not only safeguards our data, but also builds confidence
Dr Bajaj presents a citation to Nandita Jain Mahajan of IBM Daksh Business Process Services for Security in Global BPO
The awardees suggested ways in which private companies can work with the government towards establishing security standards and frameworks
[ Photographs by: Brian Pereira ]
august 2011 i n f o r m at i o n w e e k 53
Essar Group deploys secure Wi-Fi The multinational conglomerate uses Cisco WLAN to provide seamless connectivity to employees and guests By Vinita Gupta
he Essar Group is a leading player in the steel, oil & gas, power, communications, shipping ports, construction and minerals sectors. With operations in more than 20 countries across five continents, the group employs a workforce of 70,000 people and has nearly 26 offices across India. Being a group with diverse interests and wide-spread operations, managing IT security and strategy and Internet is a gigantic task. Essar Group’s main challenge was to enable secure connection for meetings and discussions between employees, who were travelling, and their colleagues in office. Another key objective of the group was to ensure secure and seamless access at the office premises for VIP visitors and promoters. Essar Group’s concern was also to provide seamless Internet connectivity to 3,500 BlackBerry users and tablet and laptop users. Although, the company had implemented wireless LAN across five of its offices earlier, it was unable to meet these needs. Typical challenges in the existing architecture included: l Lack of standardization on wireless l Improper security framework l Role-based access control for users could not be provided l Unavailability of single sign-on for users l Secure guest access was not implemented l Integration with handheld devices was not feasible The impact of these security concerns on the business was huge and there was an urgent need to implement a solution at the earliest. Thus, Essar was seeking a Wi-Fi infrastructure, along with requisite security measures to overcome the challenges that its employees and visitors were facing.
informationweek august 2011
“A secure, seamless, wireless solution has enabled mobility to a great extent and has removed the barriers of wired connectivity for users”
Chief Technology Officer, Essar Group
ADOPTION OF WIRELESS NETWORK
The group started using a Cisco Layer 3 network with 3-tier architecture at its premises, as well as deployed Cisco Light Weight Access Point Solution comprised of WLAN Controller 5508 and Cisco Aironet 1242 and 1252 as access points. In addition, it configured Cisco WCS for the management of WLAN infrastructure and its security policies. The group installed four Cisco WLAN controllers at its corporate offices and plant sites, as well as installed remote location primary controllers at corporate offices. Apart from this, Essar created five virtual area networks (VLANs) for WLAN on core software, along with one for the management of network WLAN. Each of the WLANs has different user access levels for Essar employees, guests and BlackBerry users.
BENEFITS AT A GLANCE Ease of administration improved by 80 percent
End-user productivity increased by 60 percent
User satisfaction goes up by 70 percent
Ease of access to top-notch technology advancements improved by 80 percent
Today, more than 200 tablets used by various Essar employees at the corporate headquarters and other offices depend on the Cisco Wi-Fi solution for remote Internet access.
The implementation of the Cisco WLAN solution has enabled Essar to provide a seamless, ubiquitous, simplified access combined with requisite security to its employees and visiting guests on a single Wi-Fi infrastructure. The high point of the implementation is that the solution can be integrated with laptops, BlackBerry phones, iPhones, iPods, etc. “A secure, seamless, wireless solution has enabled mobility to a great extent and has removed the barriers of wired connectivity for users at Essar,” states Jayantha Prabhu, Chief Technology Officer, Essar Group.
Today, Essar Group’s eight offices in India are using wireless connectivity. The company has now decided to extend the project footprint across most of its group locations in India and globally. Soon the company is planning to circulate the policy, wherein the employees can bring their own devices to office. u Vinita Gupta email@example.com
MPS helps MindTree slash printing costs By outsourcing its printing needs and management to Canon, mid-sized firm, MindTree, achieved more than 50 percent decrease in paper consumption and 25 percent reduction in printing costs By Srikanth RP
ike a typical Indian software services firm, a fundamental part of MindTree’s success has been due to the high-level trust and accountability that the firm has maintained through meticulously followed security policies. While the firm deployed the latest tools and technologies to prevent information leakage on the network, it faced challenges with network printers’ usage. The network printers posed a threat to information leakage, as there was a potential risk of delays in collecting printouts by employees or printouts remaining unclaimed. To ensure information confidentiality, the firm wanted to produce an audit trail or track the company’s print, scan and copy activities. “We wanted to control who was using what, and what was being printed, as ensuring the security of our clients’ information is extremely important to us,” asserts Sudhir Reddy, CIO, MindTree. After looking at the aspects of cost, security and control, the IT team decided that it was more feasible to opt for a Managed Print Services (MPS) model, and outsourced these services to Canon. Canon evaluated the printer landscape at MindTree, and noticed that MindTree had 60 network printers located across different offices. The evaluations also revealed that apart from uncollected printouts or faxes, unnecessary and single-sided printouts were a common practice. While print wastage was observed, the absence of a systematic way to track usage in the company prevented the firm from
“Typically, 37 percent of print jobs do not get printed. Today, we delete these print jobs from the memory automatically after 48 hours”
Sudhir Reddy CIO, MindTree
imposing meaningful controls over its large employee base.
AUTHENTICATION ENSURES SECURITY
Canon proposed a solution suggesting that only an authorized user should be able to activate and collect the documents at the device, using features such as single sign-on (SSO) . By letting users authenticate and retrieve jobs at Canon machines, MindTree also reduced the number of printouts left in the tray, forgotten documents and even accidental multiple printouts, which were often thrown away. “Through an internal analysis, we found out that 37 percent of the jobs that were sent to printers did not get printed. Today, we delete such jobs from the memory automatically after 48 hours,” informs Reddy. MindTree also has the capability to monitor at a granular level who prints what, how it is printed with which devices and how much it costs the company. With such reports, it is now possible to analyze the data and establish print costs in each department. These reports also aid necessary audit trails to ensure accountability for confidential
documents in the office. Staff can authenticate themselves with a SSO and distribute documents directly to their network file folders and the Document Management System. This opens up huge possibilities for saving costs related to printing, as employees can now submit documents related to expenses, income tax and contracts as a soft copy, instead of printing the same. The outsourcing agreement with Canon has also helped MindTree in providing additional functionality at a lesser price. “We have added seven new features and have significantly cut down our cost of printing,” states Reddy. With the integrated solution from Canon, the company is able to account for every single document, scanned or distributed by any employee. It can easily track the details related to the sender, recipient, and when and how it was delivered. This has created a culture of accountability within the firm, resulting in massive benefits. On the whole, MindTree has recorded an overall reduction of 50 percent in paper consumption and 25 percent in printing costs, as well as savings of over USD 62,000. u Srikanth RP firstname.lastname@example.org
august 2011 i n f o r m at i o n w e e k 55
‘IPv6 seeds have to be planted now’ The shortage of IPv4 addresses is being discussed actively globally. Can you give us some indications on the current pool of Indian IPv4 addresses, and what are the timelines by when do you think this will be exhausted? The thunderclap came when Internet Assigned Numbers Authority (IANA) assigned its last remaining IPv4 address blocks in mid-February 2011. It assigned one to each of the five Regional Internet Registries (RIR). These blocks are referred to as ‘slash eights’ and constitute a block of 16 million unique addresses. The first of these RIRs to reach their last slash eight was APNIC, responsible for Asia, including India, as early as mid April-2011. Since then, a more draconian ruling is being applied to dole out pieces of this last block. Apart for more stringent justification of the need, the size of blocks one received now has been reduced to a ‘slash 22’ meaning 1024 distinct addresses. This was very little given the growth of the Internet in emerging markets, such as India and China. A major Indian mobile operator recently required sizeable IPv4 address block but was assigned a small one and is now accelerating IPv6 deployment plans. While Indian Internet Service Providers still have some reserves of IPv4 addresses left, the stocks will be likely depleted before the next growing season. IPv6 seeds have to be planted now to avoid stunting the growth of the Internet and to nurture further development of this new communication medium, which is vital to the growth, competitiveness and health of vast segments of the Indian economy. The Department of Telecommunications finalized an IPv4 to IPv6 transition strategy in 2009. Would you be able to provide us the key highlights of this strategy, and the key achievements that have been successfully implemented? Back in 2005, India’s 10-point agenda for the modernization of IT put forward by then Communications Minister, Dayanidhi Maran, included as sixth point, the adoption and transition to IPv6. By the end of the year, TRAI (Telecommunications Authority of India) issued its first set of draft recommendations. The next five years were a long incubation period worldwide, as the imminence of address depletion remained a question mark and as, with often limited budgets, priority was given to address more short-term ROI opportunities.
informationweek august 2011
While Indian Internet Service Providers still have some reserves of IPv4 addresses left, the stocks will be likely depleted before the next growing season, says Yves Poppe, Head-IPv6, Tata Communications, in an exclusive interview with InformationWeek’s Srikanth RP
The major efforts and experiments in IPv6 deployment were conducted on ERnet, India’s Research and Education network connecting institutions of higher learning and laboratories. In the meantime the DoT has set up a number of IPv6 working groups. As of this mid-June 2011, we have clearer government guidelines mandating IPv6 support with tangible timelines. ISPs will support IPv6 by December 2011 and public facing government sites have to be accessible in IPv6 by the end of 2012. It is to be anticipated that India’s major telecommunication carriers will comply in order to avoid a growing competitive disadvantage. From a Tata Communications perspective, both our global IP network and our Indian domestic network are ready. We recently participated in World IPv6 day, where all major content sites were turned on for IPv6 accessibility. Tata Communications’ website, www. tatacommunications.com, has been accessible with both IPv4 and IPv6 address formats for quite a while. If I am a CIO of an organization, what are the
effective immediately, mandate IPv6 support in all procurements for IP services, content hosting, software or hardware; disqualify non-compliant suppliers. This will spread the cost over a more natural upgrade cycle. It is often not necessary to precipitate the upgrade of internal processes; number one priority should be to make all public facing sites accessible in IPv6 as well as IPv4, as we did with our own Tata Communication website. The process is easy and relatively inexpensive and will buy the organization some time. We have to keep in mind that a year from now, most new Internet customers will only get an IPv6 address. They have to be able to reach you and to be reached by you. You have said that Tata Communications is one of the four entities to have announced its IPv6 route. What advantage does this give your firm? When Tata Communication acquired Teleglobe, it inherited a largely IPv6 ready global wholesale network. The competitive advantage became
their customers. What is the opportunity for Tata Communications with respect to IPv6 in India? Please describe your strategy to address this space? The growth of the telecommunications market in India, where twenty million cellphone subscribers are added every month; the growing penetration and speed of Internet access (fixed or mobile); and the growing economy makes the adoption and transition to IPv6 self-evident. When a city or region ran out of telephone numbers, a digit was added or a new regional code introduced to satisfy growing demand. Routable Internet addresses are the telephone numbers today’s converged multimedia and mobile communications. IPv4 has served the world well but we ran out of the 4 billion addresses, it supplies time to move on. This year will be another milestone for humanity as the number of connected devices will, for the first time, surpass the number of human beings on the planet. With the dawn of machine-to-machine
ISPs will support IPv6 by December 2011 and public facing government sites have to be accessible in IPv6 by the end of 2012 key things that I need to be aware of about IPv6? What will be the implications for my organization, and what must be my strategy? The underlying principle is that IPv6 is indispensable for business continuity and business growth but should not distract from the core business and that the adoption and transition should not cause a sudden and unbudgeted peak in capex and opex. The first phase should be to make an audit of existing IT resources and requirements. In parallel and
more and more pronounced as RFQs by major national and regional ISPs, which constitute the global network customer, started to require IPv6 support. As of the end of May, 41 percent of our network customers now connect in dual stack (IPv4 and IPv6) compared to 24 percent just a year ago. This is another clear indication that the IPv6 bandwagon is rolling. The Indian domestic IP network is also ready as we expect the enterprise sector to also accelerate the adoption of IPv6, in order to support
communications, it is anticipated that there could be a trillion connected devices by the end of the decade. Tata Communications’ strategy is to satisfy the rapidly evolving business and consumer demand as India’s economy continues its way forward and also to identify the totally new applications and opportunities, a ‘hyper connected’ world is bound to spawn.
u Srikanth RP email@example.com
august 2011 i n f o r m at i o n w e e k 57
‘IaaS will reduce our operating cost’ William Blausey, Senior Vice President and CIO at Eaton Corporation talks to Vinita Gupta about how his organization is using different technologies like BI, risk management, outsourcing and cloud computing Could you share some details about Eaton’s Information Technology center (ITC)? Eaton is a multi-diversified organization with manufacturing and engineering presence across the globe. We have nearly 70,000 employees and business in more than 150 countries. In this dynamic business environment, Eaton’s businesses are supported by Eaton ITC — a captive IT unit, providing all hardware, infrastructure management and software support. We have around 1,400 people in our ITC. This includes 200 professionals who are in the Indian center, which helps in building IT capabilities for the organization. How crucial is BI as a solution for a huge manufacturing organization such as Eaton? Business Intelligence (BI) is extremely crucial for us. Since the last few years, we have been investing in BI, which has clearly helped us to improve our business processes. BI has effectively tackled our quality issues. For example, with the help of root cause analysis, any defect caused during the manufacturing process can be figured out well in advance. This process helps us to maintain the quality of Eaton’s product in the market. Now, we are in the process of deploying a more predictive BI. For instance, to decide the value price of a product, it is important to understand the market condition. The price
informationweek august 2011
analysis tool can do this in an effective manner. This tool has already been deployed at some of our units. We are also investing in deploying more dynamic and immediate tools, such as dashboards to monitor our operations. This will help us to understand the number of jobs and improve the planned operations.
growth. However, applications like ERP and HR run in our own data centers. Most companies consider HR as a noncritical application and outsource it. But for us, HR is an extremely essential system as it helps in performance management, talent development and succession planning.
How is enterprise risk handled at Eaton? Could you mention the key frameworks the company follows to manage risks? At Eaton, we have an enterprise risk management council that analyzes risk and looks for opportunities to mitigate it. We want to maintain our esteemed brand reputation, hence we have a proper risk management framework in the organization. We categorize information security risks in three key areas: intellectual property, network and operation security, and privacy and government regulation. To enable this, we are using MetricStream’s Governance, Risk and Compliance (GRC) solutions.
Could you share with us the key IT initiatives that you plan in the future? A lot of IT initiatives have been planned at Eaton. Our yearly budget for IT is about 2 percent on the sale on IT (which means the contribution that the technology has on business growth). We are planning to adopt Infrastructure as a Service (IaaS) for our small projects. IaaS will reduce our operating costs. We are also planning to deploy a private cloud as it would provide a centralized organization structure. Recently, we have rolled out two data centers in the U.S., which would run several Eaton’s products. Hence, we will be looking at ways to provide better services and power management to these data centers. We will also invest on technologies like enterprise mobility that can effectively handle customer challenges.
Your views on outsourcing? About 30 percent of our noncritical applications like service desk, network, and database support are outsourced to a third party. Now instead of focusing on level one or two support that include day-today activities, we are investing our time and energy on more innovative technologies that will lead to business
u Vinita Gupta firstname.lastname@example.org
Future workplace strategies and recommendations for CIOs
The blurring of work and home environments complicates the development of employee technology policy
http://www.on the web CIO strategies for consumerization: The future of enterprise mobile computing Read article at: http://bit.ly/mlZgMC
IOs take note! The expectations of the new generation workers will definitely make you reset your agenda, as well as workplace strategies. As social media becomes a foundational component of work life and corporate collaboration; as new mobile devices and application platforms proliferate; and as more employees work from home, traditional corporate policies on personal computer usage, data security, and application usage are quickly becoming antiquated. The result is the rapid consumerization of IT. We define consumerization as the migration of consumer technology, including electronic devices, platforms, and applications into enterprise computing environments, as home technology in some instances becomes as capable and cost-effective as its enterprise equivalents. Today, organizations simply cannot deny or avoid consumer smartphones, media tablets, and Internet applications in the workplace. Although many organizations have been intentionally drafting their IT policies to deny such products and applications in the workplace, they too have to change. A Gartner report aptly points out, “Most organizations realize that they cannot stop the influx of personal devices and are looking to the postconsumerization era, seeking ways to stop managing the devices used by workers.”
Five Trends Shaping the Future Workplace
The year 2011 will see five trends intersect, to create an important workplace inflection point: Trend # 1: The rise of social media as
informationweek august 2011
a business application It’s hard to underestimate the impact of social media on not just the workplace, but on society in general. According to a research by Nielsen, “The world now spends over 110 billion minutes on social networks and blog sites. This equates to 22 percent of all time online or one in every four and a half minutes. For the first time ever, social network or blog sites are visited by three quarters of global consumers who go online, after the numbers of people visiting these sites increased by 24 percent over last year. An average visitor spends 66 percent more time on these sites than a year ago.” With the growth of social media, it’s not just technology that is changing; people and society too are evolving alongside the new online world. Around the world, social media and new mobile devices are becoming extensions of personal relationships in a way that makes it difficult to separate the technology from personal social networks. It’s in the context that today’s employees arrive at work each day and expect instant communication and access to sorts of applications that can help them be effective in their personal life. Apart from that, for knowledge workers, personal devices and consumer social networks are ideal tools for building work relationships and conducting business. Trend # 2: The blurring of work and home For CIOs, the blurring of work and home environments complicates the development of employee technology policy. Flexible work arrangements that encourage employees to work from home, or any location makes it difficult to control employee
technology usage. As knowledge workers increasingly work from outside the office, it is difficult for corporations to control device usage, application usage, and most importantly, to monitor the flow of corporate information and intellectual property beyond the companyâ€™s walls. IT departments need to develop policies to deliver and secure sensitive data on both IT-owned and employeeowned devices. Trend # 3: The emergence of new mobile devices Every decade, the world sees a new paradigm for end-user computing. So far, there have been distinct eras for mainframe computing, minicomputers, personal computing, desktop Internet, and most recently, devices for mobile Internet access. In the next era, with mobile Internet devices including smartphones, media tablets, and Internet-connected personal media players, the number of new devices will far exceed the size of the total PC market. With these changes, employees are showing up to work with their personal devices with increased frequency. Todayâ€™s IT departments typically decide what devices and software to deploy on their environment. This approach simplifies support, image management, application deployment, as well as device maintenance, security, and management. Due to the coming proliferation of devices, applications, and operating systems, IT departments will face tremendous challenges to deliver end-user service and support. Trend # 4: Shifting business models require tech savvy employees As the use of social media and mobile devices explodes, it is changing the technology relationship between employers and employees. These same trends also affect the relationship between businesses and their customers and public institutions and their constituents.
As the economy shifts towards personal recommendations and social media accelerates the impact of personal recommendations on almost every type of business, companies will increasingly need a new set of workforce skills. In particular, companies will need Internet savvy knowledge workers who can navigate the complex ecosystems of social media. As the control of corporate brands shifts to online conversations outside of corporate control, organizations will increasingly value employees who are influencers in their social networks. Trend # 5: Employee expectations of corporate IT are changing With a new generation of knowledge workers, end-user technology is increasingly becoming a talent recruitment and retention issue. Companies that invest in end-user technology and implement innovative technology policy will see advantages as they look to recruit the new generation of knowledge workers. A majority of employees today indicate that the technology tools provided to them and supported by their organizations would be a critical or positive factor in taking a job with a new employer. Unfortunately, most new employees are shocked to find that their employers provide them with little more than an entry-level PC. And when they open their new PC, they are even more surprised to see that the new computer is running a locked down version of an operating system that was first released when a 2011 college graduate was 12 years old.
With employees working from outside the office, it is difficult for corporations to control device usage, and monitor the flow of corporate information and intellectual property beyond the companyâ€™s walls
CIO Roadmap: Nine Key Recommendations
While all five of the above mentioned trends are yet to peak, they are already creating significant pressure for change in most IT organizations. As companies embrace consumerization, a number of changes will need to be introduced. These changes, however, can be difficult to execute. For the CIO, consumerization
august 2011 i n f o r m at i o n w e e k 61
New technology and the expanding role of the Internet are forever changing social relationships, management philosophies, and business models around the world
informationweek august 2011
represents the confluence of a difficult set of IT challenges (security, technology policy, data protection, end-user technology) and business strategy (new business models, talent strategy, corporate brand and identity). Many questions will come to CIOs’ mind: l How do companies maintain security and protect data as they loosen IT standards? l How will companies support heterogeneous employee devices? l Does consumerization apply to all employees or only to certain employee segments? l What will companies pay for that they don’t pay for today? l What happens to employee IT platforms? l Which applications need to be modernized to work with a broader set of employee devices? To enable consumerization of IT in the workplace and keep it in sync with the expectations of the newage workers, the CIOs can follow the recommendations give below: 1. Articulate your company’s enduser workplace and technology philosophy and use that as a basis for setting consumerization strategy. 2. Recognize that IT security and data protection policies that restrict the use of personal devices and social media applications may actually increase security and data loss risk. Begin evolving security policies to protect data in a heterogeneous device environment. 3. Liberalize rules that prohibit business use of employee-owned technology in your environment. Start by encouraging the business use of employee-owned smartphones. 4. Launch enterprise applications that replicate the best aspects of consumer communication and social media within your worker community. 5. Pilot media tablets with field workers and executives to see if they can replace other devices; look at allowing other populations
to bring personally owned tablets to work. Develop a clear point of view on company vs. employee cost sharing. Also, develop a business case for incremental investment by linking end-user technology strategy with human resources planning, facilities planning, and business strategy. Consider desktop virtualization and other new technologies to reduce security and data loss risks as the demand for consumerization grows. Understand the software licensing implications of consumerization. Avoid end-user stipends. Many organizations have piloted user stipend programs where employees are provided funds to purchase the PC or computing device of their choice. In the vast majority of pilots, poor user and IT experiences have led companies to cancel plans for further stipend roll outs.
Consumerization is but one key element in an important change that is happening today in the relationship between employees and employers. New technology and the expanding role of the Internet are forever changing social relationships, management philosophies, and business models around the world. For companies with knowledge workers, IT consumerization and the re-thinking of employee technology is the foundation for the next wave of business, management, and employee change. Companies that adapt quickly and actively change the relationship between IT and end users will be better able to attract talent, execute new business models, and evolve management capabilities to improve competitiveness.
u Vikas Bhonsle is General Manager – India Large Enterprise Operations, Dell India
Enterprises are not ready for IPv6
Majority of business enterprises are either still evaluating or are in the planning stage because of a lack of awareness and understanding of how to manage IPv6 transition
ith the move to IPv6 imminent, enterprises need to re-work on their IT infrastructure to support the new protocol. The Internet Society predicts that IPv4 addresses allocated to Regional Internet Registries (RIRs) will run out this year. When that happens, many new applications and services will only support IPv6. Enterprises will be compelled to migrate from the universal IPv4 to IPv6. IPv6 is the successor to IPv4, which has been the standard Internet communication protocol since 1981. IPv4 uses 32-bit addressing, which translates to a few billion addresses. IPv6, on the other hand, uses 128-bit addressing, thereby increasing the number of available addresses to an amount large enough to support the addressing for the entire earthâ€™s growing Internet population.
Are enterprises IPv6 ready?
The move to IPv6 is already happening with service providers and some of them are close to the implementation stage. Many government organizations have also received mandates to migrate their systems to support IPv6 protocol. However, majority of business enterprises are not IPv6-ready â€” they are either still evaluating or are in the planning stage because of a lack of awareness and understanding of how to manage the transition.
What does it take to move to IPv6?
It is not as daunting as it seems if enterprises adopt a smart IPv6 migration strategy that consists of three stages. The first stage is to install a gateway appliance to provide a smooth transition between the two standards. Stage two involves the
building of the network infrastructure, while the last stage is to get applications to be based on IPv6. Today, appliances are available as an IPv4 and IPv6 gateway. This is the ideal solution as the appliance can operate seamlessly in the mixed IPv4 and IPv6 environments. Enterprises can also opt for a multi-function appliance that not only acts as a gateway, but also provides application security, high availability and acceleration.
There are two possible scenarios â€” enterprises can either move the client to IPv6 while keeping the servers on IPv4, or they can migrate servers to IPv6 while leaving the clients in an IPv4 environment. Moving the client to IPv6 requires all clients to be capable of attaching to the network via IPv6-enabled pathways. Most enterprises will find it easier to begin migrating servers (applications) before client devices, simply because the servers are completely under their control whereas devices are often not. In migrating servers, the gateway appliance is placed between the servers and the clients, and an IPv6capable server network is added to the appliance/gateway. The result is that the network will have IPv4 on the front/client side of appliance, and both an IPv4 and IPv6 network behind it. Once the IPv6 network is established, the servers can be moved over from the IPv4 network. As all client devices in the future will be IPv6-based, it is imperative for enterprises to ensure that their infrastructure and applications are IPv6 capable.
u Anil Pochiraju is Managing Director, F5 Networks
august 2011 i n f o r m at i o n w e e k 63
How IPv6 contributes to a more agile and responsive organization
IPv6 can usher in new opportunities for the way people do business and communicate
n today’s hyper-connected world, enterprises and consumers alike are more dependent on technology than ever before. It’s everywhere — as prevalent in our personal lives as our professional ones. We are now accustomed to being constantly connected; regularly demanding more sophisticated Internet-based applications that run on a wide variety of devices from PCs to tablets and smartphones. This prevalence of Internet applications is one force driving organizations towards using the IPv6 Internet address protocol, as IPv6 provides a much greater number of Internet addresses, as compared to IPv4. And with unallocated IPv4 address space nearing exhaustion, the move to IPv6 provides the means to ensure the future of IP-based applications and the Internet itself. However, if these applications are to be available to the public, organizations need to ensure that their networks and those of their network provider are ready to support them. So what does a migration to IPv6 really mean and what are the benefits?
IPv4 vs. IPv6
http://www.on the web IPv6: Four steps to take now Read article at: http://bit.ly/ipv6step
informationweek august 2011
The driver for the transition to IPv6 has been the depletion of IPv4 addresses. This is rapidly accelerating due to the global expansion of Internet connectivity, particularly in Asia. Current industry forecasts the exhaustion of the unallocated IPv4 address space. In addition to the address depletion, there’s growing recognition that IPv6 will present significant opportunities for enterprises, as new wired and wireless devices are developed around the world. IPv6 is capable of handling many more Internet addresses to support both today’s applications and those yet to come. It will make it possible
to increase the current 4 billion IPv4 addresses to roughly 340 trillion trillion trillion IPv6 addresses; this is down to IPv6 using 128-bit addresses in comparison to only 32-bit used by IPv4. This abundance means that globally unique IPv6 addresses can be assigned to objects within an enterprise environment, removing the need for private addressing, and consequently eliminating the capital, operating costs and complexity associated with deploying and maintaining Network Address Translation (NAT) devices.
The road to long-terM cost reduction
Although some initial network and system investment may be required, from an overall cost perspective IPv6 can help manage — and potentially reduce — network and IT operating expenses over time. For example, the auto-configuration feature offered by IPv6 can help enterprises streamline network administration costs. Potential cost benefits do not stop there. The local support for mobility permits the seamless integration and management of a mobile workforce into an enterprise. Plus IPv6 will enable the continued deployment of multimedia collaborative systems, helping enterprises obtain global greening and IT efficiency benefits by reducing the need for travel, thereby reducing the carbon footprint of the connected enterprise. What’s more, as both public and private IP networks are moving towards the use of IPv6 technology, investment in IPv6 rather than existing IPv4 applications provides investment longevity, fuelling long-term growth and scalability.
Opening new revenue streams
All indications are that IPv6 will open up
additional revenue streams through the development of newer, more sophisticated products to meet the demands of the user. One of the most important value propositions of IPv6 is its role in facilitating the emergence of the “Internet of things” — also sometimes called “machine-tomachine communications” — a network interconnecting common objects equipped with embedded miniaturized intelligence modules. The enormous address space of IPv6 will enable support of smart appliances, mobile devices and associated services that will underpin the envisaged Internet of things. In reality this means that machine-to-machine transactions — conducted without any human intervention — will be possible. In the connected enterprise, this will give rise to improvements in operational automation, productivity and efficiency. Futurists have speculated the Internet of things could potentially result in one of the largest transformations of human civilization subsequent to the Industrial Revolution. This evolution will represent a significant paradigm shift in the telecommunications sector and will create ripple effects on other industry segments. Because the number of objects that can be connected to the IPv6 network is infinite, this advancement will create unlimited market spaces for products and services that support machine-to-machine interaction. An obvious reason for organizations to migrate to IPv6 is the potential to develop, support, and use the new and powerful applications enabled by the technology. These include applications such as sensor networks and telemetry applications for monitoring remote objects (e.g, vending machines, utility meters, etc.); streamlined battlefield communications, including access to real-time information about equipment and personnel vehiclebased applications, such as remote assistance and tracking capabilities, including on-board diagnostics and
inventory management and control through integration with radio frequency identification (RFID) systems. IPv6 also enables the deployment and evolution of fourth generation wireless networks such as 4G Long Term Evolution (LTE), which will substantially increase bandwidth capacity available to end-users.
When is it the right time FOR transition?
In light of technical developments and the benefits offered by IPv6, one can argue that the transition to IPv6 is inevitable. However, when and how to implement the transition is the basic dilemma enterprises are confronting. In essence, major communications carriers must deploy IPv6 in their networks before their customers can take full advantage of its benefits. Organizations should therefore turn to experienced carriers that share their own commitment to IPv6 in order to support their own migration process. Verizon, for example, made an early commitment to evolve its global public and private IP networks to support IPv6, and was one of the first carriers to deploy IPv6 on its public IP backbone. A key starting point for any organization migrating to IPv6 is to establish an overall company-wide strategy for a smooth IPv6 adoption. Generally, a phased transition plan will minimize associated incremental costs and risks. Due diligence should include considering what the IPv6 requirements will be in future planned product replacements; ensuring that IPv6 compliance is mandated when procuring new hardware and software; and most importantly allocating investment for staff training and IPv6 competency development. Then, following this initial preparation, an organization can clearly determine which transition method is right for its individual business.
IPv6 will open up additional revenue streams through the development of newer, more sophisticated products
IPv6 is the future
IPv6 is no longer just a solution to IPv4 address depletion; it is a driver for sophisticated new business models that could transform, automate, and optimize an enterprise operation.
u Chris Kimm is the VP, Network Field Operations Europe, Middle East, Africa & Asia-Pacific at Verizon
august 2011 i n f o r m at i o n w e e k 65
CIO Profile Career Track
How long at the current company? I have been with BMC Software for last two years. Most important career influencer: My experience as a Vice President of Product Management at an earlier start-up was the most important career influencer.
Suhas Kelkar Chief Technology Officer— APAC, BMC Software
Decision I wish I could do over: I did my Master’s research in theoretical Robotics, and the theoretical aspect of it killed my passion for pursuing a PhD. I wish I had done it in applied Robotics instead.
The next big thing for my industry will be… Human-devices interaction is changing every day. Devices are becoming smarter and people are required to consume vast amount of information. We already see major shifts in the way we interact
de facto leader in managing clouds is the important initiative. We are also looking at how social networking, social media and search is going to change our product usage. Lastly we are looking at ways to reduce friction by adopting SaaS. How I measure IT effectiveness Effectiveness can be measured in a variety of ways, such as self-service nature of IT, amount of automation, average time to fulfill a request. Ultimately an effective IT will be the one that is almost invisible to the end-user. It should be there when users need it without being able to distinguish it.
Leisure activities: I play lot of racket sports (badminton, squash, and tennis). I am also an advanced rated
We are looking at how social networking, social media and search is going to change our product usage socially. This change is going to trickle into enterprises and is going to shape how we work every day. Cloud computing, virtualization, crowd sourcing are just some of the early shifts. I think that the way we make things and create value is going to change significantly in coming years. Advice for future CIOs/CTOs Never say never. No matter how absurd it may seem today you will have to adapt to changes due to changes in human behavior.
paraglider pilot with over 1,000 flights. I like going on paragliding vacations in remote mountains as it forces me to disconnect from the digital world and helps to clear my mind. Best book read recently: The Geography of Bliss by Eric Weiner. This is a story where the author travels around the world to find out the happiest place to live. If I weren’t a CIO, I’d be... An Air Force pilot.
On The Job
Top three initiatives Cloud computing and becoming a
u As told to Ayushman Baruah
august 2011 i n f o r m at i o n w e e k 67
Technology & Risks
Password and psyche
Phone hacking is only a matter of using tricks, as easy as accessing the voice mailbox and trying various PINs
http://www.on the web LulzSec’s Top 3 Hacking Tools Deconstructed Read article at: http://bit.ly/izdkNO
informationweek August 2011
e recently read the news about the closure of one of the oldest tabloids in the UK — since its journalists had hacked the phones of newsworthy victims and modified and deleted messages from their mail boxes. This incident has once again brought into light that phone hacking is definitely not a herculean task. In fact, phone hacking is only a matter of using tricks as easy as accessing the voice mailbox and trying various PINs (brute force attack). Things get even worse, if a phone has weak security settings or is not password protected. Often, we choose a password, which is very easy to guess. Is this an incurable vulnerability that we have in our psychology, which is being constantly exploited? I am afraid this is really true. This reminds me of the story of the famous scientist, Richard Phillips Feynman, who won the Nobel Prize in Physics. Feynman was associated with the Manhattan Project, which was the code name given to the atom bomb project. Apart from being a great physicist, he was also a famous ‘safecracker.’ There is a book by the name Surely you’re joking, Mr. Feynman, where he narrates his ‘safe-cracking’ exploits. While working on the Manhattan Project, Feynman cracked a number of safes including those with top-secret documents, belonging to high-ranking officials like generals. He used to open these safes just to highlight the loopholes in the security measures. Feynman’s inquisitive (and mischievous) mind found a number of ways to crack the combinations for the locks of the safes. He made an interesting observation that the combinations were usually based on items important to the owner of the safe. The physicists and mathematicians among them used the value of pi (3.14159) or the base of natural logarithm (e=2.71828). Others used the combinations based on birth dates of family members, anniversaries or other significant dates. He would usually study the psychology of the safe-owner and then guess the
combination. One of the unique things that he discovered was, almost one in five of the project participants did not even bother to change the combination of their safes and continued to use the default factory settings. This was more than 60 years ago. But do Feynman’s findings ring any bells today? Do we still commit the same mistakes despite constant reminders and warnings? Can someone who knows us guess the PINs and passwords that we are using? I am afraid this is very much so. Most of us are guilty of this psychological weakness. Most of our bank accounts, ATM cards and credit cards continue to have the original password or PIN. Our computers, smart phones or tablets either have no password or PIN, or are very predictable ones. More often than not, we retain the default passwords for our devices like routers, switches, access points and so on. To protect our devices and information, we need to move beyond the obvious. We should compulsorily use random numbers and alphabets as our passwords, change them periodically and devise some ways to remember them. Another alarming revelation in the case of hackings carried out by journalists, is the use of caller ID spoofing. We have intrinsic faith in the caller ID displayed on our telephones. Does it ever cross our mind that the ID could be fake? There are internet services, which allow spoofing of any ID displayed on the receiver’s phone. Imagine getting a call which displays the caller ID of your CEO, who requests you to do something for him. Will you have the presence of mind to tell your CEO that before complying with the request, you need to call back on the number to confirm his identity? The need of the hour surely is to verify the caller, lest we become victims of another caller ID spoofing attack.
u Avinash Kadam is at MIEL e-Security Pvt. Ltd. He can be contacted via e-mail email@example.com
Nine key terms in cloud deals to mitigate excessive risk
Cloud solutions appear to have lower initial and switching costs than traditional solutions, but they also include hidden costs and risks, and require unique terms for contract protection
T procurement or sourcing managers, challenged with finding sourcing options that reduce costs at tolerable risks, should examine nine contractual terms to reduce risk in cloud contracts. The cloud delivery model is gaining popularity, but it includes risks that are often unclear or overlooked when assessing the appropriateness of the sourcing model. Cloud solutions appear to have lower initial and switching costs than traditional solutions, but they also include hidden costs and risk. Thus, they require unique terms for contract protection, compared to traditional arrangements. Many cloud providers appear reluctant to negotiate contracts, as the premise of their core model is a highly leveraged approach. The starting point contractually often favors the vendor, resulting in a potential misalignment with user requirements. When assessing cloud offeringsâ€™ procurement and sourcing, executives need to understand what can be negotiated relative to risk elements, what they need to pressure cloud providers to offer, and what will likely not be negotiated. Cloud markets are generally still very competitive, and it is important for sourcing and procurement executives to leverage competition to optimize negotiations. They should be prepared to walk away from deals, if some of the risk elements are not satisfactorily addressed. As this computing model is relatively nascent, we believe that, over time, the combination of buyer pressure, and a provider desire to reduce the length of negotiation cycles and number of customized deals will mean that some terms will evolve to more of a middle
ground, rather than the current contract practices, which are mostly provider-centric. Nine key terms to understand in cloud deals to mitigate excessive risk include: l Uptime Guarantees: Despite the significant business criticality of certain cloud applications, Gartner analysts have seen numerous contracts that have no uptime or performance service level guarantees at all, or that are only provided as a changeable URL link. Cloud contract negotiators must be aware of the performance service levels required, and should ensure that they are documented contractually, ideally with penalties, if the standards are not achieved. l Service Level Agreement Penalties: For service level agreements (SLAs) to be used to steer the behavior of a cloud service provider, they need to be accompanied by financial penalties. If downtime or performance service levels are not met, negotiate penalties and escalation clauses. Rather than credits, money back is preferable, in terms of your negotiating leverage and pressure on the provider, because no vendor likes to give money back, once booked. l Watch Out for SLA Penalty Exclusions: More cloud providers realize that they need to add guarantees and quality measures for the services they sell in the cloud. To manage their risks, cloud providers usually put rigid penalty exclusion criteria into their contracts. Organizations should look carefully at exclusions to the right to penalties. For example, they should ensure that any
august 2011 i n f o r m at i o n w e e k 69
Cloud contract negotiators must be aware of the performance service levels required, and should ensure that they are documented contractually, ideally with penalties
informationweek august 2011
downtime calculation starts exactly when the downtime commences. l Security: As a part of the cloudsourcing strategy, procurement and security executives should ensure that the provider’s security practices exceed or are at the same level as their own security practices, especially if the company falls under industry or national privacy-related regulations. Gartner recommends negotiating SLAs for security, especially for security breaches. The analysts suggest immediate notification of any security or privacy breach as soon as the provider is aware of it. l Business Continuity and Disaster Recovery: Cloud contracts rarely contain any provisions about disaster recovery or provide financially backed recovery time objectives. Some infrastructure as a service (IaaS) providers don’t even take responsibility for backing up customer data. If organizations are prepared to back up their data within the enterprise, or some other cloud service, and have the ability to use that data within an application, then they need to confirm that their provider has a suitable API or other mechanism to accommodate the organization, taking responsibility for disaster recovery. l Data Privacy Conditions: If the cloud provider is complying with
privacy regulations for personal data on behalf of the organization, the client needs to be explicit about what they are doing and understand any gaps. Contracts should unequivocally state that the cloud provider will not share personal data with anybody else (this becomes more complicated if they have to share data with a third party — e.g., a cloud infrastructure provider — which is common for many software as a service [SaaS] solutions) and that they will only do what the customer (the data controller) says they should do. l Suspension of Service: Some cloud contracts state that if payment is more than 30 days overdue (including any disputed payments), the service can be suspended by the provider. This gives the cloud provider considerable negotiation leverage in the event of any dispute over payment. Organizations should negotiate an agreement that payments in any current legitimate dispute should not lead to a suspension of service. Some providers are removing disputed payments from this clause. l Termination: A number of cloud contracts allow the provider to terminate the agreement with 30 days of a written notice, or at least within 30 days of renewal. Users should negotiate for at least six months notice for the provider to terminate, unless they have materially breached the contract. l Liability: Most cloud contracts restrict any liability apart from infringement claims relating to intellectual property to a maximum of the value of the fees over the past 12 months. Organizations should try to negotiate for higher liability protections. Leverage the fact that these providers would have liability insurance to achieve higher caps, and be prepared to walk away if this issue is not resolved. u Alexa Bona, Research Vice President at Gartner and Frank Ridder, Research Vice President at Gartner
The great myth of cloud computing
The tools are viable and the payoff is real, but it’s not happening because hardly anyone has the time or money to do it
LOGS Art Wittmann blogs at InformationWeek. Check out his blogs at: http://www.informationweek. com/authors/6044
t’s like exercising and eating better: You know you should do it, yet there’s always something going on that prevents you from making it a priority. Data center automation has been on the minds of IT pros since the computer was invented, but as much as everyone knows it’s needed, most of us never get around to implementing it. What’s remarkable is the degree to which we haven’t implemented automation over the past two years, particularly given the deafening buzz about cloud this and cloud that. As we scrape off the marketing dross around cloud computing, what we’re left with most of the time is outsourcing, and data center automation on top of virtualization. However, we just re-ran our 2009 survey on data center automation, and the results are strikingly similar to what we got two years ago. In a nutshell, every IT organization does some automation; no one does as much as it would like. Both today and in 2009, 10 percent of survey respondents reported extensive use of automation. Today, 30 percent report significant use, down from 33 percent in 2009, while 42 percent report some use today, compared with 38 percent in 2009. On the trended questions in our survey, it’s hard to find responses that are significantly different today compared with two years ago. There was one, however. For those companies that weren’t automating their data center operations, we offered a range of reasons and asked respondents to tell us the degree to which these factors affected their decision not to automate. At the top of the list: Other projects are a higher priority, and a lack of budget. Second to last on that list is a lack of ROI — the No. 2 reason not to automate in 2009
— followed only by the technology not being mature enough. So to paraphrase the results, it’s now generally accepted that data center automation works, the tools are viable, and the payoff is real, but it’s not happening because hardly anyone has the time or money to do it. This finding underscores a more general trend made worse by the recession: Tactical fire fighting has all but replaced strategic planning and implementation in many IT organizations. Where we do see new projects, they’re often customer facing and intended to drive new business or improve customer engagement or data analysis. There’s no doubt that IT’s job is ultimately to help drive the business forward. But if we just keep on adding functions and services to the same broken infrastructural management processes, sooner or later something will give, and when it does, it won’t be pretty, and business and jobs will be lost because of it. I’m not sure I have a viable solution. As resources get tight, one way toppriority projects get done is by an “all hands on deck” approach, particularly in midsize IT organizations. For some, it seems the only way they can move forward on anything. For those groups, it’s vital to carve out resources, budget, and people who are immune to the needs of the project of the day, and who can simply work to make IT function better. Unfortunately, it’s not the sort of structure most CIOs can pull off by themselves. It takes line-of-business and CXO involvement and agreement that a team focused on operational excellence is in the longterm best interests of the company. u Art Wittmann is Director of
InformationWeek Analytics, a portfolio of decision-support tools and analyst reports. You can write to him at firstname.lastname@example.org.
august 2011 i n f o r m at i o n w e e k 71
Down to Business
Consumerization of IT is no fad
If you need any more proof, check out Microsoft’s thinking about the key rivals to Windows Phone 7 and Office 365 in the enterprise
LOGS Rob Preston blogs at InformationWeek. Check out his blogs at: http://www.informationweek. com/authors/showAuthor. jhtml?authorID=1026
informationweek august 2011
f you think the consumerization of enterprise IT is just a yarn spun by pundits with too much time on their hands, consider this: Microsoft says the future of one of its make-or-break products, Windows Phone 7, rests on its ability to win over consumers and have them take the devices to work en masse through the proverbial “back door.” Google, Apple, and myriad other consumer electronics and application players are eyeing the same circuitous path into the enterprise — and like Microsoft, they’re not as bashful as they once were about saying so. Some will succeed; others won’t. But the movement is unstoppable. It’s already accepted that 20-somethings are far more inclined than previous generations to download their own web apps and use their own devices to get work done. But this isn’t just a fad, like bringing your dog to work or playing foosball in the office commons. Yet many IT organizations treat it as one. At a recent INTEROP roundtable discussion, where there was much harrumphing about IT consumerization, InformationWeek Columnist Jonathan Feldman, a government IT exec by day, spoke with a participant who wondered, When are CIOs going to get it? In a follow-up, Feldman wrote, “Well, the CIOs I talk with do get it, but they’re vastly outnumbered by their staff, and staffers don’t necessarily get it yet. CIOs are going to have to take the time to educate their staff in what consumerization is, why it’s not going away, and how it may even make their lives easier or better. ” Microsoft is starting to get it. In positioning its forthcoming Office 365 suite, which includes online and onpremises versions of Office, Exchange, SharePoint and Lync, Microsoft sees its main competitors as consumer players like Google and the Web 2.0 crowd, not so much the blue bloods
like IBM. Terry Myerson, VP, Windows Phone Engineering says he no longer considers RIM’s BlackBerry, supported by the security and management of its BlackBerry Enterprise Server, Microsoft’s chief rival in the business smartphone market. “I would have said that several years ago, but not now,” he says. Myerson adds, “At the front door, RIM has a very good position due to the BES. But in terms of units and influence, I think the back door [read: iOS and Android] is driving more innovation.” The consumerization trend, he says, sometimes requires separating consumer and enterprise functionality on the same app or device. “We have this tremendous enterprise asset with Office and all things Office,” Myerson says. “And we’re developing this wonderful consumer asset with what I’ll call Xbox and all things Xbox, and I might include music and video and games in there. And if we could bring to the consumer this phone, which has the best of Xbox and the best of Office, I think it’s an incredible proposition to everyone — if IT can have the security and manageability they want for their sandbox on the phone, and the consumer can have an avatar where they’re dressed as a ninja smack-talking with their friends on the consumer side of the phone.” But let’s not confuse consumerization with sloppy business IT. In an excellent column on our sister site, The BrainYard, Tony Byrne, President, Real Story Group, explains why “consumerization” tops his Enterprise 2.0 B.S. list. “Your co-workers don’t need a new application that will represent them with a 3-D avatar,” Byrne writes. “What they need is a humanfriendly mobile interface into their workaday team spaces. Productivity is the new sexy.” u Rob Preston is VP and Editor in Chief of InformationWeek. You can write to Rob at email@example.com.
Healthcare needs help on transparency
The industry will need to get over its skittishness about sharing electronic health records with patients. Because patients will demand full access to their digital records, plain and simple
LOGS Chris Murphy blogs at InformationWeek. Check out his blogs at: http://www.informationweek. com/authors/1115
r Neil Calman wrapped up a recent InformationWeek Healthcare IT Leadership Forum in New York City with a few predictions, including one portending radical change in people’s access to their health records. He started with the big picture. “If there’s one thing that’s going to revolutionize healthcare — whether it’s IT, ACOs, any aspect of health reform — what you’re going to see is patients taking back healthcare from their providers,” said Dr Calman, a Physician, who is CEO and Co-founder of the Institute for Family Health, which runs 17 health centers in the Bronx, Manhattan, and the midHudson Valley in New York State. Then Dr Calman got more specific, including one prediction destined to raise some blood pressure: “You’re going to see patients wanting complete and unfettered access to their medical records. Forget all this about where we’re going to keep the data to ourselves for seven days before it’s released to patients, or we’re going to create models of abstracted data to give to people. They will have total and complete, instant access to their medical information, whenever, in multiple formats, however they want it.” Each of those modifiers — complete, unfettered, instant — would rip away a security blanket that healthcare providers and health IT leaders cling to when they start talking about giving patients access to their medical records. Instant: Some providers give patients access to lab results, but they wait several days, so that doctors have time to talk with their patients about the results.
Complete: Should patients be allowed to read their doctors’ notes? To access every lab result? To see images they aren’t qualified to assess? Unfettered: This will mean letting patients have their full health records — and not just through a hospital’s sanitized portal, but as a raw download they can take with them, Dr Calman predicted. And they’ll have to offer a means for the patient to make comments, or corrections in places where they think the information is wrong, he said. Dr Calman’s
fellow panelist, Karen Marhefka, Associate CIO, UMass Memorial Healthcare said that giving patients the ability to comment on records was a concern when UMass Memorial assessed vendors for its planned patient portal. Its lawyers advised against allowing other sources into the providers’ clinical data, even if comments could be identified as coming from the patient. Dr Calman predicted that every major electronic health record system or portal will soon allow patient input, and that it shouldn’t be controversial. “Every single thing we do in medicine depends on what the patient told us,” he said. Dr Calman further added, “The subjective part of every progress note is, writing down what the patient told us. We don’t have any way of independently verifying it. But all of a sudden, when the patient can write it themselves, it becomes something the lawyers are all freaked out about. Anyway,
august 2011 i n f o r m at i o n w e e k 73
these are the transformations that are going to take place. They just change the way we think about everything in healthcare.” Some 15,000 people now use the Institute of Family Health’s portal to view records, Dr Calman said. But he predicted it won’t be long until patients expect to get their records in a downloadable form of their choosing — and that HIPAA and other regulations will be amended to give patients that kind of portable access to their records. Concerns that patients will misinterpret lab results are legitimate. And letting patients add their own comments or data to their health records does raise some new legal liability questions. But health IT leaders and their clinical peers shouldn’t waste their time trying to stop this transparency movement and instead must pour their energy and intellects into coming up with workable solutions. (And there was plenty of that in evidence at the forum.) Concerned that a patient will misunderstand a test result? Health providers will need to arm that patient beforehand with information about what the test’s looking for, and where to get more information about it. They’ll need to push EHR vendors to build more such links into their products — links to reliable data sources, right from an EHR portal. Giving people access to their medical records is closely related to another phenomenon: people turning to Google or Facebook as soon as they get a diagnosis. Anyone who has done that knows you’re likely to read a lot of worst-case scenarios and quackery, and can understand why Debra Wolf, Professor - Nursing, Slippery Rock University, says that social media “frightens me to death.” People are “going out to find patients like themselves,” said Wolfe, in an earlier discussion at the InformationWeek Healthcare Forum. “What frightens me is they don’t know how to safely evaluate a website.” Noteworthy is the fact that
informationweek august 2011
Wolfe is looking for ways providers are helping patients to get better information, not hoping to cut off access. At some hospitals, when nurses are discharging patients, they’ve been trained to ask, “Are you using a website for health information?” and offer tools to assess a site’s quality and reliable sites that people might consider using. People will inevitably look to the web and social sources for healthcare insights, so “we need to meet them out there,” Wolfe said. Same goes for people’s digital health records. As patients demand access, health IT leaders will need to focus on making that experience valuable, not getting in the way.
Concerns that patients will misinterpret lab results are legitimate. And letting patients add their own comments or data to their health records does raise some new legal liability questions
u Chris Murphy is Editor of
InformationWeek. Write to Chris at firstname.lastname@example.org
Published on Oct 10, 2011
Cover Story IT: A lifeline of Healthcare Case Study Essar Group deploys secure Wi-Fi MPS helps MindTree slash printing costs