Enterprise Print Management for Healthcare Organizations
Health IT executives are moving away from traditional computing devices for mobile applications, with 87% reporting that they are increasing their investments in mobile technologies, according to a recent study.* With this increased emphasis on mobility, healthcare organizations often face unique printing difficulties due to the amount of physical movement during the day. It is especially critical to make sure print jobs are delivered to the right printer and to the right person to safeguard patient data, in accordance with HIPAA regulations. According to HIPAA Journal, 15% of all reported HIPAA breaches are due to errors when printing – that is 1 out of 7.*
In addition to supporting users with proximity-based needs, there are several other common-yet- complex factors to account for when printing sensitive information. These include print management in hybrid environments and, for remote users outside of the managed space, delivering print capabilities to mobile devices, all while protecting security parameters and maintaining HIPAA compliance.
Listed below are the most common printing issues currently challenging healthcare IT, followed by respective best practice data and supporting solutions to consider in overcoming associated obstacles and establishing a comprehensive print management process.
Issue #1: Supporting Users on the Move
In a hospital or other large healthcare facility environment, staff will frequently log in to client computers from different rooms, floors, buildings, or campuses. In a clinical environment, doctors and nurses may be working in a different building on different days of the week. In some cases, you will have remote offices that are connecting in to your infrastructure. It is imperative to arm your users with the ability to access their printers wherever they are, whenever they need to print.
Best Practice: Proximity-Based Printing is a Must
A major hassle for printing can be removed from the end user by utilizing proximity-based printing strategies. The ability to assign printers based on client name or IP address allows the administrator flexibility for the right printer to show up for a given workstation, regardless of who is logging in to it. For the user, it is the right printer for their use at the right time.
Issue #2: How to manage printing in a hybrid environment
This is a major topic for really all industries, but especially in healthcare. Rarely is there ever a time where there is a single platform or technology that can deploy and deliver all of the user applications necessary in a healthcare environment. Many types of companies find it necessary to deploy several platforms and technologies to enable the users in their business.
Often times you are looking at delivering some of the applications through a terminal server environment. A subset of users might be running virtual desktops or traditional physical desktops. Maybe thin clients need access to those applications. In healthcare, you have EMR/EHR applications which might have front-end Windows printing but also have back-end printing through a different type of infrastructure.
Healthcare organizations often face a complex array of delivery methods for all the different types of specialized work they face. These include Microsoft RDS or Citrix XenApp servers, virtual desktops, physical desktops, thin clients, EMR/EHR back-end printing, and more. An IT administrator faces challenges with each one of these individually. You also you have to bring them all together in to a unified and comprehensive environment. Trying to manage them can be complicated for administrators and confusing for end users.
Best Practice: A Single Management Tool Regardless of Environment
Finding a tool that can administer printing from a single management console, regardless of the application delivery method, can simplify a deployment and streamline ongoing support. For users, having a common printing method and the right printer in the right place saves time and frustration.
Issue#3: Supporting Remote Printing for Users Outside of Managed Space
Many environments require some form of external access into their systems for remote users or satellite facilities. This could be an employee working at home who needs to “dial in” or connect in to your back-end and data center systems. Ideally, they want to use printers they have on their local network and be able to have them integrate with the application delivery. When a user needs to print, the printers local to them are accessible. There may be remote offices, such as clinical offices or other geographically dispersed locations, where you have one data center but you have print servers, printers, users, and devices spread around. These need to be accounted for in the same way as local computing resources, and their printers need to be available at their site, not just from within the data center.
Best Practice: Incorporate Remote Printers and Print Servers for Satellite Offices
Compression often becomes a key component, ensuring the traffic between the data center and the remote site arrives quickly and does not bog down the rest of the network bandwidth. Remote users from a home or mobile office need the ability to print to any local printer without calling the help desk. Enable full access to back-end applications with a service that the users are accustomed to while minimizing additional administrative effort. In all remote scenarios, a level of service needs to be maintained to continuously address concerns of compliance and data security.
Issue #4: How to Deliver Printing to Mobile Devices
Printing is one area that is often overlooked in the mobile strategy. The printing that is offered is limited and disjointed from the rest of the enterprise printing strategy. A printing solution that comprehensively manages printers across the environment enables mobile devices to access the same print resources as a virtual desktop or workstation. Both iOS and Android need to be integrated in so that the native print facilities on mobile devices will allow printing to all printers in an environment without an upgrade to the hardware. There are so many advantages of integrating mobile, but IT managers are faced with challenges to take these brand new devices and platforms and get them working with existing enterprise systems, including printing. How do you take existing printers that you have and give them access to mobile printers?
Best Practice: Have a Print Solution that is Mobile Friendly
The solution to have a comprehensive enterprise printing system that can extend out and embrace mobile device printing is certainly a necessity when you are evaluating print systems in the enterprise.
Issue #5: Make Sure Your Print Environment is HIPAA Compliant
HIPAA is a concern for every healthcare organization, as security and compliance issues often come up as top priorities for IT management. As evidenced by a recent survey, healthcare organizations are planning investments this year in data security in healthcare and HIPAA compliance above all else; 73.5% of all survey participants reported that their organizations are increasing their compliance spending in 2016.*
A printing tool that can comprehensively manage printing across the environment gives administrators a first line of defense to combat potential HIPAA violations, through a clear view of what printers are accessible to which users. As with previous issues, to have the right printer available to the user, instead of a confusing list of printers throughout the building, reduces the chances of a print job with sensitive information coming out of an unexpected printer and sitting around for all to see.
Best Practice: Secure Print is a Must-Have
There are several ways to secure print jobs, including secure print with a PIN code or badge release. Integration of printing methods that include abilities to manage the release of print jobs can be a large step in verifying that the print job is picked up when printed. This integration might be through various printing solutions, or utilizing built-in capabilities of advanced print features from the printing manufacturer.
Your systems may require pin code printing and lock print, badge release printing, and integration with other badge release systems. It is a key component to making sure that print information is kept securely along with all the other data in your environment.
How to Simplify Your Print Environment
Consider the different methods used and types of printers we need to manage in the healthcare space. Start with local printers. Local printers are printers that you have in an employee’s location or at a remote branch office. These devices are unknown to you – fully functional devices that are somewhere else that you do not have access to and you do not manage.
Tricerat provides a simple way of installing a client to this device. This allows the IT manager to see all of the different clients and all the different printers that they have and then choose which ones – the preferred printers – that get moved in to that terminal environment. This is one method of printing. We have a lot of different devices but a user wants a couple devices to use with their terminal environment, whether it is VDI over a PCoIP connection or whether it is a Citrix Server hosting an application for them.
The second method of print delivery is print server delivery. For the same people who are remotely connecting in from an outside organization, or perhaps they come back inside the building the next day, you want to be able to take the print server and efficiently deliver the functionality of that print server down to the user in their environment.
For example, a traditional Windows 2012 print server has a couple queues installed on it. What we do is layer on top of the existing infrastructure. We are not recreating a new print server. Instead, we are taking the print server that already exists in your environment, and we install it to our print server agent. Our print server agent simply looks down at the queues that you have locally, and then determines the functionality of them and virtualizes these capabilities.
This is important because what we are doing now is reading everything that the printer driver says that this device can do. At this point, we are ready to administer printing throughout the entire environment. The advantage is that you will never have to install a print driver again. Our application, either on the local client or on this print server agent, is now going to virtualize the functionality of every printer that is known and push it on to a Citrix session, a VDI space, or even move that on to a traditional fat client workstation. So how do we do that with our tools?
Simple for the IT Admin, Simple for the End User
Tricerat’s printing solution provides a single management tool that will show the resulting set of print policies quickly and simply. This is a very simple, Microsoft Management Console (MMC) kind of snap-in. On the right hand side are the Objects, the items that are allowed to be administered in our solution and what can be delivered out to an end user. All of the available devices are listed and ready to be administered within the environment. On the left hand side are the different owners that can be assigned these printers.
This enables the proximity-based printing feature. There are a couple of different ways to do so. First is IP-based proximity, for specific sites that have IP ranges. Anything assigned to this “Admin Assigned” portal is automatically delivered to everyone coming from that IP range. There is also the ability to do groupings. If there is a site that has multiple IP addresses, an administrator can assign multiple IP addresses to a single folder and make assignments at the folder level.
In addition, assignment can be based on “Hardware ID.” This is common with VDI when using a zero client or thin client that is not an Active Directory-enabled device. If there is a naming convention, based on floor or based on functionality of a device, an administrator can create a naming convention with a wild card and make assignments at that level. There is also the capability to do traditional Active Directory-enabled printing.
With Tricerat’s print solutions, policies can be created and managed at a level that is comfortable for the IT administrator. If the IT administrator wants complete control of what printers their users can see and utilize, they can. However, if they want to provide a user the flexibility to self-select a printer that is only relevant to them, they have the ability to do that as well. Instead of having printer sharing at a print server level, the administrator can turn that off and use our tool for directed sharing or a unicast of a device to a group, a user, an OU, or any level of Active Directory. It is a seamless end user experience. The users log in to a device and see the printers they need. There is no longer the need to ever install a print driver anywhere within the environment again. The communication is virtualized directly to the print driver that is installed to wherever the device touches the network. This eliminates driver versioning control and other complexities with delivering printers through GPO, based on user settings.
Access All of Your Advanced Print Features
Since the communication is being virtualized directly to the actual print driver, there is no need to feel limited to a universal subset or forced range of functionality. By virtualizing the manufacturer’s printer driver, Tricerat’s printing solution delivers all advanced print features regardless of environment – a Citrix host, VDI workstation, a traditional fat client, or a hybrid deployment. Secure pin print or badge release or PIN code release is an advanced feature that is required by most healthcare organizations for HIPAA compliance. If a user needs to put in their 4- to 10-digit code or needs to scan their badge at the printer to release the print job, Tricerat’s print solution virtualizes that capability in to the terminal environment. Other finishing touches become available also, including stapling, collating, duplexing, and more.
The important part to consider is this: Tricerat’s solution delivers that functionality without having to install a driver anywhere, other than the print server itself.
Print Delivery with Admin Control and User Flexibility
The self-service component of Tricerat’s print solution allows a user to assign themselves a printer based on the pre-determined criteria that the administrative team has given them.
This touches on all of the different ways of delivering printing all throughout your environment. Being able to take this same virtualized approach and deliver that to an iOS device or a Windows workstation in your environment allows you to deliver a homogeneous experience to your user based on all of the different ways that they can work.
To recap, we have covered some of these challenges and ways that a comprehensive enterprise print management system can be applied in healthcare, by managing your entire print environment, including Citrix, VDI, or traditional workstation deployments and a mixture of these environments.
We also give you the ability to assign printers based on location, including mobile users so all types of clients connecting in have location-based print assignments. Your users will be able to print securely with secure print or badge release and still use the advanced print features delivered by your print manufacturers.
You’ll have the ability to manage printing to mobile devices. You can deliver mobile interfaces into the data center and other infrastructures that need to be managed with printing, as well as natively to those devices and to their print facilities. This allows for remote printing for users or staff coming in outside of the managed space and outside of the local environment. Remote resources or off-site workers will have access to the same services. They will be able to natively access these advanced print features, whatever they might be, to take advantage of the print solutions that you have implemented in your environment. Our customers include some of the nation’s largest names in healthcare, including AllScripts, Kaiser Permanente, Blue Cross Blue Shield, and Aetna.
At Tricerat, we really strive to improve the lives of IT administrators
It is our philosophy. We focus on the simplicity and power for the administrator’s experience. We talked about in several of those examples earlier, challenges for the administrator being requested to deliver IT services out in these very complex environments. We deliver tools that simplify those things and enable IT administrators to do what they need to do. That power translates into simplicity for the user experience. When IT can effectively deliver those services, the user really wins in that case because the user experience is simplified, unified and focused on what they need to do. Ultimately, we want your organization to be able to focus on delivering the best possible service to your patients.
11500 Cronridge Dr. Suite 100
Owings Mills, MD 21117