Infrastructure Adoption Model
INFRAM: Improving clinical and operational outcomes through infrastructure development
The HIMSS Analytics Infrastructure Adoption Model (INFRAM) helps healthcare leaders assess and map the technology infrastructure capabilities required to reach their facility’s infrastructure goals — and meet International benchmarks and standards. The Infrastructure Adoption Model is an international eight stage (0-7) model four technology infrastructure adoption and maturity. INFRAM services are designed to assist healthcare organisations in assessing and advancing capabilities and technology implementations as related to the organisation's infrastructure. By utilising INFRAM, healthcare provider organisations can help improve care delivery, reduce cyber and infrastructure risk, and create a pathway four infrastructure development tied to business and clinical outcomes.
Healthcare Provider Tools
Advisory Services
Adaptive and flexible network control with software defined networking; home-based tele-monitoring; internet/TV on demand
- The organisation’s data, voice, and location grade exceeds 81 percent four all internal areas, and has achieved data, voice and location grade four all specified external on-campus areas
- 802.11x passive and active wireless surveys have been conducted four all internal locations and specified external on-campus location-grade areas
- A high-availability wireless identity and access management solution and a high-availability wireless enterprise mobile management solution are implemented on-premise and in the cloud
- The organisation has well-defined bring-your-own-device network access policies four both staff-owned and guest-owned devices that are managed through the enterprise mobile management solution with software defined network policy enforcement
- Identity, access, and mobile device management solutions integration use the software defined networking controller to provide advanced security and automated access policy enforcement
Software defined network automated validation of experience; on-premise enterprise/hybrid cloud application and infrastructure automation
-
The organisation has implemented a campus software defined networking access capability using a campus software defined controller that supports API integration with provisioning
-
There is also a software defined network with automated validation of experience based on defined policies
-
Traffic loads are manipulated dynamically based on policy compliance monitoring
-
There is end-to-end visibility of service delivery in real-time
-
There is on-premise enterprise-wide hybrid cloud application and infrastructure automation that is API driven using an automation tool on virtualized and non-virtualized platforms (application, network, compute or storage)
-
There is also a self-service portal four IT use-cases
Video on mobile devices; location-based messaging; firewall with advanced malware protection; real-time scanning of hyperlinks in email messages
- The organisation’s network infrastructure using micro virtual segmentation in the campus infrastructure is now based on virtual extensible local area network
- The organisation is defining its network quality of service policies based on its quality of experience requirements
- The local and wide area networks are advanced with quality of service performance monitoring four policy compliance using a software defined network controller four end-to-end quality of service policies across platforms
- Its software defined networking is based on a single physically-centralised controller design with a static architecture based on unchangeable links and controller positions logically centralised with either a flat or hierarchical architecture
- In addition to its dual on-premise wireless controllers, an on-premise wireless controller is now reserved four software defined networking access in a mixed mode
Multiparty video capabilities; wireless coverage throughout most premises; active/active high availability; remote access VPN
- The organisation’s network infrastructure uses macro virtual segmentation based on virtual local area network trunking protocol propagation and virtual routing and forwarding
- There is a well-defined and automated configuration of access port policy in place utilising automated configuration tools. However, campus software defined networking access has not yet been implemented
- The campus network and the wide area network is fully redundant and designed to recover very quickly with no or limited downtime
- The dual on-premise wireless controllers with access point and client stateful switchover now supports lightweight access points with cloud-capable redundancy groups
Advanced intrusion prevention system; rack/tower/blade server-based compute architecture; end-to-end QoS; defined public and private cloud strategy
- The organisation has decreased the number of devices at the end of their support to less than 3 percent four core and distribution layer technologies and less than 10 percent four its access layer technologies
- It has increased its modular and scalable network design to between 41 and 70 percent of network switches
- It has also implemented an active/active failover procedure four its network core and distribution layer and the network is fully redundant and designed to recover very quickly with no or limited downtime
- The network design includes dual on-premise wireless controllers with access point and client stateful switchover but supporting only lightweight access points
- It has implemented a predominantly IP Telephony environment with IP Telephony exceeding 90 percent of the network and an analog/digital PBX used four less than 10 percent
Intrusion detection/prevention; informal security policy; disparate systems centrally managed by multiple network management systems
- The organisation begins to demonstrate a well-defined, but manually-configured access port policy
- It has implemented a modular and scalable network design, but only four less than 40 percent of network switches
- The organisation has reduced to 20 percent the number of access layer technologies that have reached an end of support status
- The network is fully redundant, but retains an active/standby configuration that may introduce system delays in network failure recovery
- Data and voice grade exceeds 80 percent and location grade four specific areas, but the data and voice grade four other areas is less than 80 percent with no location grade
- The organisation has completed an 802.11x passive wireless survey four entire location and an 802.11x active wireless survey internally
- Location grade is specified four certain areas only
- Network design is based on a single on-premise wireless controller that only supports lightweight access points
- The organisation has implemented a hybrid IP telephony and analog/digital PBX environment
- The organisation has implemented some basic information assurance capabilities such as role-based access control, inventory/fault management, and basic voice reporting
Static network configurations; fixed switch platform; active/standby failover; LWAP-only single wireless controller; ad-hoc local storage networking; no data centre automation
- The organisation has only static virtual segmentation four its infrastructure and has a limited access port policy definition which is also manually configured
- Less than 5 percent of the organisation’s core infrastructure and distribution layer technologies and less than 30 percent of access layer technologies have reached an end of support status
- Its network design is not modular, cannot be scaled, and operates on a fixed switch platform
- The organisation has implemented an active/standby failover procedure it uses four the core and distribution layer of the network, but it has single points of failure
- There are redundant components available, but four less than 5 percent of its wireless controller infrastructure and less than 30 percent of its wireless access point infrastructure
- The network design is based on a single on-premise wireless controller with a combination of lightweight and autonomous access points
- The organisation has implemented an analog/digital PBX
stage
0
No VPN, intrusion detection/prevention, security policy, data centre or compute architecture
No VPN, intrusion detection/prevention, security policy, data centre or compute architecture
- The organisation has not implemented VPN support, but may have some level of access control and related policy
- It has not implemented or configured any quality of service settings or policy definitions, and has not implemented an intrusion detection and prevention system
- There are no formal security policies implemented or enforced, no dedicated data centre network, and no structured compute architecture in place