Compulink Advantage. INSTALLATION, CONFIGURATION AND PERFORMANCE GUIDE (Revised 09/01/10)

(1)

(2)

(3)

(4)

(5)

(6)

(7)

(8)

(9)

(10)

www.compulinkadvantage.com

Page 10

ENVIRONMENT SETTING (AKA SET STATEMENT)

Advantage software utilizes the Environmental Variables settings in the System Properties to add a unique environment/ID for each user accessing the software. These variables are also referred to as “SET STATEMENTS.”

WINDOWS XP AND SERVER 2003

To access the Environment Variables, navigate to the control panel, double click the system icon, choose the advanced tab and click on the Environment Variable button. To add a Global set statement, use the SYSTEM Variable (recommended on workstations only). Create a new variable using “CBS” as the Variable Name (without the quotation marks). For Variable Value type “X” (without the quotation marks). “X” represents a sequential alphabetical ID based on the number of Compulink licenses purchased (i.e., five licenses will allow you to use IDs ranging from A~E.)

WINDOWS 2008, VISTA AND WINDOWS 7

To access the Environment Variables, navigate to the control panel, double click the system icon (classic view), choose the Advanced System Settings in the menu and click on the Environment Variable button under the Advanced tab. To add a Global SET statement; use the SYSTEM Variable (recommended on workstations only). Create a new variable using “CBS” as the Variable Name (without the quotation marks). For Variable Value type “X” (without the quotation marks). “X” represents a sequential alphabetical ID based on the number of Compulink licenses purchased (i.e., five licenses will allow you to use IDs ranging from A~E.)

GENERAL ENVIRONMENTAL SETTING

THE VARIABLES MUST BE TYPED IN CAPITAL LETTERS. Should your network exceed 26 workstations, use

(11)

(12)

(13)

(14)

Page 14

WIRELESS LOCAL AREA NETWORKS (WLAN)

Compulink Advantage software has been tested and proven compatible with Tablets, Notebooks and Desktops using wireless connectivity while utilizing Terminal Services or Remote Desktop technology ONLY. Wireless connections with direct connectivity to the Wireless Local Area Network (WLAN) are not supported. Implementing a wireless connection from the station hosting the databases and another station on the network could cause delay in packet delivery and result in performance issues, database disconnections and data corruption. The use of Windows Terminal Services and similar products, available from proprietary vendors such as Elusiva, are necessary with low bandwidth environments. Reliability Like any radio frequency transmission, wireless networking signals are subject to a wide variety of interference. Speed The speed of a wireless network depends on several factors. Wireless standards, typically advertised at 1‐108 Mbps, will transmit data at a fraction of a wired network (uusually at 100 Mbps and up to several Gigabits per second). There are also performance issues caused by TCP and its built‐in congestion avoidance. Implementing a Wireless Local Area Network (WLAN) should be limited ONLY to environments where wired connectivity is not an option. Security The "open air" nature of wireless radio signals poses challenges for securing wireless computer networks. Wireless radio signals broadcast through the air and are naturally easier to intercept. Signals from most wireless LANs pass through exterior walls and into nearby streets or parking lots. Strong encryption and wireless security is absolutely necessary to protect patient data. Requirements for setting up wireless environments are similar to the Wide Area Network which is outlined in the Wireless and remote access (page 12) and Wireless Data Protection and Encryption (page 21) of this guide. For additional details regarding wireless networking, contact Compulink’s IT department.

Please note: Installation of Sybase SQL Database Management software is mandatory for wireless connection using Remote Desktop or Terminal Services.

(15)

Page 15

SECURITY INFORMATION

SECURITY AND ANTI‐VIRUS SOLUTION

Compulink recommends Security and Anti‐Virus solutions developed for business/corporate environments. Solutions made for home/home office users, such as Norton Anti‐Virus 2010, are not designed for network applications such as Advantage software. It is imperative that your security solution provides an interface for proper configuration and unfiltered network packet delivery on the local area network. All security applications, such as Symantec Endpoint Protection, must be configured by a network professional to permit full access to Advantage software and all of its associated TCP/UDP ports. Network scanning option MUST be disabled for all available Security and Anti‐Virus programs. The content of the local drives are scanned and protected. Enabling the network drive scanning will only cause latency and create lag time for users of Advantage software. Scanning system for malware should also be scheduled during off peak hours or when system is not in use to avoid performance issues.

SECURITY AND ANTI‐VIRUS SOLUTION ‐ RECOMMENDATION

Many proprietary software companies provide threat prevention and defense against malware. Symantec Endpoint Protection is recommended for use with Advantage software. Advantage Users can deploy Symantec Endpoint Security on their networks to protect against even the most sophisticated attacks. Symantec Endpoint Protection can provide advanced threat prevention from unknown targets. It includes proactive technologies that automatically analyze application behaviors and network communications to detect, block and report suspicious activities. Deploying Symantec Endpoint Security will provide real‐time security protection for Advantage users.

NOTE

Compulink Business Systems, Inc. utilizes Symantec Endpoint Protection and Windows Server Update Services (WSUS) to certify all communication between Compulink and Advantage clients are free of malware. At Compulink, all network nodes are protected, real‐time, and scanned daily using Symantec TruScanTM Technology. A comprehensive scan is also scheduled and performed on a weekly basis on all network nodes. Symantec Endpoint and WSUS are updated daily for any available and most current threat protection. These updates are delivered to all Servers, workstations and laptops immediately to ensure a malware free environment.

NETWORK COMMUNICATION AND SECURITY

Advantage software utilizes the following technologies to identify the authenticity of its users prior to the initial product launch. The product also adds another layer of protection by authenticating the users prior to the launch of the software by requiring a username and password.

LOCAL AREA NETWORK

Starting with Microsoft Windows 2000, Microsoft products use Kerberos protocol and Integrated Windows Authentication (IWA) to check the authenticity of any network user requesting information from the server or acting server and the shared resources on the server. Windows Authentication is commonly used between all software running on Windows. Also filesharing permissions can use Kerberos and IWA with Microsoft Active Directory. This way user only needs to give login credentials once on a PC and has access to shared files over network with suitable permissions. Advantage software utilizes UDP port 4000 on the local area network to establish communication between clients and the server.

(16)

(17)

Page 17

MISCELLANEOUS BACKUP INFORMATION

 CHECK THE BACKUP LOG OFTEN TO MAKE SURE YOUR DAILY BACKUP IS RUNNING ERROR FREE.  It is imperative that the advantage software is not running while the backup is being performed. Contact Compulink’s IT department to obtain information on how to close all connections to the software prior to your backup.  Hard Drive Redundancy (RAID 5 or RAID 1) on the file server is recommended. Note: Compulink recommends RAID 5 due to the performance gain.  Internet based backup sites can only backup data that has change and do not provide a full backup copy and are not recommended  Note: Do not use XCOPY command to make an online backup while Advantage Software is in use.

RECOMMENDED BACKUP SOFTWARE

Compulink Recommends using “Symantec Backup Exec” or “Acronis Backup and Recovery” software to backup and restore data.

STORED DATA PROTECTION AND ENCRYPTION

Health Insurance Portability and Accountability Act (HIPAA) requires medical service providers to provide security measures for all stored patient health information. The compliance efforts are sometimes threatened by the ease with which sensitive information could reside unprotected on USB flash drives, external hard drivers, backup tapes and other portable devices and media. There are many solutions that secure mobile data and ensure that sensitive data remains private through encryption and password protection. Password protecting the data is one of the most common used data protection means today. Backup applications generally offer an option to password protect the data during the backup operation. Compulink also recommends the workstations do not include writeable drives such as CD/DVD writers. Group Policies can be implemented in a domain to make flash drives “read only”.

(18)

(19)

(20)

Page 20

Advantage Online™

Hosted SaaS (Software as a Service) Solution

Experience the functionality of the leading EHR software deployed over the Internet and access your patient data via the Web. Compulink Business Systems, Inc. has partnered with leading industry hosting solutions to simplify deployment and reduce customer acquisition costs with a SaaS (software as a Service) solution. Advantage OnlineTM will allow Advantage software to be deployed as a hosted service and accessed over the Internet globally. With Compulink’s Advantage OnlineTM solution, our clients have the flexibility to customize their servers and devices without having to troubleshoot, patch, monitor, backup or worry about the hardware and network.

Advantage Online

TM

Hosting Solutions

 Secure Sockets Layer (SSL) ‐ Secure Sockets Layer (SSL) encryption technology is used to protect private information while it's in transit via the Internet.  Network Administrative and Support ‐ Compulink IT experts, with assistance from Compulink’s software support staff, are available to assist in troubleshooting any issues with Advantage software deployed over the Web  Unlimited and Toll Free Software Expert Support – Compulink’s Customer Care department is available Monday through Friday, 5:00 AM to 5:30 PM (Pacific Time), for troubleshooting any software related issues. Note: current support contract required  Network Uptime ‐ We have designed and built a state‐of‐the‐art network to minimize downtime  Managed Backup – State of the art technologies in Network Attached Storage for backing up files  Proactive Protection against Viruses and Malware – Compulink has deployed Symantec Endpoint Protection© for defense against threats  Supports Paperless ‐ Capture all your paper documents and images over the Web  Inventory Management – Advantage OnlineTM _{supports patient bar‐coding and inventory management}  HIPAA Compliant – Our deployed encryption, security and storage management ensures your PHI is protected from disaster and unauthorized access

 Flexible and Scalable

– Compulink’s Advantage Online

TM _{can be tailored to your specific needs regardless}

(21)

(22)

(23)

Page 23

SYNCHRONIZING A WINDOWS NETWORK WITH AN NTP TIME SERVER

Synchronizing a network is done using the Windows Time Service, also known as W32Time. The Windows Time Service was implemented in compliance with the Kerberos V5 authentication protocol, which is defined by RFC 1510. Among the protocol's requirements are accurate time stamps. Advantage software utilizes Windows time synchronization (NTP) technology to time stamp all records. The applications time stamp provides accurate tracking of all records including security records. For additional details regarding Windows Time Service, please visit the following web page: http://www.compulink‐support.com/technotes/time.htm

TO PROTECT YOUR FILES BY USING A SCREEN SAVER PASSWORD

1. Open Display in Control Panel. 2. On the Screen Saver tab under Screen saver, click a screen saver 3. Select the On resume, password protect check box. If Fast User Switching is turned on, select the On resume, display Welcome screen check box. Note: • To open Display, click Start, click Control Panel, click Appearance and Themes, and then click Display. • Selecting the On Resume, password protect check box will lock your computer when the screen saver is activated. When you begin working again you will be prompted to type your password to unlock it. • Your screen saver password is the same as your logon password. If you do not use a password to log on, you cannot set a screen saver password. • Fast User Switching is only available for stand‐alone computers and users in a workgroup. It is not available if your computer is part of a network domain Using Group Policy in a domain Environment | You can enable Group Policy settings that control whether users use screen savers and whether they can change screen saver properties. Table below lists and describes each Group Policy setting. Other Group Policy settings you enforce can affect screen saver Group Policy settings. The Group Policy settings listed in Table below are located in the Group Policy snap‐in under: Local Computer Policy\User Configuration\Administrative Templates\Control Panel\Display key. Group Policy Settings That Can Affect Screen Saver Functionality Group Policy Setting Description

Hide screen saver tab Removes Screen Saver tab from Display in Control Panel.

(24)

Page 24