St. Joseph’s Health, a long-time Citrix customer, sees cloud technology and Citrix Workspace on the horizon. It may be a year or two before the transition is made, but in the meantime, the health system’s IT leader is putting cloud-ready building blocks in place and staying abreast of industry trends.
“The first part of being ready for the future is closely watching where our suppliers Cerner and Citrix are going,” says Jesse Fasolo, director, infrastructure technology and infrastructure cybersecurity. “We take cues about how we should structure our own infrastructure from these two crucial partners.” Cerner markets the electronic health records (EHR) platform used by the health system, and they use Citrix. St. Joseph’s did a major Cerner implementation in 2018.
St. Joseph’s also uses Citrix as its EHR platform and its digital workspace. “Like us, many in the industry also are selectively partnering with cloud-ready digital platform vendors like Citrix,” he adds.
The Citrix environment represents the largest internal environment hosting a solution at St. Joseph’s. It is comprised of nearly 200 dedicated servers. With the assistance of integration partner, Gotham Technology Group, and the services of Citrix Select Services, the team at St. Joseph’s rearchitected the Citrix environment several years ago.
“When the coronavirus pandemic hit, for example, we were definitely prepared for the sizeable population of new remote workers. We went from somewhere between 600 and 1000 users to 1800 concurrent sessions per day,” he recounts. “We had already accounted for the extra capacity in the Citrix Virtual Apps and Desktops environment.”
During the pandemic, the hospital’s frontline workers continued to work 24 x 7 without deviation. Employees in HR, legal, compliance, and IT, on the other hand, had the flexibility to work from home thanks to the IT team’s foresight. Fasolo estimates that 20% of the workforce transitioned to remote work.
“Where Citrix Virtual Apps and Desktops plays very well is in shared workspace environments. With nearly 2500 nurses and 1000 providers, the majority of our clinical staff needs a flexible digital workspace to deliver EHR software and a variety of work-related applications,” he says. “Citrix is predominantly used on workstations out on nursing floors.”
“Log on times for our 200+ applications ranging from imaging software to daily administrative software are sub-20 seconds, and we're improving that as we go along,” Fasolo notes. “I also oversee Information Security, Cybersecurity, and compliance. For that reason, I really hold Citrix dear to my heart: it enables me to ensure that user sessions are secure,” he adds. “I can detect and monitor anything that's happening in those sessions. Best of all, Citrix enables me to comply with HIPAA and other healthcare mandates.” He continues, “Increases in speed have enabled Saint Joseph's users to open applications and make use of them more quickly, to accelerate screen sharing and to enjoy logon times that give them an experience like that of a local machine.”
Clinicians also use Citrix for three or four different compute-intensive systems including PACS, radiology, and cardiology. They also use it for a women's health product and for dental applications. For those working off-site, Citrix provides remote access to the hospital’s apps – whether on a corporate device or in a Bring Your Own Device (BYOD) scenario.
Citrix is viewed as a contingency for other software, too. Even if a clinician has software installed on his local machine, the hospital has it backed up in Citrix in case it’s needed.
“In healthcare, you see the crucial need for flawless security,” Fasolo shares. “Citrix secures your session and ensures that data's not being exfiltrated. Users access it through two-factor authentication,” he notes.
“The IT Team can lock down access via policy. We have control and can monitor the environment, centralize our applications in our systems, and apply upgrades quickly,” he adds. “It’s no longer necessary for a technician to physically touch each device.”
Fasolo calls Citrix automated Provisioning Services (PVS), a godsend for the IT team. “Citrix has greatly increased our security patching efficiency and our speed and efficiency in building out in environments,” he says. He adds, “In total, the team manages eight master images for the environment. It is very agile, from a management perspective. The entire Citrix environment of 5200 users is supported by only two people,” Fasolo explains. “That’s a testament to how simple it is to use Citrix once it is up and running.”
Thin clients help St. Joseph’s reduce the cost of workstations on wheels
In a hardware comparison using a St. Joseph’s VDI image, thin clients won over small-factor PCs in terms of cost and performance. Thin clients used on workstations on wheels enable Fasolo and his team to reduce the cost of equipping these carts by nearly two thirds. There is no difference in performance between opening a Citrix application with a PC versus with a thin client,” Fasolo clarifies.
After a comparison between four companies’ products, St. Joseph’s chose a USB endpoint device and proprietary software from Citrix Ready partner IGEL as a contingency solution to be used in the event of a ransomware attack. If necessary, users can boot directly from them and continue working. The Patient Registration team will be the first line of defense during such a business disruption. They will disseminate IGEL USBs to nursing floors immediately if a breach is detected. Records can easily be backed up while the IT team restores services. It’s an easy plug and play solution.
In the past, St. Joseph’s had ADC appliances that only supported a single point of failure. The team subsequently installed larger Citrix ADCs to support a higher number of sessions.
“Now, St. Joseph’s not only has the capacity for its Citrix ADCs to handle load balancing for the Citrix environment, but also, we can manage load balancing for other environments, too. For example, St. Joseph’s uses its ADCs for reverse proxy for its Microsoft 2016 Exchange environment. ADCs also are used for load balancing for internal applications,” Fasolo explains.
The team integrated ADCs with the two-factor authentication environment so everything going through the health system -- whether desktop, or Citrix-based or even Webmail with Exchange -- follows the same secure authentication process. St. Joseph’s also set up global server load balancing (GSLB) on the ADCs; they serve as the main load balancer for several different types of software including web applications, e-mail, active sync, and Citrix.
“Initially, St. Joseph’s had F5 in its environment. That technology was one of the first things we took out due to the cost,” says Fasolo. “The total cost of ownership of ADCs versus F5 technology is far less, especially with our use of the same ADCs not only for Citrix, but also for other purposes,” he explains.
“There’s one more great thing that’s noteworthy about Citrix ADCs. At this point, from a support perspective, the team really doesn't have to manage our ADCs,” he declares. “We set them up and they just work. We've had zero failure on the ADC side.”
“The product development progression and the changes that have been made over time in Citrix solutions have allowed the IT staff to easily manage and support enterprise applications. Additionally, the speed and performance of Citrix has greatly improved in the time that we’ve used it. The ADC hardware has evolved, too,” Fasolo explains.
St. Joseph’s Health operates primary acute care facilities. There are 880 beds across two acute care facilities and approximately 40 physician practices. Additionally, the health care system recently announced a strategic partnership with Hackensack Meridian Health. “With an environment like ours at St. Joseph’s, we need the cloud-ready technology that Citrix offers. With it, we are extremely well-positioned for the next step in our technology evolution,” concludes Fasolo.
The total cost of ownership of ADCs versus F5 technology is far less, especially with our use of the same ADCs not only for Citrix, but also for other purposes.