What is the network configuration?
Touch SurgeryTM Enterprise uses host-based EC2 O/S firewalls and Network Security Groups (NSGs) to control access to and from each of its AWS Virtual Private Cloud (VPC) environments. Each VPC has its own network, consisting of six subnets: three private and three public. The host-based O/S firewall rules and security groups for each EC2 instance drops all traffic not explicitly allowed, and only allows traffic to and from authorized sources, as defined by IP address and port range combinations.
Will this live on a segmented network?
Yes. Virtual Private Clouds (VPCs) are deployed to nine logically separate Touch SurgeryTM Enterprise system environments. Each VPC has its own network, consisting of six subnets: three private and three public.
How do we integrate the DS1 Computer into our network?
The DS1 Computer requires only an internet connection to upload videos. It does not require additional integration with your institution’s software or network.
Does the DS1 require Wi-Fi?
No. The DS1 Computer connects to the internet through an Ethernet network cable only. It has a dedicated secure 802.11a/n/ac WPA2-PSK 5GHz WiFi hotspot, reserved for communication with the wireless controller only.
Does the data need to integrate into the EMR or EHR?
Touch SurgeryTM Enterprise offers interoperability with EMR/EHR systems, Enterprise Master Patient Indexes (EMPI), and Hospital Information Systems (HIS), through the EMR/EHR Integration Add-on. This optional add-on allows securely captures patient identifiable information to besearched on Touch SurgeryTM Enterprise. Appropriate role-based access controls, and information security safeguards, are in place to ensure the security of any patient data captured.
The add-on can also post the URL link to the surgical video into the corresponding case note in the EMR or EHR. This allows access from the medical record. If you are interested in more information, visit EMR/EHR Integration Add-on EU for Europe and EMR/EHR Integration Add-on US for the United States. And, if you are interested in using the add-on at your site, please contact [email protected].
Who can access the videos?
Videos uploaded to Touch SurgeryTM Enterprise are accessible only by the uploading user (also referred to as the “lead surgeon”) and any other users they choose to share with. Videos can only be shared with others with the proper authorization. Some authorized Medtronic personnel may also be able to access videos, as a necessary part of the provision of service and support.
How does Medtronic Digital Surgery access the cloud environment?
A Touch SurgeryTM Enterprise administrator/privileged user who accesses the Touch SurgeryTM Enterprise AWS cloud platform cannot directly connect to any AWS cloud components (e.g., server, database). This type of user must first authenticate using their authorized AWS Identity & Access Management (IAM) account credential (ID, password, and MFA code), and then accesses the resources via the Secure Shell Protocol (SSH) via a certificate authority management service called Teleport. Users will need to request access for Teleport credentials (ID password and MFA code). They use a combination of the AWS IAM credentials and Teleport credentials to login via the SSH protocol before connecting and performing any system administration.
Certain authorized Medtronic Digital Surgery staff members can login to the Django Admin internal web portal. This gives the user granular access to specific RDS Postgres database tables required for their job role.
