If you can easily connect to the Web at your local coffee shop, why not at your surgical facility? You can, but low bandwidth, shaky security, limited range and confusing protocols can make wireless Ethernet, better known as Wi-Fi, more plug-and-pray than plug-and-play. Don't let that dissuade you from this technology's enticing advantages, though. You simply need a bit of forethought, planning and IT expertise. Here's how to get the most out of Wi-Fi for your clinical and business activities.

1 Standards and compatibility
You need to know the different standards to ensure compatibility among all your Wi-Fi devices. Most are based on a broad standard known as IEEE 802.11. Current Wi-Fi systems run on a standard designated 802.11g, which supports speeds of up to 54 Mbps (megabits per second - more about speed later). If walls, ceilings and pipes don't interfere, its maximum range is about 30 meters. Most 802.11g Wi-Fi systems can also support 802.11b, which has a maximum speed of only 11 Mbps. That's still faster than dial-up for Web-surfing, but for client-server applications such as EMR or practice management, it's too slow.

Your real range may be much shorter than product specifications list due to building interference or the presence of other devices sharing the same frequency, so you must ensure that there are enough wireless access points that are compatible with all the wireless devices that you intend to use, including laptops, workstations and medical equipment. A WAP must be near AC power and an Ethernet connection.

Cheap WAPs designed for home use appear to have the same features as those designed for commercial use. Don't be fooled; there are huge differences in power, range, features and reliability. Expect to pay $200 to $1,000 for commercial-grade WAPs. Wi-Fi cards for devices that didn't come them cost about $100. Configuring a WAP requires about an hour; individual devices should take only a few minutes each to configure, though slightly more if they will connect to multiple Wi-Fi networks. Have a trained IT professional set everything up to ensure security.

2 Speed
All devices on a Wi-Fi network share the bandwidth, dividing its speed. In a standard 801.11g network, a laptop placed right next to the WAP will get only 54 Mbps. That's still fast, if you're only going to wirelessly connect one laptop, but adding another halves the bandwidth. Five laptops would cut the bandwidth to one-fifth of normal Ethernet or slower, because networks rarely perform at optimum speed at all times. This is why you can't replace all normal wired networks with Wi-Fi. There just isn't enough bandwidth to share for all users' needs.

Therefore, Wi-Fi is more appropriate for low-powered tasks or occasional users who need to be mobile within the facility. Wi-Fi performance works well with tablet PCs that may be used by physicians and nurses, for example. For heavy-use applications like billing, word processing and spreadsheets, and for high-bandwidth needs like imaging or video, however, you're going to have to stay tied down to the blue Ethernet cable.

The next generation of Wi-Fi, 802.11n, due next July, has a projected maximum speed of 540 Mbps and will require new WAPs and Wi-Fi cards. Bandwidth will still be shared by all your devices, so don't get too excited about all that speed. Given the trend toward faster gigabit Ethernet, even 802.11n Wi-Fi will likely still be slower than its wired cousin.

3 Security
Many people, including some IT consultants, incorrectly claim that Wi-Fi is not HIPAA secure. The fact is, any IT component can be implemented and used non-compliantly. There's no reason this has to be the case with Wi-Fi; it has three primary security protocols.

• Wired equivalent privacy, using 64- or 128-bit encryption. The WAP and each device must store a specific key; to add a new device to the network, you simply give the user the WEP key. It's a good idea to periodically change the WEP key to prevent your networks' being compromised. Add a process to your HIPAA security (not HIPAA privacy) procedures to change the WEP key when an employee leaves, just as you would change office keys and security codes.
• Media access control addressing. This type of security stores only the pre-allowed MAC addresses, which virtually every piece of networking equipment has, in the WAP. "Spoofing" a MAC address is relatively simple, however. MAC is also fairly maintenance-intensive; adding a new user to the network requires you to program that user's MAC address into the WAP, and initial configuration is time-consuming.
• Wi-Fi protected access. Similar to WEP, this most-secure method uses secure 256-bit encryption of all data. The stronger encryption makes unauthorized access to your network almost impossible. Many older wireless cards are not compatible with WPA, though you may be able to buy firmware updates.

Once you've decided how you'll secure the network, you need to decide whether to broadcast your source station identifier. This is basically the name of your WAP or wireless network and shows up when you search for a wireless network. If you broadcast your SSID, then theoretically anybody can get into your system.

And many people are under the impression that tapping into someone's unsecured wireless network is harmless fun. While most experts agree that this type of unauthorized activity may be actionable under federal wiretapping statutes, which can carry fines of up to $250,000, you shouldn't be relying on the law as a deterrent. You need to make sure your systems are secure from this outside intrusion in the first place.

To protect your wireless network, don't broadcast the SSID. Then authorized users must know the network name to get in. You would only broadcast the SSID and require no encryption for a public wireless network in your waiting room - but it should be on a completely different network segment from your business office and EMR system, should only let the user get to the Internet and should be named something other than the name of your practice or ASC, such as "guest access."

4 Interference
As we touched on previously, the performance of Wi-Fi is strongly affected by distance and by whatever building structures exist between the WAP and the individual laptops, especially concrete and steel. This is particularly important in a surgical facility because of medical gas piping, structural steel in the ORs for booms and lights, and shielding for medical equipment. Facility shape and the location of the WAP and the wireless devices all affect signal strength. Generally speaking, a single WAP should supply coverage for about 2,500 square feet. Larger facilities and those with a lot of steel and concrete require more than one WAP; just add them until coverage is sufficient.

Microwave ovens, cordless phones, Bluetooth devices and many medical telemetry devices use the radio spectrum in the 2.4 GHz band, just like your Wi-Fi devices do, but they usually pose minimal interference risk, because most of them employ frequency-hopping technology. Wi-Fi manufacturers and bio-med vendors have different perspectives on whether Wi-Fi should be used near such devices, but they mostly want to warn that their equipment may cause interference they can't control.

Outside your facility
It seems everywhere you turn, there are wireless hotspots: the networks in coffee shops, airport lounges and hotels that let you connect a Wi-Fi-capable laptop or handheld to the Internet in order to access e-mail, browse the Web and connect to the office if your facility's network includes a virtual private network. So whether you're across town or across the country, you can ensure that your ORs are running just fine. Hotspots are generally secure, but it's possible for someone to access information from your laptop when you are connected this way. Connecting to these types of networks also frequently entails settings changes, which can hinder connecting once you're back at the office.