The
University Senate of Michigan Technological University
Proposal 7-10
(Voting Units:
Academic)
“Masters Program in Security and Medical Informatics”
Guy C. Hembroff
School of Technology
Chair, CNSA Program, Assistant Professor
This
proposal recommends the establishment of a Graduate Program in Security and Medical
Informatics at Michigan Tech University.
Marquette General Health System (MGHS), a prominent teaching medical
institution located in the Upper Peninsula of Michigan, will partner with the
School of Technology to provide a comprehensive education and research entity
for this Graduate Program.
Security
and medical informatics are two rapidly developing fields in our society. Medical informatics is the intersection of
information science, computer science, and healthcare. This field deals with the resources, devices,
and methods required to optimize the acquisition, storage, retrieval, and use
of information in health and biomedicine.
Securing computer network systems has become a vital part of our global
society. Many institutions and organizations
depend on electronic data to conduct operations daily. This includes areas such as the healthcare,
financial, military, and academic sectors. Established regulations such as the Health
Insurance Portability and Accountability Act (HIPAA) and Graham-Leach-Bliley
Act (GLBA) include specific security and compliance provisions for their
respective sectors. With the advancement
of technology in the medical field, accompanied by the need to keep this
information confidential, a graduate program that addresses the education and
research needs of these two closely related fields is critical.
Michigan
Tech University has established strong and growing research in the areas of security
and medical informatics. Likewise, the university
has recently made a significant commitment to education and research in this
field by supporting the strategic faculty hiring initiative in the area of
Health. The addition of the Security and
Medical Informatics Graduate Program would strongly support the Health initiative
and align with the strategic plan of the university.
The Masters of Science in Security and Medical Informatics
is designed to:
1.
deepen students' understanding and
knowledge of medical informatics and security engineering;
2.
provide students with research
opportunities within the intersecting fields of medical informatics and
security;
3.
provide a flexible curriculum to allow
for both traditional and nontraditional graduate students.
Graduate
programs in medical informatics or closely related fields exist at a few other
institutions, including South Dakota State University, Drexel University, Johns
Hopkins, Stanford, and the University of Illinois Chicago. Most of the mentioned programs focus strictly
on management and technical aspects of medical informatics. Johns Hopkins provides a similar security
infrastructure to accompany their health related courses, but our program has a
stronger emphasis on patient records, the electronic medical records system,
and the interoperability of these systems.
We
estimate the Graduate Program to have 15-20 students enrolled over the first
three years with an anticipated steady-state enrollment of 30-40 students. We expect 25% of the students in the program to
be traditional students and the remainder to be nontraditional students enrolled
strictly through distance learning. An
additional 15 non-degree seeking students are expected annually. These students
would take courses that can be applied to professional certifications such as
the Certified Professional in Heath Information Technology (CPHIT). These courses are highlighted in the next
section.
The Security
and Medical Informatics Graduate Program requires 33 credits of course work and
research for graduation.
Course
work – Minimum of 27 credits must be taken from the following courses:
1.
TSMI 5111 - Security and Privacy* +
2.
TSMI 5121 - The Healthcare System* +
3.
TSMI 5131 - System Analysis and Design* +
4.
TSMI 5141 - Electronic Health Records and e-Health
Implementation*
5.
TSMI 5151 - Application Integration and
Interoperability*
6.
TSMI 5161 - Database Management and Security*
7.
TSMI 5211 - Java Security
8.
TSMI 5221 - Protocols and Systems for Internet and Web
Security
9.
TSMI 5231 - Statistical Methods for Intrusion Detection
10. TSMI 5241 -
Designing Security Systems
11. TSMI 5251 - Advanced
Topics in Network Security
12. TSMI 5261 - Health
Informatics Decision and Support
13. TSMI 5271 - HIPAA
Implications for Public Health +
14. TSMI 5281 -
Healthcare Security Management
* HIT Certification course
+
Course instructed by Marquette General Health System
Research Thesis – 6 credits
15. TSMI 5999 - Master's Research
Course
Descriptions:
1.
TSMI 5111 Security and Privacy
Examines
key health information security, policy and procedures. Investigates how to distinguish elements of a
security audit and key security policies.
Analyzes the roles of people maintaining health information security and
explains elements of these roles within the organization.
Credits:
2.0 Lec-Rec-Lab:
(2-0-0)
Semesters
Offered: Fall
Restrictions:
Must be enrolled in one of the following Levels: Graduate
2.
TSMI 5121 The Healthcare System
Provides
an overview of healthcare's transition from paper to electronic format and
examines characteristics of healthcare organizations, the interrelationships
among healthcare components, the role that government, regulatory, professional
and accreditation agencies play within healthcare, and describes the roles of
healthcare professionals and the organizational structure in which they work.
Credits:
2.0 Lec-Rec-Lab: (2-0-0)
Semesters
Offered: Spring
Restrictions:
Must be enrolled in one of the following Levels: Graduate
3.
TSMI 5131 System Analysis and Design
Provides
in-depth knowledge of tools that are available to perform systems analysis,
examines the key factors to be considered in a systems design, emphasizes the
importance of communication through both of these processes, and an understanding
of the primary factors in measuring the benefits of systems
implementation. Course will also examine
strategies and key factors in purchasing systems. This includes analysis of opportunities and
risk of integrating single vendor, hybrid, and other factors when examining
system acquisition.
Credits: 3.0 Lec-Rec-Lab: (3-0-0)
Semesters
Offered: Fall
Restrictions:
Must be enrolled in one of the following Levels: Graduate
4.
TSMI 5141 Electronic Health Records and e-Health
Implementation
Explores
the difference between Electronic Medical Record (EMR) and Electronic Health
Record (EHR). Discusses challenges and
implementation of both EMR and EHR.
Provides security analysis of both types of records and the maintenance
of these systems.
Credits:
3.0 Lec-Rec-Lab: (2-0-1)
Semesters
Offered: Spring
Restrictions:
Must be enrolled in one of the following Levels: Graduate
5.
TSMI 5151 Application Integration and Interoperability
Defines
and explains the role of interoperability in the development of a functioning
EHR. Analyzes predominant standardization
in the healthcare field such as ASTM and HL7. Examines the challenges to the
development of interoperability in healthcare.
Credits:
3.0 Lec-Rec-Lab: (2-0-1)
Semesters
Offered: Fall
Restrictions:
Must be enrolled in one of the following Levels: Graduate
6.
TSMI 5161 Database Management and Security
Identifies
database solutions and key elements of an enterprise data warehouse. Explains how to apply best practices for
development of data warehouses and distinguish between a clinical data repository
and enterprise data warehouse.
Investigates the role of Master Patient Index and the aggregation of
patient data in databases. Finally, the course
defines security practices for a database environment.
Credits:
3.0 Lec-Rec-Lab: (2-0-1)
Semesters
Offered: Spring
Restrictions:
Must be enrolled in one of the following Levels: Graduate
7.
TSMI 5211 Java Security
This
course provides comprehensive coverage of the security aspects of the Java
platform. Java's security model and the VM and language features that support
security are covered. Java APIs and Java Cryptography APIs are addressed in
security in the Java 2 Enterprise Edition (J2EE). This course analyzes Java security platforms
and Java APIs within the healthcare sector.
Credits:
3.0 Lec-Rec-Lab: (2-0-1)
Semesters
Offered: Fall
Restrictions:
Must be enrolled in one of the following Levels: Graduate
8.
TSMI 5221 Protocols and Systems for Internet and Web
Security
Course
focuses on the most widely used systems and protocols for security on the
Internet and on the Web. The Internet
refers to the infrastructure or the underlying protocols and routing. The Web
describes applications that run on the Internet. Detailed focus is on browsers, web servers,
and communication protocols on the Internet, as well as how to deal with
viruses and distributed denial of service attacks. Some of the protocols/systems covered in
detail are TCP/IP, SSUTLS, IPsec, SSH, PGP, firewalls, IDS systems, and
Kerberos.
Credits:
3.0 Lec-Rec-Lab: (2-0-1)
Semesters
Offered: Spring
Restrictions:
Must be enrolled in one of the following Levels: Graduate
9.
TSMI 5231 Statistical Methods for Intrusion Detection
This
course will provide an introduction to the data and methodologies of computer
intrusion detection. The focus will be
on statistical and machine learning approaches to detection of attacks on
computers. Topics include network monitoring
and analysis, network based attacks such as probes and denial of service
attacks, host-based attacks such as buffer overflows and race conditions, and malicious
code such as viruses and worms.
Statistical pattern recognition methods will be described for the
detection and classification of attacks.
Credits:
3.0 Lec-Rec-Lab: (2-0-1)
Semesters
Offered: Fall
Restrictions:
Must be enrolled in one of the following Levels: Graduate
10. TSMI 5241 Designing Security Systems
This
course provides an overview of techniques used in the design of secure systems.
Primary focus of the course will be on real-world case studies. Students will examine attacks on deployed
systems and then investigate how these vulnerabilities have been subsequently
addressed. Additionally, the course will
examine the practical advantages and shortcomings of several notions of
provable security. Students will be expected to read, understand, and present
recent research papers to the class.
Credits:
3.0 Lec-Rec-Lab: (3-0-0)
Semesters
Offered: Spring
Restrictions:
Must be enrolled in one of the following Levels: Graduate
11. TSMI 5251 Advanced
Topics in Network Security
This
course focuses on advanced research topics in communications security. The course is structured as a research
seminar where students present research papers to the class. Topics include protocol analysis, security in
inter-domain routing, broadcast authentication protocols, covert channels and
anonymous communication, key management, advanced trace-back schemes, and
attack propagation modeling. A course
project is required.
Credits:
3.0 Lec-Rec-Lab: (3-0-0)
Semesters
Offered: Fall
Restrictions:
Must be enrolled in one of the following Levels: Graduate
12. TSMI 5261 Health
Informatics Decision and Support
This
course addresses issues related to decision modeling based on health sciences
data in terms of analysis, construction, and evaluation. Clinical decision support architectures are
examined. An array of decision support
tools is considered, and the knowledge representations employed in these tools
are discussed.
Credits:
3.0 Lec-Rec-Lab: (3-0-0)
Semesters
Offered: Spring
Restrictions:
Must be enrolled in one of the following Levels: Graduate
13. TSMI 5271 HIPAA
Implications for Public Health
This
course focuses on the administrative and technical provisions of the Health
Insurance Portability and Accountability Act of 1996 (HIPAA) which mandates a
variety of healthcare standards as well as rules for electronic transactions
and code sets. This course is designed to
provide system implementers in the public health field with an understanding of
and hands-on experience with HIPAA regulations, implications, and a perspective
of the impact on the future of the health care information infrastructure
regarding the use of information technologies.
Credits:
3.0 Lec-Rec-Lab: (3-0-0)
Semesters
Offered: Spring
Restrictions:
Must be enrolled in one of the following Levels: Graduate
14. TSMI 5281 Healthcare
Security Management
This
course will address information security in the public health and medical
fields, with special emphasis on clinical care, research and the role of the
academic medical center. Course will
also focus on disaster recovery and response, anonymization of records,
billing, communication of public health information to EHRs, along with
physical and administrative security.
Credits:
3.0 Lec-Rec-Lab: (3-0-0)
Semesters
Offered: Fall
Restrictions:
Must be enrolled in one of the following Levels: Graduate
15. TSMI 5999 Master's Research
The
study of an acceptable security and medical informatics research problem and
the preparation of a thesis.
Credits:
variable to 6.0; Repeatable to a Max of 6; Graded Pass/Fail Only
Semesters
Offered: Fall, Spring, Summer
Restrictions:
Permission of department required; Must be enrolled in one of the following
Levels: Graduate
To be
defined
A computer
access fee of $210 per semester will be required for students enrolled in this
program and additional Distance Learning fees may be required for on-line
courses.
Key
faculty members for this graduate program are listed below:
·
Yu Cai – Assistant Professor, School of
Technology (http://www.tech.mtu.edu/people/yu_cai_CV.pdf)
·
Chunming Gao – Assistant Professor,
School of Technology (http://www.tech.mtu.edu/people/chunming_gao_CV.pdf)
·
Guy C. Hembroff – Chair, CNSA
Program/Assistant Professor, School of Technology
(http://www.tech.mtu.edu/people/guy_hembroff_CV.pdf)
·
Liran Ma – Assistant Professor, School
of Technology (http://www.tech.mtu.edu/people/liran_ma_CV.pdf)
·
Xinli Wang – Assistant Professor,
School of Technology (http://www.tech.mtu.edu/people/xinli_wang_CV.pdf)
The following contains a list of
hardware and software needed for this Graduate program:
·
Computer PCs/Laptops
·
Selected Software (i.e. EMR software,
database software, virtualization software)
·
Routers/Switches/Firewalls
·
Biometric Devices
·
VoIP Technologies
·
Smart Cards
X.
Program Costs
Program Costs display the overall funding mechanism to
illustrate a comprehensive budget and demonstrate forecasting to achieve
revenue and sustainability for this graduate program. Steady state enrollment occurs in year four.
Non-degree seeking students are individuals who are
registered to take courses, possibly to obtain their CPHIT certificate, but are
not registered in the Security and Medical Informatics Graduate program.
PROGRAM REVENUE |
Year
1 |
Year 2 |
Year
3 |
Years 4-n |
||
Enrollment (MS students) |
8 |
18 |
20 |
20 |
||
Enrollment (non-degree
seeking) |
6 |
12 |
15 |
15 |
||
Tuition revenue (MS
students - 18 credits/year at $595/credit) |
$85,680 |
$192,780 |
$214,200 |
$214,200 |
||
Tuition revenue
(non-degree seeking - 16 credits/year) |
$57,120 |
$114,240 |
$142,800 |
$142,800 |
||
Total
tuition revenue |
$142,800 |
$307,020 |
$357,000 |
$357,000 |
||
PROGRAM REVENUE (cont.) |
Year
1 |
Year
2 |
Year
3 |
Years 4-n |
||
Incentive returned to
program |
$11,250
|
$22,500
|
$30,000
|
$41,250 |
||
Total
annual revenue |
$154,050 |
$329,520 |
$387,000 |
$398,250 |
||
PROGRAM EXPENSES |
|||||
Additional Michigan Tech
Faculty |
1 |
1 |
1 |
1 |
|
Salary
($80,000 x 1.4) |
$112,000
|
$112,000
|
$112,000
|
$112,000 |
|
MGH Faculty |
1
|
1
|
1
|
1 |
|
Salary
($65,000 x 1.4) |
$84,000
|
$84,000
|
$84,000
|
$84,000
|
|
Total
salaries |
$196,001
|
$196,001
|
$196,001
|
$196,001 |
|
Journals (5% annual
increase) |
$5,350 |
$5,618 |
$5,899 |
$6,194 |
|
Graduate Assistantships
($20k/year) |
$40,000 |
$40,000 |
$60,000 |
$60,000 |
|
Computer equipment
($5k/year towards replacement) |
$5,000
|
$5,000
|
$5,000
|
$5,000
|
|
Total non-salary |
$50,350 |
$50,618 |
$70,899 |
$71,194 |
|
Total
annual expenses |
$246,351
|
$246,619
|
$266,900
|
$267,195 |
|
REVENUE – EXPENSES |
-$92,301 |
$82,901 |
$120,100 |
$131,055 |
One-time startup
costs:
Marketing
& Recruiting $ 10,000
Library
and Monographs $ 3,000
Online
Infrastructure $ 50,000
Computer
Equipment $ 20,000
Graduate
Computer Research/Course Lab $ 215,000
Total
One Time Costs: $ 298,000
Potential
Department of Labor (DoL) Grant Funding
**Submitted
October 6, 2009
Funding 2010 $198,350
Funding 2011 $ 20,000
Funding 2012 $ 80,000
Projected DoL Funding $ 298,350
XI.
Space
Graduate
Research/Course Lab (funding specifics listed above)
XII. Accreditation
Not applicable
XIII.
Planned Implementation
This program would begin offering courses fall semester 2010.