The University Senate of Michigan Technological University

Proposal 7-10
(Voting Units: Academic)

“Masters Program in Security and Medical Informatics”

 

Guy C. Hembroff

School of Technology

Chair, CNSA Program, Assistant Professor

 

 

  1. General Description

This proposal recommends the establishment of a Graduate Program in Security and Medical Informatics at Michigan Tech University.  Marquette General Health System (MGHS), a prominent teaching medical institution located in the Upper Peninsula of Michigan, will partner with the School of Technology to provide a comprehensive education and research entity for this Graduate Program.

 

  1. Rationale

Security and medical informatics are two rapidly developing fields in our society.  Medical informatics is the intersection of information science, computer science, and healthcare.  This field deals with the resources, devices, and methods required to optimize the acquisition, storage, retrieval, and use of information in health and biomedicine.  Securing computer network systems has become a vital part of our global society.  Many institutions and organizations depend on electronic data to conduct operations daily.  This includes areas such as the healthcare, financial, military, and academic sectors.  Established regulations such as the Health Insurance Portability and Accountability Act (HIPAA) and Graham-Leach-Bliley Act (GLBA) include specific security and compliance provisions for their respective sectors.  With the advancement of technology in the medical field, accompanied by the need to keep this information confidential, a graduate program that addresses the education and research needs of these two closely related fields is critical.

 

Michigan Tech University has established strong and growing research in the areas of security and medical informatics.  Likewise, the university has recently made a significant commitment to education and research in this field by supporting the strategic faculty hiring initiative in the area of Health.  The addition of the Security and Medical Informatics Graduate Program would strongly support the Health initiative and align with the strategic plan of the university.

 

The Masters of Science in Security and Medical Informatics is designed to:

1.     deepen students' understanding and knowledge of medical informatics and security engineering;

2.     provide students with research opportunities within the intersecting fields of medical informatics and security;

3.     provide a flexible curriculum to allow for both traditional and nontraditional graduate students.

 

  1. Related Programs

Graduate programs in medical informatics or closely related fields exist at a few other institutions, including South Dakota State University, Drexel University, Johns Hopkins, Stanford, and the University of Illinois Chicago.  Most of the mentioned programs focus strictly on management and technical aspects of medical informatics.  Johns Hopkins provides a similar security infrastructure to accompany their health related courses, but our program has a stronger emphasis on patient records, the electronic medical records system, and the interoperability of these systems.

 

  1. Projected Enrollment

We estimate the Graduate Program to have 15-20 students enrolled over the first three years with an anticipated steady-state enrollment of 30-40 students.  We expect 25% of the students in the program to be traditional students and the remainder to be nontraditional students enrolled strictly through distance learning.  An additional 15 non-degree seeking students are expected annually. These students would take courses that can be applied to professional certifications such as the Certified Professional in Heath Information Technology (CPHIT).  These courses are highlighted in the next section.

  1. Curriculum Design

The Security and Medical Informatics Graduate Program requires 33 credits of course work and research for graduation.

 

            Course work – Minimum of 27 credits must be taken from the following courses:

1.    TSMI 5111 -   Security and Privacy* +

2.    TSMI 5121 -   The Healthcare System* +

3.    TSMI 5131 -   System Analysis and Design* +

4.    TSMI 5141 -   Electronic Health Records and e-Health Implementation*

5.    TSMI 5151 -   Application Integration and Interoperability*

6.    TSMI 5161 -   Database Management and Security*

7.    TSMI 5211 -   Java Security

8.    TSMI 5221 -   Protocols and Systems for Internet and Web Security

9.    TSMI 5231 -   Statistical Methods for Intrusion Detection

10.  TSMI 5241 -   Designing Security Systems

11.  TSMI 5251 -   Advanced Topics in Network Security

12.  TSMI 5261 -   Health Informatics Decision and Support

13.  TSMI 5271 -   HIPAA Implications for Public Health +

14.  TSMI 5281 -   Healthcare Security Management

 

            * HIT Certification course

            + Course instructed by Marquette General Health System

 

            Research Thesis – 6 credits

15.  TSMI 5999 -  Master's Research

 

            Course Descriptions:

1.    TSMI 5111  Security and Privacy

Examines key health information security, policy and procedures.  Investigates how to distinguish elements of a security audit and key security policies.  Analyzes the roles of people maintaining health information security and explains elements of these roles within the organization.

Credits: 2.0      Lec-Rec-Lab: (2-0-0)

Semesters Offered: Fall

Restrictions: Must be enrolled in one of the following Levels: Graduate

 

2.    TSMI 5121  The Healthcare System

Provides an overview of healthcare's transition from paper to electronic format and examines characteristics of healthcare organizations, the interrelationships among healthcare components, the role that government, regulatory, professional and accreditation agencies play within healthcare, and describes the roles of healthcare professionals and the organizational structure in which they work.

Credits: 2.0      Lec-Rec-Lab: (2-0-0)

Semesters Offered: Spring

Restrictions: Must be enrolled in one of the following Levels: Graduate

 

3.    TSMI 5131  System Analysis and Design

Provides in-depth knowledge of tools that are available to perform systems analysis, examines the key factors to be considered in a systems design, emphasizes the importance of communication through both of these processes, and an understanding of the primary factors in measuring the benefits of systems implementation.  Course will also examine strategies and key factors in purchasing systems.  This includes analysis of opportunities and risk of integrating single vendor, hybrid, and other factors when examining system acquisition.

      Credits: 3.0      Lec-Rec-Lab: (3-0-0)

Semesters Offered: Fall

Restrictions: Must be enrolled in one of the following Levels: Graduate

4.    TSMI 5141  Electronic Health Records and e-Health Implementation

Explores the difference between Electronic Medical Record (EMR) and Electronic Health Record (EHR).  Discusses challenges and implementation of both EMR and EHR.  Provides security analysis of both types of records and the maintenance of these systems.

Credits: 3.0      Lec-Rec-Lab: (2-0-1)

Semesters Offered: Spring

Restrictions: Must be enrolled in one of the following Levels: Graduate

 

5.    TSMI 5151  Application Integration and Interoperability

Defines and explains the role of interoperability in the development of a functioning EHR.   Analyzes predominant standardization in the healthcare field such as ASTM and HL7. Examines the challenges to the development of interoperability in healthcare. 

Credits: 3.0      Lec-Rec-Lab: (2-0-1)

Semesters Offered: Fall

Restrictions: Must be enrolled in one of the following Levels: Graduate

 

6.    TSMI 5161  Database Management and Security

Identifies database solutions and key elements of an enterprise data warehouse.  Explains how to apply best practices for development of data warehouses and distinguish between a clinical data repository and enterprise data warehouse.  Investigates the role of Master Patient Index and the aggregation of patient data in databases.  Finally, the course defines security practices for a database environment.

Credits: 3.0      Lec-Rec-Lab: (2-0-1)

Semesters Offered: Spring

Restrictions: Must be enrolled in one of the following Levels: Graduate

 

7.    TSMI 5211  Java Security

This course provides comprehensive coverage of the security aspects of the Java platform. Java's security model and the VM and language features that support security are covered. Java APIs and Java Cryptography APIs are addressed in security in the Java 2 Enterprise Edition (J2EE).  This course analyzes Java security platforms and Java APIs within the healthcare sector.

Credits: 3.0      Lec-Rec-Lab: (2-0-1)

Semesters Offered: Fall

Restrictions: Must be enrolled in one of the following Levels: Graduate

 

8.    TSMI 5221  Protocols and Systems for Internet and Web Security

Course focuses on the most widely used systems and protocols for security on the Internet and on the Web.  The Internet refers to the infrastructure or the underlying protocols and routing. The Web describes applications that run on the Internet.  Detailed focus is on browsers, web servers, and communication protocols on the Internet, as well as how to deal with viruses and distributed denial of service attacks.  Some of the protocols/systems covered in detail are TCP/IP, SSUTLS, IPsec, SSH, PGP, firewalls, IDS systems, and Kerberos.

Credits: 3.0      Lec-Rec-Lab: (2-0-1)

Semesters Offered: Spring

Restrictions: Must be enrolled in one of the following Levels: Graduate

 

9.    TSMI 5231  Statistical Methods for Intrusion Detection

This course will provide an introduction to the data and methodologies of computer intrusion detection.  The focus will be on statistical and machine learning approaches to detection of attacks on computers.  Topics include network monitoring and analysis, network based attacks such as probes and denial of service attacks, host-based attacks such as buffer overflows and race conditions, and malicious code such as viruses and worms.  Statistical pattern recognition methods will be described for the detection and classification of attacks. 

Credits: 3.0      Lec-Rec-Lab: (2-0-1)

Semesters Offered: Fall

Restrictions: Must be enrolled in one of the following Levels: Graduate

10.  TSMI 5241 Designing Security Systems

This course provides an overview of techniques used in the design of secure systems. Primary focus of the course will be on real-world case studies.  Students will examine attacks on deployed systems and then investigate how these vulnerabilities have been subsequently addressed.  Additionally, the course will examine the practical advantages and shortcomings of several notions of provable security. Students will be expected to read, understand, and present recent research papers to the class.

Credits: 3.0      Lec-Rec-Lab: (3-0-0)

Semesters Offered: Spring

Restrictions: Must be enrolled in one of the following Levels: Graduate

 

11.  TSMI 5251  Advanced Topics in Network Security

This course focuses on advanced research topics in communications security.  The course is structured as a research seminar where students present research papers to the class.  Topics include protocol analysis, security in inter-domain routing, broadcast authentication protocols, covert channels and anonymous communication, key management, advanced trace-back schemes, and attack propagation modeling.  A course project is required.

Credits: 3.0      Lec-Rec-Lab: (3-0-0)

Semesters Offered: Fall

Restrictions: Must be enrolled in one of the following Levels: Graduate

 

12.  TSMI 5261  Health Informatics Decision and Support

This course addresses issues related to decision modeling based on health sciences data in terms of analysis, construction, and evaluation.  Clinical decision support architectures are examined.  An array of decision support tools is considered, and the knowledge representations employed in these tools are discussed.

Credits: 3.0      Lec-Rec-Lab: (3-0-0)

Semesters Offered: Spring

Restrictions: Must be enrolled in one of the following Levels: Graduate

 

13.  TSMI 5271  HIPAA Implications for Public Health

This course focuses on the administrative and technical provisions of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) which mandates a variety of healthcare standards as well as rules for electronic transactions and code sets.  This course is designed to provide system implementers in the public health field with an understanding of and hands-on experience with HIPAA regulations, implications, and a perspective of the impact on the future of the health care information infrastructure regarding the use of information technologies.

Credits: 3.0      Lec-Rec-Lab: (3-0-0)

Semesters Offered: Spring

Restrictions: Must be enrolled in one of the following Levels: Graduate

 

14.  TSMI 5281  Healthcare Security Management

This course will address information security in the public health and medical fields, with special emphasis on clinical care, research and the role of the academic medical center.  Course will also focus on disaster recovery and response, anonymization of records, billing, communication of public health information to EHRs, along with physical and administrative security.

Credits: 3.0      Lec-Rec-Lab: (3-0-0)

Semesters Offered: Fall

Restrictions: Must be enrolled in one of the following Levels: Graduate

 

15.  TSMI 5999  Master's Research

The study of an acceptable security and medical informatics research problem and the preparation of a thesis.

Credits: variable to 6.0; Repeatable to a Max of 6; Graded Pass/Fail Only

Semesters Offered: Fall, Spring, Summer

Restrictions: Permission of department required; Must be enrolled in one of the following Levels: Graduate


  1. Library and other Learning Resources

To be defined

 

  1. Computing Access Fees

A computer access fee of $210 per semester will be required for students enrolled in this program and additional Distance Learning fees may be required for on-line courses.

 

  1.  Faculty

Key faculty members for this graduate program are listed below:

·         Yu Cai – Assistant Professor, School of Technology (http://www.tech.mtu.edu/people/yu_cai_CV.pdf)

·         Chunming Gao – Assistant Professor, School of Technology (http://www.tech.mtu.edu/people/chunming_gao_CV.pdf)

·         Guy C. Hembroff – Chair, CNSA Program/Assistant Professor, School of Technology (http://www.tech.mtu.edu/people/guy_hembroff_CV.pdf)

·         Liran Ma – Assistant Professor, School of Technology (http://www.tech.mtu.edu/people/liran_ma_CV.pdf)

·         Xinli Wang – Assistant Professor, School of Technology (http://www.tech.mtu.edu/people/xinli_wang_CV.pdf)

 

  1. Description of Available/Needed Equipment

       The following contains a list of hardware and software needed for this Graduate program:

·         Computer PCs/Laptops

·         Selected Software (i.e. EMR software, database software, virtualization software)

·         Routers/Switches/Firewalls

·         Biometric Devices

·         VoIP Technologies

·         Smart Cards

 

X.    Program Costs

Program Costs display the overall funding mechanism to illustrate a comprehensive budget and demonstrate forecasting to achieve revenue and sustainability for this graduate program.  Steady state enrollment occurs in year four.

 

Non-degree seeking students are individuals who are registered to take courses, possibly to obtain their CPHIT certificate, but are not registered in the Security and Medical Informatics Graduate program.

 

 

PROGRAM REVENUE

Year 1

Year 2

Year 3

Years 4-n

Enrollment (MS students)

8

18

20

20

Enrollment (non-degree seeking)

6

12

15

15

Tuition revenue (MS students - 18 credits/year at $595/credit)

$85,680

$192,780

$214,200

$214,200

Tuition revenue (non-degree seeking - 16 credits/year)

$57,120

$114,240

$142,800

$142,800

Total tuition revenue

$142,800

$307,020

$357,000

$357,000

PROGRAM REVENUE (cont.)

Year 1

Year 2

Year 3

Years 4-n

Incentive returned to program

$11,250

$22,500

$30,000

$41,250

Total annual revenue

$154,050

$329,520

$387,000

$398,250

 

PROGRAM EXPENSES

Additional Michigan Tech Faculty

1

1

1

1

Salary ($80,000 x 1.4)

$112,000

$112,000

$112,000

$112,000

MGH Faculty

1

1

1

1

Salary ($65,000 x 1.4)

$84,000

$84,000

$84,000

$84,000

Total salaries

$196,001

$196,001

$196,001

$196,001

Journals (5% annual increase)

$5,350

$5,618

$5,899

$6,194

Graduate Assistantships ($20k/year)

$40,000

$40,000

$60,000

$60,000

Computer equipment ($5k/year towards replacement)

$5,000

$5,000

$5,000

$5,000

Total non-salary

$50,350

$50,618

$70,899

$71,194

Total annual expenses

$246,351

$246,619

$266,900

$267,195

REVENUE – EXPENSES

-$92,301

$82,901

$120,100

$131,055

 

 

One-time startup costs:

                        Marketing & Recruiting                                    $ 10,000

                        Library and Monographs                                  $    3,000

                        Online Infrastructure                                        $  50,000

                        Computer Equipment                                      $   20,000

                        Graduate Computer Research/Course Lab        $ 215,000

                        Total One Time Costs:                                  $ 298,000

 

 

Potential Department of Labor (DoL) Grant Funding

**Submitted October 6, 2009

  Funding 2010                                               $198,350

  Funding 2011                                               $  20,000

  Funding 2012                                               $  80,000

  Projected DoL Funding                          $ 298,350                     

 

XI.     Space

  Graduate Research/Course Lab (funding specifics listed above)

 

XII.   Accreditation

  Not applicable

 

XIII.          Planned Implementation

        This program would begin offering courses fall semester 2010.