跳至主要内容

WiFi 如何改善医院患者体验

本权威技术指南阐述了医院如何利用企业级访客 WiFi 基础设施和分析,以可衡量的方式改善住院体验。内容涵盖网络架构、合规要求(HIPAA、DSPT、GDPR)、Captive Portal 设计、导航集成和 ROI 框架,为 IT 决策者提供构建有力内部商业案例并成功部署的工具。

📖 8 分钟阅读📝 1,853 🔧 2 应用实例3 练习题📚 10 关键定义

收听本指南

查看播客转录
大家好,欢迎收听 Purple 的这份高管简报。今天,我们将深入探讨一个在医疗领域正从锦上添花迅速转变为绝对关键基础设施的话题:WiFi 如何从根本上改善医院的患者体验。我们将从企业架构、分析和可衡量投资回报的视角进行审视。如果您是医疗行业的 IT 总监、CTO 或场地运营经理,那么本场会议专为您设计。 [第一段:背景和引言] 让我们设定一下背景。现代医院是一个高度互联的环境。但我们不再只谈临床系统了。患者及其家属的期望已经发生了巨大变化。当有人住院时,他们期望获得与在家或高端酒店相同水平的连接。他们希望流式传输娱乐内容,与亲人交流,甚至可能在康复期间远程工作。 但这不仅仅是娱乐。强大的访客 WiFi 网络是数字导航的基础,帮助紧张的访客在复杂的医院走廊中穿行。它是传递定向信息和收集实时反馈的平台。简而言之,网络架构直接影响患者满意度评分,这会影响医院资金和声誉。 [第二段:技术深度剖析] 那么,我们如何构建这个?在医疗环境下部署企业级访客 WiFi 是一种平衡行为。你需要提供无摩擦的访问,同时保持坚如磐石的安全性和严格符合 HIPAA 和 NHS DSPT 框架等法规。 首先,我们谈谈基础:网络架构。你不能混合临床和访客流量。绝对不行。一个具备弹性的医院网络依赖于分层设计。我们说的是使用 802.1Q VLAN 和健壮的防火墙策略进行严格隔离。你需要高密度接入点部署,特别是在病房、候诊区和自助餐厅。 患者区域的设计目标应为最低接收信号强度为负 67 dBm,信噪比至少 20 dB。关键是要按容量设计,而非仅覆盖范围。一个 30 张床位的病房在高峰探视时间可能有 60 至 90 台活动设备,每台都可能流式传输视频。Wi-Fi 6 接入点是应对这种密度的正确选择。 频谱管理同样重要。2.4 GHz 频段在医院环境中受到传统遥测设备、护士呼叫系统和蓝牙设备的严重争用。应将频段引导配置为将兼容设备推向 5 GHz 或 6 GHz 频段。 现在,我们谈谈接入。在入院处发放复杂且循环更新的密码的日子已经结束了。现代部署使用与身份提供商集成的复杂 Captive Portal。这允许患者通过社交登录或简单的电子邮件表单轻松进行身份验证。这不仅仅是为了方便;它是一个战略性数据捕获点。通过将 Captive Portal 与您的 CRM 集成,您可以收集宝贵的第一方数据,这些数据构成了个性化患者互动的基础。 应对所有访客流量应用 DNS 级安全过滤。这可防止访问已知恶意域、阻止不当内容,并为合规目的提供审计跟踪。 WPA3 加密应是任何新 SSID 部署的目标标准。并且必须在访客 SSID 上启用 Client Isolation。这防止了设备间通信,对于安全性和 GDPR 合规都至关重要。 现在我们来谈谈分析。这是网络从公用事业转变为情报平台的地方。一个经过适当检测的网络将数据馈送到 WiFi 分析平台,可以提供三类可行动的情报。 第一:网络性能监控。实时了解接入点健康状态、信道利用率和每个 SSID 的吞吐量。这可以在患者体验到降级服务之前进行主动故障解决。 第二:客流量和停留分析。通过分析连接模式,分析平台生成显示患者和访客在设施内移动的客流热图。如果分析显示门诊候诊区在上午 10 点至 11:30 之间持续出现 45 分钟的排队现象,这就是一个可通过直接人员配置解决的运营洞察。 第三:反馈和满意度闭环。自动化的出院后调查触发器使用在 Captive Portal 登录时捕获的电子邮件地址发送,提供与患者满意度评分相关的实时数据。WiFi 触发调查的响应率一直优于纸质替代方案,因为联系及时且渠道已经建立。 [第三段:实施建议和隐患] 我们讨论实施。成功的部署需要分阶段方法。 第一阶段:发现与设计。使用医院的建筑图纸委托进行专业的预测性射频设计,然后进行主动现场勘察。记录所有射频干扰源。定义您的 VLAN 架构、防火墙策略和互联网上行策略。尽早让信息治理团队参与,使 Captive Portal 数据收集符合 GDPR 和 DSPT 要求。 第二阶段:基础设施部署。确保您的有线骨干网能处理无线负载。您可能需要升级边缘交换机以支持多千兆以太网和 PoE++,用于现代接入点。考虑为访客流量使用专用专线,以保证其不与临床系统争用。 第三阶段:Captive Portal 和分析集成。保持门户简洁、品牌化和简单。身份验证流程中每一个额外的步骤都会降低完成率。使用自定义场地地图配置分析平台并建立基准指标。 第四阶段:导航集成。将室内定位与 WiFi 基础设施集成。将医院的室内地图发布到访客门户。衡量导航采用率并与失约数据相关联。 现在,谈谈隐患。最大的错误是未能在访客 SSID 上实施 Client Isolation。另一个常见问题是忽视了非 WiFi 干扰。医院是嘈杂的射频环境,持续监控至关重要。在合规方面:最常见的 GDPR 失败是在服务条款接受中收集营销同意,而不是作为单独的明确选择加入。仔细审核您的 Captive Portal 流程。 [第四段:快速问答] 我们来回答几个常见问题。 问题一:我们可以使用访客 WiFi 追踪医疗资产吗? 技术上可以,但不推荐。访客 WiFi 是为访客设计的。对于关键资产追踪,你需要一个使用低功耗蓝牙或有源 RFID 的专用实时定位系统。不要在为公共访问设计的网络上混用用例。 问题二:市场部要求在 Captive Portal 上播放一段 30 秒的强制视频。您的建议是什么? 强烈反对。一位紧张的患者试图给家人发消息,不想看广告。使用干净的登录界面,并将营销信息放在静态横幅或登录后重定向中。保护用户体验。 问题三:我们如何处理高峰探视时间的带宽争用? 在访客 SSID 上实施每设备 5 至 10 兆比特每秒的速率限制。这足以支持高清流媒体,同时防止任何单个设备垄断容量。 [第五段:总结与后续步骤] 总而言之,将访客 WiFi 视为战略资产而非成本中心,对医院来说真正改变了游戏规则。它提升了患者体验,提供了关键的导航能力,并通过分析提供了可行动的运营洞察。 您的后续步骤?审查您当前的网络隔离。确保在访客 SSID 上启用了 Client Isolation。如果最近没有进行,请委托进行适当的现场勘察。并开始将您的 WiFi 不仅仅视为连接点,而是视为一个可以告诉您医院实际上如何被使用的传感器网络。 数据就在那里。技术已成熟。问题是您的组织是否准备好将网络视为它本来的战略资产。 感谢您参加本次高管简报会。如需更详细的技术指南和案例研究,请访问 Purple 平台 purple dot ai 上的资源。

header_image.png

Executive Summary

For modern healthcare facilities, free WiFi in hospitals has evolved from a basic amenity into a critical layer of patient experience and operational infrastructure. As hospitals digitise patient records, introduce telemedicine, and rely on connected medical devices, the underlying network architecture must simultaneously support clinical demands and rising patient expectations. This guide is for IT directors, network architects, and operations leaders who need to architect, deploy, and optimise a Guest WiFi solution that delivers measurable improvements to the inpatient experience — from entertainment and wayfinding to real-time feedback collection.

The core argument is straightforward: a well-deployed patient WiFi network, integrated with a WiFi Analytics platform, transforms the network from a passive utility into an active intelligence layer. It reduces missed appointments through indoor navigation, improves HCAHPS satisfaction scores through automated feedback, and gives operations teams the footfall data they need to optimise staffing and resource allocation. This guide covers the architecture, compliance requirements, implementation steps, and ROI framework to make that case internally and execute it successfully.


Technical Deep-Dive

Network Architecture for Healthcare Environments

Deploying enterprise-grade Guest WiFi in a hospital requires a fundamentally different approach to a standard commercial deployment. The primary constraint is the co-existence of clinical and guest traffic on the same physical infrastructure, which demands strict logical separation. The standard architecture uses 802.1Q VLANs to segment traffic into at minimum three tiers: clinical systems (EHR, PACS, telemetry), staff administrative networks, and the patient/visitor guest SSID.

The guest VLAN must be routed directly to a dedicated internet uplink — ideally a separate leased line — with no routing path to clinical VLANs. Firewall ACLs should enforce this at the distribution layer, not just at the perimeter. This is a non-negotiable architectural requirement under both HIPAA and the NHS DSPT framework. For a detailed breakdown of compliance obligations, refer to Healthcare WiFi: HIPAA, DSPT and WiFi Compliance Explained .

Access Point placement in hospitals presents unique RF challenges. Lead-lined radiology suites, reinforced concrete floors between wards, and high-density patient room clusters all create attenuation profiles that differ significantly from office environments. The design target for patient areas should be a minimum RSSI of -67 dBm with at least 20 dB signal-to-noise ratio. Critically, design for capacity, not just coverage. A ward with 30 beds may have 60-90 active devices at peak visiting hours — each potentially streaming video. AP selection should target devices supporting Wi-Fi 6 (802.11ax) or Wi-Fi 6E to handle that density efficiently.

Spectrum management is equally important. The 2.4 GHz band is heavily contested in hospital environments by legacy telemetry equipment, nurse call systems, and Bluetooth devices. Band steering should be configured to push capable devices to 5 GHz or 6 GHz bands. Automatic channel selection algorithms should be reviewed manually after deployment — they rarely produce optimal results in high-interference healthcare environments.

Captive Portal Architecture and Identity Management

The captive portal is the patient's first interaction with the hospital's digital services layer. It must be fast, reliable, and accessible across a wide range of devices — from the latest iPhone to a five-year-old Android tablet running a legacy browser. A poorly designed portal that fails to redirect correctly on certain devices will generate immediate complaints and support tickets.

Modern deployments move away from pre-shared keys entirely. The recommended approach is a social login or email-based captive portal that presents the hospital's terms of service and privacy notice, collects explicit consent for marketing communications (separately from network access consent, per GDPR Article 7), and authenticates the session. This flow, when integrated with a platform like Purple's Guest WiFi solution, simultaneously onboards the patient into a CRM-compatible data layer, enabling post-discharge communications and feedback surveys.

DNS-level security filtering should be applied to all guest traffic at the resolver level. This prevents access to known malicious domains, blocks inappropriate content categories, and provides an audit trail for compliance purposes. See Protect Your Network with Strong DNS and Security for implementation guidance on DNS filtering in guest network contexts.

WPA3-SAE (Simultaneous Authentication of Equals) should be the target encryption standard for any new SSID deployment. For legacy device compatibility, a WPA2/WPA3 transition mode is acceptable in the short term, but a migration timeline to WPA3-only should be planned. Client Isolation must be enabled on the guest SSID — this prevents device-to-device communication on the same network segment, which is critical for both security and GDPR compliance. patient_wifi_journey.png

WiFi Analytics and Location Intelligence

The analytics layer is where patient WiFi transitions from a cost centre to a strategic asset. A properly instrumented network, feeding data into a platform like Purple's WiFi Analytics , provides three categories of actionable intelligence.

Network Performance Monitoring delivers real-time visibility into AP health, channel utilisation, client association rates, and throughput per SSID. This enables proactive fault resolution before patients experience degraded service. Threshold-based alerting on RSSI drops or AP disassociation events is standard practice.

Footfall and Dwell Analytics work by analysing probe request data and association patterns to generate footfall heatmaps showing patient and visitor movement through the facility. This data is directly applicable to staffing decisions — if analytics show a consistent 45-minute queue build-up in the outpatient waiting area between 10:00 and 11:30, that is an operational insight with a direct staffing solution.

Feedback and Satisfaction Loops are enabled through automated post-discharge survey triggers, delivered via the email address captured at captive portal login, providing real-time HCAHPS-relevant data. Response rates for WiFi-triggered surveys consistently outperform paper-based alternatives because the contact is timely and the channel is already established.

wifi_analytics_dashboard.png


Implementation Guide

A phased deployment approach reduces risk and allows for iterative optimisation.

Phase 1 — Discovery and Design (Weeks 1-4)

Commission a professional predictive RF design using the hospital's architectural drawings, followed by an active site survey of any existing infrastructure. Document all sources of RF interference. Define VLAN architecture, firewall policy, and internet uplink strategy. Engage the Information Governance team early to align the captive portal data collection with GDPR and DSPT requirements.

Phase 2 — Infrastructure Deployment (Weeks 5-10)

Deploy and configure switching infrastructure, ensuring PoE++ budget is sufficient for high-density APs. Install APs per the validated RF design. Configure SSIDs, VLAN tagging, and QoS policies. Implement QoS markings to prioritise voice (DSCP EF) and video (DSCP AF41) traffic over best-effort bulk data. This ensures telemedicine sessions and video calls remain stable even under network load.

Phase 3 — Captive Portal and Analytics Integration (Weeks 9-12)

Deploy and brand the captive portal. Integrate with the hospital's CRM or patient engagement platform. Configure the analytics platform with custom venue maps. Establish baseline metrics: daily active users, average session duration, peak concurrent connections, and portal completion rate. Set up automated reporting dashboards for the IT and operations teams.

Phase 4 — Wayfinding Integration (Weeks 12-16)

Integrate indoor positioning with the WiFi infrastructure. Publish the hospital's indoor map to the guest portal or a dedicated patient app. Configure points of interest (wards, departments, cafeteria, car parks). Measure wayfinding adoption rates and correlate with missed appointment data.


Best Practices

Practice Rationale Standard Reference
Strict VLAN segmentation (clinical vs. guest) Prevents lateral movement from compromised guest devices HIPAA Security Rule, NHS DSPT
WPA3-SAE encryption Protects against offline dictionary attacks on guest credentials IEEE 802.11-2020
Client Isolation on guest SSID Prevents inter-device communication and data exposure GDPR Article 25 (Privacy by Design)
Band Steering to 5/6 GHz Reduces congestion and interference from legacy 2.4 GHz devices Wi-Fi Alliance best practices
QoS for voice and video Maintains call quality under network load IEEE 802.11e / WMM
DNS filtering on guest traffic Blocks malicious domains and inappropriate content NCSC network security guidance
Dedicated internet uplink for guest traffic Guarantees clinical network performance is unaffected NHS DSPT, HIPAA
Automated post-discharge feedback surveys Provides timely, actionable HCAHPS-relevant data NHS Friends and Family Test guidance

Troubleshooting & Risk Mitigation

RF Interference from Medical Equipment: Conduct regular spectrum analysis using a dedicated spectrum analyser tool. Legacy nurse call systems and patient monitoring equipment operating on 2.4 GHz are common culprits. The solution is typically a combination of channel reassignment and power reduction on affected APs, combined with a migration plan for the interfering equipment.

Captive Portal Redirect Failures: Modern operating systems use Captive Network Assistant (CNA) probes to detect captive portals. Ensure the portal server responds correctly to HTTP requests to known probe URLs (e.g., connectivitycheck.gstatic.com, captive.apple.com). HTTPS-only portal configurations frequently break CNA detection — maintain an HTTP redirect path even if the portal itself is served over HTTPS.

Coverage Gaps in Shielded Areas: Radiology suites, MRI rooms, and some operating theatres use RF shielding that creates complete signal blackouts. The only solution is to deploy APs inside the shielded space, connected via a penetrating cable entry point. Coordinate with the medical physics team before any cabling work in these areas.

GDPR Compliance Risk: The most common compliance failure is collecting marketing consent as part of the terms of service acceptance, rather than as a separate, explicit opt-in. This is a clear GDPR violation. Audit your captive portal flow to ensure consent for network access and consent for marketing communications are presented as separate, independent choices.

Bandwidth Contention: Without per-user bandwidth policies, a small number of heavy users can degrade the experience for everyone. Implement a per-device rate limit of 5-10 Mbps on the guest SSID. This is sufficient for HD streaming while preventing any single device from monopolising capacity.


ROI & Business Impact

The business case for investing in patient WiFi infrastructure rests on four measurable pillars.

HCAHPS Score Improvement: Patient satisfaction scores directly influence hospital reimbursement rates under value-based care models. Hospitals that have implemented automated WiFi-triggered feedback surveys report response rate improvements of 3-5x over paper-based methods, providing a statistically significant data set for quality improvement programmes.

Reduced Missed Appointments: Indoor wayfinding reduces the rate of patients arriving late or missing appointments due to navigation difficulties. A typical 500-bed hospital with 10% of outpatient appointments affected by navigation issues, at an average appointment cost of £150, represents a significant recoverable revenue opportunity.

Operational Efficiency: Footfall analytics from the WiFi network enable data-driven staffing decisions. Correlating waiting area dwell times with staffing levels allows operations managers to reduce average wait times without increasing headcount — simply by optimising shift patterns against actual demand data.

First-Party Data Asset: Every patient who connects to the guest WiFi and completes the captive portal flow represents a consented first-party data record. For a 500-bed hospital with an average length of stay of 4 days, this generates thousands of new, compliant data records per month — a valuable asset for patient engagement, health promotion communications, and service improvement research.

The Healthcare sector is increasingly recognising that the network is not just IT infrastructure — it is a patient experience platform. Organisations that treat it as such are consistently outperforming peers on satisfaction metrics and operational efficiency.

关键定义

Captive Portal

在用户被授予访问公共 WiFi 网络权限之前向其展示的网页,用于显示服务条款、收集身份验证凭据或同意,并重定向到互联网。

医院访客 WiFi 网络的主要患者接触点。设计质量直接影响门户完成率和数据捕获质量。必须在所有主流移动操作系统上进行测试。

VLAN (Virtual Local Area Network)

在物理交换基础设施中使用 802.1Q 标记创建的逻辑网段,允许不同用户组的流量在第二层隔离,无需单独的物理布线。

对于将患者访客流量与临床 EHR 和管理网络隔离开来至关重要。缺少适当的 VLAN 隔离是医疗 IT 审计中最常见的网络安全发现。

Band Steering

一种无线网络管理技术,鼓励支持双频段的客户端设备关联到拥挤程度较低的 5 GHz 或 6 GHz 射频频段,而不是 2.4 GHz 频段。

在医院环境中特别有价值,因为传统医疗设备会产生严重的 2.4 GHz 干扰。减少拥塞并提高流媒体应用的吞吐量。

Client Isolation

一种无线网络安全功能,防止关联到同一 SSID 的设备在第二层直接相互通信,强制所有流量通过网关。

在医疗访客 SSID 上是强制性的。防止患者设备上的恶意软件扫描或攻击同一网段上的其他设备。还具有关于数据暴露的 GDPR 影响。

WPA3-SAE (Simultaneous Authentication of Equals)

WPA3 认证无线网络中使用的认证协议,用抗离线字典攻击的 Dragonfly 密钥交换替代了 WPA2 的预共享密钥握手。

当前推荐的新 SSID 部署加密标准。即使在开放或轻度安全的网络上也能保护患者凭据和会话数据不被拦截。

RSSI (Received Signal Strength Indicator)

对接收到的无线电信号功率电平的测量,以 dBm(相对于一毫瓦的分贝)表示。负值越大表示信号越弱。

在现场勘察期间用于验证 AP 放置。患者区域的目标是 -67 dBm 或更高。低于 -75 dBm 的值通常会导致连接不稳定和流媒体性能差。

QoS (Quality of Service)

网络流量管理策略,对不同类型的數據包进行分类和优先排序,以确保延迟敏感型应用(语音、视频)获得优于尽力而为流量的优先处理。

对于在高网络利用率期间维持远程医疗通话质量和患者视频通话稳定性至关重要。使用 DSCP 标记实现:语音 EF,视频 AF41。

Location Analytics

从移动设备在场所内移动时产生的 WiFi 探测请求和关联事件中获取移动、停留时间和客流数据的过程。

使医院运营团队能够生成客流热图、识别患者流瓶颈,并根据实际需求数据而非计划假设优化人员配置水平。

HCAHPS (Hospital Consumer Assessment of Healthcare Providers and Systems)

一项标准化、公开报告的患者对医院护理看法的调查,用于衡量和比较不同医疗机构的患者体验。

WiFi 质量和数字服务可用性与 HCAHPS 沟通和响应性评分的相关性日益增强。WiFi 触发自动调查可提高响应率和数据及时性。

DNS Filtering

一种安全控制,在建立连接之前拦截 DNS 解析请求,并阻止对归类为恶意、不当或违反策略的域的查询。

在所有访客 WiFi 流量的解析器级别应用。为患者网络提供轻量级但有效的保护层,防止恶意软件分发、网络钓鱼和不当内容访问。

应用实例

一家拥有 500 张床位的区域 NHS 医院在其患者 WiFi 在晚间探视时间(18:00-20:00)遭遇严重网络拥塞,导致投诉视频流缓冲和与家人视频通话失败。

  1. 在高峰时段进行频谱分析,确认问题是射频拥塞还是回程饱和。2. 如果是射频问题:启用频段引导,迫使支持 5 GHz 的设备离开 2.4 GHz 频段;审查 AP 信道分配并降低发射功率以收紧小区边界并减少同频干扰。3. 如果是回程问题:审查高峰时段互联网上行链路利用率——如果共享连接已饱和,则实施流量整形,优先处理实时流量(语音 DSCP EF,视频 DSCP AF41)而非批量下载。4. 在访客 SSID 上实施每设备 8 Mbps 的带宽上限,以确保公平访问。5. 如果在高峰时段每 AP 客户端数量超过 30,则在最密集的病房部署额外 AP。6. 审查特定病房的分析仪表盘,这些病房产生的投诉最多——问题很少在整个设施内均匀分布。
考官评语: 此场景代表了 NHS 信托中最常见的患者 WiFi 投诉。关键的诊断步骤是区分射频拥塞(太多设备争用通话时间)和回程饱和(互联网管道已满)。两者都表现为速度慢,但解决方案完全不同。频段引导和每设备速率限制是影响最大、工作量最小的两项干预措施,应始终是投资额外硬件之前的首要响应措施。

一家私立医院集团正在部署新的门诊诊所,希望使用访客 WiFi Captive Portal 收集患者数据用于诊后反馈调查和营销通信,同时确保与包含 EHR 数据的临床网络严格隔离。

  1. 为访客 SSID 创建专用 VLAN(例如 VLAN 100),使用单独的 DHCP 作用域且不与临床 VLAN 建立路由邻接关系。2. 通过单独的防火墙区域将所有访客流量路由到专用互联网上行链路——不要使用保护临床系统的同一边界防火墙。3. 在访客 SSID 上启用 Client Isolation。4. 设计 Captive Portal 时使用两个独立的同意复选框:一个用于接受网络服务条款(访问所必需),另一个用于选择加入营销通信(可选,明确标注)。这是 GDPR 第 7 条的要求——营销同意必须自由给予,并与服务条件分开。5. 将门户与 Purple 的 Guest WiFi 平台集成,以将获得同意的数据捕获为兼容 CRM 的格式。6. 配置自动诊后调查触发器在患者会话结束后 24 小时触发。7. 在访客 VLAN 上实施 DNS 过滤以阻止恶意域。
考官评语: GDPR 合规元素是本场景中最容易被忽视的方面。许多医疗机构将营销同意捆绑在服务条款接受中,这明显违反了自由给出、具体同意的要求。将这两种同意机制分开不仅是法律要求——它还能产生更高质量的营销数据,因为主动选择加入的患者更有可能参与后续通信。网络隔离要求不可协商,应在上线前通过渗透测试进行验证。

练习题

Q1. 一位医院管理员提议使用访客 WiFi 网络来追踪昂贵的移动医疗设备(输液泵、便携式心电监护仪)的实时位置。作为 IT 总监,您如何回应,您推荐什么替代方案?

提示:考虑访客与临床基础设施之间的架构隔离,以及临床环境中资产追踪的可靠性要求。

查看标准答案

我会建议不要使用访客 WiFi 网络进行临床资产追踪,原因有二。首先,访客 SSID 在架构上与临床系统隔离——任何资产追踪数据都需要穿越防火墙边界才能到达临床管理系统,这会引入不必要的复杂性和潜在安全风险。其次,访客 WiFi 的位置精度(使用 RSSI 三角测量通常为 5-15 米)不足以在临床环境中实现可靠的房间级资产追踪。推荐的替代方案是使用有源 BLE 标签的专用 RTLS,并在每个房间安装专用 BLE 读取器。这提供了亚米级精度,独立于访客网络运行,并直接与临床资产管理系统集成。BLE 基础设施通常可以与 WiFi AP 共享相同的物理布线,降低部署成本。

Q2. 在部署后审计中,您发现医院的 Captive Portal 只提供一个复选框,上面写着:'我接受服务条款并同意接收来自医院的通信。' 存在什么合规风险,如何修复?

提示:考虑 GDPR 第 7 条对有效同意的要求,特别是同意被视为自由给予的条件。

查看标准答案

这明显违反了 GDPR 第 7 条。营销通信的同意必须自由给予,这意味着不能将其与网络访问同意捆绑作为服务条件。修复方法是将 Captive Portal 拆分为两个不同的同意机制:(1) 强制接受网络服务条款(访问所必需),(2) 一个单独的、可选的选择加入营销通信复选框,明确标注且默认未选中。对在捆绑同意下捕获的任何现有记录,应与数据保护官进行审查——在重新获得同意之前,可能需将其视为营销用途未经同意。

Q3. 一家现有医院正在增建一座 200 张床位的新肿瘤科大楼。项目经理询问是否可以直接扩展现有访客 WiFi 基础设施来覆盖新大楼。在提出建议之前,您会问哪些问题?

提示:在假设现有基础设施可扩展之前,考虑容量规划、回程以及新建筑结构的特定射频挑战。

查看标准答案

在提出任何建议之前,我会问:(1) 现有回程上行链路在高峰时段的当前利用率如何?若已超过 70%,增加 200 张床位将导致争用。(2) 新大楼的建筑规格——具体来说,是否有任何铅衬房间或钢筋混凝土楼板需要 AP 安装在屏蔽空间内?(3) 现有基础设施在高峰时段每 AP 的客户端数量是多少?若现有 AP 已处理超过 40 个客户端,即使增加额外设备,现有 AP 硬件也可能不够。(4) 现有交换基础设施是否支持 PoE++,还是需要新交换机?(5) 是否已针对新大楼的建筑图纸进行过预测性射频设计?若没有正式容量评估和预测设计,我不会建议仅简单地扩展现有基础设施。