Procedure for Establishing a New VPN Tunnel
Physician Services requires that the following steps be taken by the client in order to set-up a new VPN tunnel.
- Please complete the following three forms and fax to Physician Services.
- Physician Services VPN Configuration Information Survey form – This form is used to gather the information required by our Connectivity Team to build a VPN tunnel.
- Please complete ALLrequired fields on the form.
- Physician Services Change Request (CR) form – This form is used to make the actual request for the VPN tunnel set-up.
- Please complete ALLrequired fields on the form.
- Please include the contact information of any 3rd parties involved in the set-up of the VPN tunnel, or any other information that may be helpful.
- Important–Please indicate the requested date and time that you wish for our team to have the VPN tunnel information completed by.
- Please sign and date the form.
- Physician Services Production Hours Release (PHR) form – This form allows our team to set-up a VPN tunnel during the client’s production hours asmost VPN tunnel set-ups occur during production hours.
- Please complete ALLrequired fields on the form.
- Please sign and date the form.
- Please Email all three completed forms to NTT Data at and a Physician Services ticket number will be assigned upon receipt of all three forms
- After review to assure that all information required has been provided, our team will implement the changes for the VPN tunnel. Physician Services will contact the customer and technical contact if any information is unclear or if any additional is required.
Please contact ourSupport Departmentwith any questions.
Physician Services VPN Configuration Information Survey Form
Customer ID / Today’s Date (Format: Mon 1/05/2010)Company Name
Site/Location Name
Technical Contact / Technical Contact Phone Number / Technical Contact Email
NTT-DATAData Center side of the VPN connection will be known as “data center side”. The opposite end of the VPN connection will be known as the “remote side”.To enable printing through the VPN tunnel, ports 9100, 3389 and ICMP must be opened.
What is the purpose of the VPN connection? i.e. Lab Interface, Remote Access or Other…
Purpose of VPN ConnectionWhat is the make and model of the “remote side’s” IPSec VPN capable device?
Remote Side Make/Model VPN Device (Device MUST support 3DES IPSec encryption or better):What is the “remote side’s” public peer or end-point IP address?
Remote Side Public Peer IP Address (Address MUST NOT be behind a NAT device):Phase 1 Configuration Settings: (Common Default Settings are in Bold, but all Listed Settings are supported)
Supported Internet Key Exchange Mode (IKE): / Main ModeAuthentication is pre-shared key: / *Key will be exchanged verbally*
Supported Encryption (Please choose one): / □3DES □ AES-128 □ AES-192 □ AES-256
Supported Secure Hash Algorithm (Please choose one): / □ MD5 □SHA-1 (SHA-1 is preferred)
Supported Key Exchange Protocol (Please choose one): / Diffie-Hellman Group □ 2 □ 5 □ 7
Supported Key Lifetime in Seconds (Please choose one): / □ 14400 □ 28800 □86400 / □Other:
Phase 2 Configuration Settings:
Supported Tunneling Protocol: / ESPSupported Encryption (Please choose one): / □3DES □ AES-128 □ AES-192 □ AES-256
Supported Secure Hash Algorithm (Please choose one): / □ MD5 □SHA-1 (SHA-1 is preferred)
Perfect Forward Secrecy Enabled (Please choose one): / □YES □ NO / (If yes) Group □ 2 □ 5 □ 7
Supported Phase 2 Key Lifetime in Seconds (Please choose one): / □ 14400 □28800 □86400 / □Other:
What are the “remote side’s” local IP prefixes which we will encrypted traffic to and from over the tunnel?:
(List ALL prefixes exactly as they are configured in the phase 2 policy on your VPN device, i.e. 10.20.20.1/32 or 10.20.20.0/24)
NOTE: For dynamic VPN tunnels, the Heartbeat Service must be installed on a customer server or workstation which is never shut off in order to effectively monitor the VPN connection.
FAX COMPLETED FORM TO: 973-579-3643
General Request Physician Services Change RequestNTT Data EMR Ticket #: / Client/Vendor #:
NOTE: All fields are required unless noted otherwise. Any required fields that are not completed will result in a delay
in the scheduling of the request. If a field is not applicable to your request, please enter N/A in that field.
Customer ID # / Today’s Date (Format: Fri 1/5/2011)Company / Site
Authorized Requester / Technical Contact (Optional)
Telephone / Telephone (Optional)
Email / Email (Optional)
THIS FORM TO ONLY BE USED IF A PRE-FORMATTED FORM DOES NOT SUIT YOUR REQUEST
Requested Change (Please be as specific and detailed as possible)
Affected Services/Servers/Hardware
Backout Plan
CUSTOMER ACKNOWLEDGES 72 HOURS FOR DEPARTMENTAL REVIEW AND SCHEDULING UPON RECEIPT OF THIS SIGNED AND DATED CHANGE REQUEST
*Date Requested for Change (Format: Fri 1/5/2011) / □ Perform During Production Hours
(NOTE: If box is checked, a Production Hours Release form is required)
Maintenance Window Requested(Choose only one below)
□ Window 1 / □ Window 2 / □ Window 3 / □ Other Specific Time
8pm–1am ET
8pm-12am CT
8pm-11pm MT
8pm-10pm PT / 1am-5am ET
12am-4am CT
11pm-3am MT
10pm-2am PT / 5am-8am ET
4am-7am CT
3am-6am MT
2am-5am PT
□ ET □ CT □ MT □ PT
*Departmental policy requires 72 hours (not including weekends) for the review and scheduling of this Change Request upon the receipt of this signed form. Change Requests are scheduled between 8pm and 8am client local time. A Production Hours Release form is required for a change required during production hours.
All changes must be requested in writing using this form, either physically or electronically. It is the responsibility of the authorized requester to ensure that all users who may be affected by this change are notified that the change will be made. Any potentially affected systems, software, hardware, or procedures should be evaluated for the effect of the change upon them, and plans made for remediating any effect and “backing out” any change. No change will be scheduled or implemented until a Change Request form signed by an authorized requester is received. NTT Data Physician Services will make every effort to accommodate change requests in the time frame requested, but will schedule changes when possible during a regularly scheduled maintenance window.
______/ ______
Authorized Requester Signature (Required - *Must Be Hand Signed*) / Today’s Date (Required)
FAX COMPLETED AND SIGNED FORM TO: 973-579-3643
Production Hours Release Physician Services Change RequestNTT Data EMR Ticket #: / Client/Vendor #:
THIS IS NOT AN ESCALATION FORM. ANY WORK ACCOMPANYING THIS FORM STILL REQUIRES REVIEW PRIOR TO SCHEDULING AND IMPLEMENTATION. ESCALATION PROCEDURE MUST BE FOLLOWED FOR ANY WORK THAT NEEDS TO BE COMPLETED SOONER THAN THE MANDATORY INDIVIDUAL CHANGE REQUEST REVIEW PERIOD.
Customer ID # / Today’s Date (Format: Fri 1/5/2011)Company / Site
Authorized Requester / Technical Contact (Optional)
Telephone / Telephone (Optional)
Email / Email (Optional)
*NOTE: This Production Hours Release form can only be accepted in conjunction with a Change Request form detailing the requested change. This form is not to request a change; this PHR form is to authorize a Change Request during production hours ONLY.
NTT DATA PHYSICIAN SERVICES will never suggest that you make changes to your servers, software, routers, or other equipment during production hours (that is, business hours, while users are working). We always recommend performing any changes during off-hours. No amount of careful planning and execution can eliminate the chance that a change, no matter how insignificant, could render the equipment unusable for some period of time. There may be an occasion, however, when you feel that the change must be made during production hours. In order to schedule a change request during production hours, the Authorized Requester must sign this PRODUCTION HOURS RELEASE acknowledging that NTT DATA PHYSICIAN SERVICES has warned you of the danger of making changes during production hours, and you have on your own, without any promises, guarantees, or suggestion from the department, made the decision to require the department to make the change detailed in the accompanying change request during production hours. Further, you agree and promise to indemnify NTT DATA PHYSICIAN SERVICES and hold it harmless and waive any and all rights to recovery under any contract or service level agreement for any outage, delay, or difficulty resulting from affecting this change request during production hours, and release NTT DATA PHYSICIAN SERVICES from any and all liability and responsibility for any problem arising from said outage, delay, or difficulty.
PLEASE NOTE THAT ALL SERVICE LEVEL AGREEMENT PENALTIES ARE NULL AND VOID IF THEY ARISE FROM MAKING THIS CHANGE DURING PRODUCTION HOURS.
______/ ______
Authorized Requester Signature (Required - *Must Be Hand Signed*) / Today’s Date (Required)
CHANGES DURING PRODUCTION HOURS REQUIRE
A PRODUCTION HOURS RELEASE
FAX COMPLETED AND SIGNED FORM TO: 973-579-3643
NTT DATA, Inc. | Proprietary and Confidential / 1