TITANIUM
SCHEDULE
Requirements

This page is intended primarily for technical staff. It outlines Titanium Schedule’s hardware, database, and operating system requirements. Technical documents containing this and other information are available upon request to our sales department.

Hardware & Operating Systems

If your center can use one of your university's existing file servers and/or SQL Servers, or if you have your own file server, then you will probably not need to purchase any new computers to run Titanium Schedule. Our software does not require its own dedicated server. All portions of Titanium Schedule will operate in a virtual server environment without issue.

Titanium Schedule is a client-server application that requires:

  1. Workstation: Microsoft .NET 4.0 Framework Extended or Microsoft .NET 4.5 Framework must be installed on each user's workstation computer.
  2. Application Files: The application files are stored in a shared folder where they can be accessed by all workstations. This shared folder can be on any file server (Windows, Novell, Linux). The security for that folder should be set to center personnel only. No confidential data is stored in that folder unless a user exports and saves data there.
  3. Data: Data is stored in Microsoft SQL Server (2008 R2 and later versions). The free SQL Server Express version will work for many small centers with 20 users or fewer. Larger centers or centers that expect to have more than 10 GB of data will need the Standard or Enterprise editions of SQL Server.
Hardware Configuration Options

Here are two possible hardware configurations, varying by where the SQL Server is located and where the shared application folder is located:

Configuration 1 (preferred)

  • SQL Server is hosted by your university's computer support staff. Virtual servers are acceptable for this role.
  • The shared application folder is on one of your university's existing file servers. Virtual servers are acceptable for this role.
Advantages: Frequently, universities already have SQL Server installed for other applications on campus. A single SQL Server can support many applications, depending on resources and licensing requirements. This configuration often requires no new hardware or software purchase. It has the added benefit that professional computer support staff will maintain the SQL Server and oversee automatic backups of the data. SQL Servers hosted by the computer support staff are usually in a secure area with emergency power, unattended backups, and reside behind firewalls.

Configuration 2

  • SQL Server is hosted on your center’s dedicated server.
  • The shared application folder is also on your center’s dedicated server.
This configuration requires you to have a dedicated file server in your center which is running Windows Server 2012 (Windows Server 2003 with latest service pack is supported but not recommended).

Disadvantages: If your center does not already have a file server, you will have to purchase one along with the Windows Server operating system. Someone would have to maintain the server, including backing up the data.

Other Considerations

You cannot normally use a workstation running Windows Vista or Windows 7 for a file server to hold the application folder. Although those operating systems allow you to share a folder, only a very limited number of users will be able to connect to that folder at the same time.

It is also possible to install SQL Server Express on a non-dedicated workstation (e.g. a workstation that is being used by someone). This is strongly discouraged. Any time that workstation shuts down, restarts, or crashes, all other users will be disconnected from Titanium Schedule.

System Requirements

There are separate requirements for the server, workstations, and the Web Component. The data is stored on the server in Microsoft SQL Server. Titanium is only compatible with Microsoft SQL Server and does not run on MySQL, Oracle, or other data repositories.

The hardware requirements for Titanium Schedule are very modest, and as you can see by the minimum required specifications below, almost any Windows-based computer you can purchase today is more than adequate.

Server Requirements

The following requirements are for the computer running SQL Server and containing the data from Titanium Schedule. At some counseling centers, the SQL Server is installed on a university-hosted computer or the center's existing file server, so an additional computer is not required.

  • Operating System: Windows Server 2012 x 64 (Windows Server 2008 R2 and later with latest service packs is supported).
  • Required Software: Requirements for software, like .NET Framework, vary depending on which version of Microsoft SQL Server you use. Visit the following website to determine the requirements for: Microsoft SQL Server 2008 R2 and later.
  • Processor: x64 (AMD Opteron, AMD Athlon 64, Intel Xeon with Intel EM64T support, Intel Pentium IV with EM64T support), 1.0 GHz minimum, 1.4 GHz or better recommended
  • RAM: 4 GB recommended (RAM is more important than CPU speed for performance)
  • Disk Space:
    • Minimum of 600 MB for SQL Server installation. At a large counseling center, the Titanium database will probably grow to 2-4 GB over a few years. If the center is going paperless and scanning a lot of old documentation into Titanium, storage needs could be several times that large. If you plan to use Windows Server edition that supports RAID 1, we recommend having two drives and setting the operating system to mirror them to protect against the failure of a drive.
    • At least 400 MB for the shared application folder, whether that folder is on the server running SQL Server or a separate file server.
Workstation Recommendations

Each computer workstation that will be running Titanium Schedule will need the following:

  • Screen resolution of 1024 x 768 or higher.
  • Intel Pentium or compatible 1GHz or higher processor. (800 MHz or higher is supported but not recommended)
  • 1GB Memory (512 MB is supported but not recommended)
  • Operating System: Microsoft Windows® 10, 8, 7, Vista, XP, 2003
  • Microsoft .NET Framework version 4 Extended (Not Microsoft .NET Framework version 4 Client Profile)
  • Disk Space: 100 Megabytes of available hard-disk space.
Web Component (Optional)

Titanium offers an optional Web Component add-on feature that makes it possible for your clients to complete forms, like intake forms, electronically on computers. Typically, these computers are located in your reception area, although the Web Component can be configured to allow clients to complete forms from anywhere on campus via an intranet or even the Internet.

Because the data clients provide goes directly into Titanium Schedule, your support staff is freed of the task of transcribing from paper forms into Titanium Schedule. The Web Component converts the forms your center has designed inside Titanium Schedule and presents these forms to clients as a website that runs on a web server at your campus.

The Web Component is an ASP.NET website and requires Microsoft Internet Information Services (IIS) 6.0 or later with .NET Framework 3.5 SP1 or 4.0. The web server must be able to access the SQL Server where the Titanium database is installed. The web server will use a restricted account to access the SQL Server, and that account can only insert new records into the confidential tables. The account does not have the rights to view, update or delete any confidential information.

We recommend you use Transport Layer Security (TLS) or Secure Sockets Layer (SSL) to encrypt data traffic between the computers used by clients and the web server.

Note: If you are a current Titanium customer who is considering adding the Web Component, your Titanium Schedule database version must be 071001 or newer. You can see how to determine your database version by visiting the Program Updates page.

Users, Database, Performance

There are a number of factors, both physical and legal, that could affect how many users in your center can use Titanium Schedule simultaneously with acceptable performance. Titanium Schedule itself is licensed for a given number of concurrent users. Our base product licenses your center for five users, and you can purchase additional user licenses in five-user blocks. Your license agreement with Microsoft for the version of SQL Server you use, combined with the performance of the hardware and network you use, will determine how many users your center can support with acceptable performance. For example:

Titanium on Macs

Titanium Schedule does not have a Mac native client, but our software will work in a Mac environment under the following conditions:

You run a PC emulator like Parallels or vmFusion on your workstations, or your IT department serves Titanium Schedule on a Citrix server. Titanium Software, Inc. does not support Mac computers, PC emulators, or the Citrix environment. Those will be the responsibility of your IT department.

There are several universities that are successfully using Titanium Schedule in a Mac environment.

Security

Security is the most important feature in EMR software. Unfortunately, it often gets the least attention. Some software products store data in easily accessible files, like an Access database, which can be vulnerable to data theft.

Titanium Software, Inc. takes security very seriously. Our software uses Microsoft SQL Server to store your data. This allows users of our program to access your facility's sensitive data without having direct access to data files. Users are thus prevented from activities like copying data files to a flash drive, CD, or attaching data files to e-mail for sending off-site.

HIPAA

Even though Titanium Schedule has HIPAA (Health Insurance Portability and Accountability Act) compliant features like user names, strong passwords, internal security levels, a login audit trail, inactivity timeout, etc., there is often a great deal of confusion about what HIPAA requires and how difficult it is to implement and maintain.

Here's what our company president has to say about HIPAA and Titanium Schedule:

HIPAA compliance is a facility concept, and no software product by itself can make your center, clinic, department, or facility HIPAA compliant. If a software user writes their password on a Post-It note and attaches it to their monitor, the facility is not HIPAA compliant. Similarly, if an IT department makes a backup of HIPAA-protected data, and the backup is not encrypted, the facility is not HIPAA compliant.

When installed as specified in our installation instructions, and when the guidelines in our provided security checklist document are followed, Titanium Schedule complies with HIPAA.

HIPAA's encrypting "data in motion" is covered in our standard installation instructions. Encrypting "data at rest" is a somewhat gray area in HIPAA, and it is up to your IT department to decide if encrypting "data at rest" is warranted through the use of easily implemented options like TDE or EFS.

Karl Zercoe, President
Encryption

Most of the questions we receive about HIPAA concern encrypting data. There are several places where encryption can be applied:

Password Encryption

Users' passwords must be encrypted, and this is done automatically inside Titanium Schedule.

Encryption of Network Traffic

You can encrypt your data while it is being transmitted between the server and the workstation. This is done as a countermeasure against packet sniffing, which is the unauthorized interception the data packets during transmission over the network. According to HIPAA, this is optional if your network is closed (i.e. private wire) but is recommended it your network is open (i.e. across the Internet). Most centers fall somewhere between a completely closed network and a completely open network. If you want to encrypt your data while it is being transmitted, you should use IPSec (Internet Protocol Security) or a VPN (Virtual Private Network). HIPAA states:

When using open networks, some form of encryption should be employed. The utilization of less open systems/networks such as those provided by a value-added network (VAN) or private-wire arrangement provides sufficient access controls to allow encryption to be an optional feature.

IPSec (IP Security Protocol) is an extended IP protocol which enables secure data transfer. It provides services similar to SSL/TLS, however, these services are provided on a network layer. IPSec can be used for creation of encrypted tunnels between networks (VPN)—so called tunnel mode, or for encryption of traffic between two hosts—so called transport mode.

Encryption of Data on the Hard Drive

As a countermeasure to unauthorized access to SQL Server data files on your server, you can also encrypt those data files. There are several third-party utilities for this, or you can also use Microsoft EFS, which is built into the Windows operating system. This whitepaper describes how to accomplish this. With a properly configured SQL Server, there is no reason for any Titanium Schedule user to have access to the underlying SQL Server data files.

Encryption of Data Backup Copies

You should give careful consideration to what happens to backup copies of the data from Titanium Schedule. It is up to you to decide if the physical security of the backup copies is sufficient. If it is not, then you can also employ one of many third party utilities to encrypt the backup copies of your data. Make sure that encrypted backups can be decrypted on a different computer, if necessary. Do not encrypt backups using an encryption key that is generated by and stored only on the server, because that server may not be available when you need to decrypt a backup copy. As with all backup approaches, it is best to test your technique before relying on it. Backup your data, encrypt it, then decrypt and restore the data on another computer. Remember, if your backup encryption key is lost, your backups are useless.