Wednesday, December 30, 2009

A Portal Framework for HealthCare

Portals are Web-based applications that give users a centralized point of access for information and applications of relevance. Therefore the portal paradigm is an attractive proposition for health care because it offers a solution to rapidly aggregate heterogeneous applications and services while offering a high level of customization and personalization to the users, patients, care givers and IT personnel.

The integration of healthcare systems and data is a major challenge. Business conditions that typically result in fragmented data stores and limited application functionality are prominent in the healthcare industry.

To meet these challenges, we have created a Portal framework architecture which makes the SOA concept less abstract by offering a concrete service aggregation infrastructure including integration glue like context and code mapping, transformations, master patient index, single sign on and standards based interfaces. The framework facilitates the integration of various applications, so they need not be rewritten to be able to provide services to the portal. Our portal framework is compliant with industry standards such as JSR 168, JSR 286 and WSRP.

In addition to the front-end aggregation layer, a context management layer which uses a subset of the concepts of the HL7 Clinical Context Object Workgroup (CCOW) standard (centralized scheme, robust push-model, simplified context data representation) is used to solve user mapping and facilitate the coordination and synchronization between visual components (portlets in our case). This context management layer connects to the Web services (SOAP or RESTfull) that are exposed by the different systems.

Sessions and Contexts

A portal application like any other web application works with a session. All requests are executed in the context of such session. The session is associated with an authentication context and a lot of other information that is accumulated while processing the requests that are executed with the session. A session can be understood as a temporary storage with a well-defined life cycle. A session is ended either explicitly (log out, connection closing) or by a time-out.

The basic relationship and mechanism between the sessions, identity and context is described as follow: when accessing the web application for the first time there is no session established yet. The user is forced to log in (providing his identity and the credentials to prove the identity). This establishes an authentication context which is kept within a dedicated session. During the requests executed in a session, information is accumulated and processed in the session.

Connecting the Services
Both the portal application (A) and the remote system (B) may have their own identity management capabilities and their own credential storage. In order to integrate A and B we have implemented an extended SAML based token service. The resulting Security Token Service (STS) service includes the token service module as well as an eHF based context management module. This eHF Context Module stores the mapping information between user identifiers from A and the identities of B.

More complex scenarios

In reality, portal applications typically consist of multiple portlets that interact together. Each portlet can themselves aggregate services from various sources. This is where the portlet proxy is very handy because it can shield the presentation layer from back-end service implementation details.

The integration of a new application exposing web services (SOAP or RESTful) is made easier because eHF provides a mediation and routing platform component (IPF) based on Apache Camel that can wrap these services, operate transformations on data and expose them to the portlet proxies. In addition to this the current use of the Security Token Service for authentication can be complemented by the use of a Single Sign On (SSO) mechanism.

For this specific implementation we used Liferay 5.2. as portal server container and a medicine cabinet as healthcare related topic and material.

More details can be found in the paper "A Portal Framework Architecture for Building Healthcare Web-Based Applications" published at the 3rd International Conference on Health Informatics (Health Inf 2010).

Wednesday, November 25, 2009

Context Management, CCOW & HealthCare

What is Context Management?

Context Management is a dynamic computer process that uses 'subjects' of data in one application, to point to data resident in a separate application also containing the same subject.
Context Management allows users to choose a subject once in one application, and have all other applications containing information on that same subject 'tune' to the data they contain, thus obviating the need to redundantly select the subject in the varying applications.
In the healthcare industry where context management is widely used, multiple applications operating "in context" through use of a context manager would allow a user to select a patient (i.e., the subject) in one application and when the user enters the other application, that patient's information is already pre-fetched and presented, obviating the need to re-select the patient in the second application.
In other words it enables clinicians to select a patient's name once in an application and have their screen automatically populate with links to that patient in other applications.
  • Context management is especially used in Patient Information Aggregation Platforms (PIAP) such as Portals.
  • Context Management can be utilized for both CCOW and non-CCOW compliant applications.

What is CCOW?

Context Management is gaining in prominence in healthcare due to the creation of the HL7 Clinical Context Object Workgroup standard committee (CCOW) which has created a standardized protocol enabling applications to function in a 'context aware' state.
The CCOW standard exists to facilitate a more robust, and near "plug-and-play" interoperability across disparate applications.
The Health Level Seven Context Management Standard (CMS) defines a means for the automatic coordination and synchronization of disparate healthcare applications that co-reside on the same clinical desktop.

The clinical context is comprised of a set of clinical context subjects. Each subject represents a real-world entity, such as a particular patient, or concept, such as a specific encounter with a patient.
By sharing context, applications are able to work together to follow the user's thoughts and actions as they interact with a set of applications. These applications are said to be "clinically linked."

The CMS is extremely prescriptive, but as it is only a standard it can only go so far in terms of guiding how applications are actually designed and implemented. Variability among the decisions that application developers make can lead to various amounts of confusion for users of multiple independently-developed CCOW-compliant applications.

  • HL7 CCWO HL7 Context Management Specification acronyms:
    • CMA: Technology and Subject-Independent Component Architecture
    • SDD: Subject Data Definitions
    • UIS: User Interface (Microsoft Windows and Web Browsers)
    • ATM: Component Technology Mapping (ActiveX)
    • WTM: Component Technology Mapping (Web)
CCOW - Context Management Architecture (CMA)

At the most abstract level, the Context Management Architecture (CMA) provides a way for independent applications to share data that describe a common clinical context. However, the CMA must provide solutions for the following problems:
  • What is the general use model for a common context, from the user's perspective?
  • Where does the responsibility for context management reside?
  • How are changes to context data detected by applications?
  • How is context data organized and represented so that it can be uniformly understood by applications?
  • How is context data accessed by applications?
  • How is the meaning of context data consistently interpreted by applications?
  • CMA characteristics:
    • Centralized scheme: The responsibility for managing the common context is centralized in a common facility that is responsible for coordinating the sharing of the context among the applications.
      • The consequence of the service being a single point of failure is offset by the fact that the service and the applications it serves are typically co-resident on the same personal computer.
      • The consequence of the service being a performance bottleneck is offset by the fact that the applications are far more likely to become the performance bottlenecks
    • Robust push-model: This is a push model that deals with synchronization and partial failure issues.
    • Context Data Representation uses Name-value pairs:
      • A set of name-value pairs represent only key summary information about the common context (e.g., just the patient's name and medical record number).
      • The symbolic name for an item describes its meaning.
      • The data types for the items come from a set of simple primitive data types
    • CMA maintains a single authentic copy of the common context for each common context system.
      • Applications can choose to cache context data or they can simply access the authentic copy whenever they need to.
      • Applications can also selectively read or write specific context data name-value pairs.
      • When the context changes, an application is only informed about the change and is not provided with the data that has changed.
      • The application can selectively access this data when it needs to.
    • Context Data Interpretation
      • Standard HL7 CMA subjects and associated context data items includes the core subjects of patient, encounter, observation, user, and certificate, and their respective context data items.
      • Organizations, such as healthcare provider institutions and vendors, may define their own context subjects and data items. These items are in addition to the standard subjects and the standard items defined for the standard subjects.
      • Context item names are case insensitive.
Existing solutions using Context Management
  • Fusionfx from Carefx
    • A Context Manager function is responsible for establishing the links among the applications, which serve as Context Participants.
    • Context Participants synchronize after querying the Context Manager to determine the current context and when to update the context.
    • Context Management also supports Mapping Agents, which map equivalent identifiers when the context is updated so that all participating applications can interoperate.
    • Fusionfx includes JSR-168 based front-end viewers (java portlets) running on IBM Websphere portal solution.
  • Vergence from Sentillion
    • Vergence Wizard (April 2009) a tool configure Single Sign-On (SSO) and Context Management Application Interfaces
      • Fast single sign-on and managing expired passwords
      • Graceful termination of applications at sign-off
      • Support for single sign-on and patient context management use cases
      • Point and click interface to select application controls and associated actions for Windows and Web-based applications
      • Pre-defined actions, which include common navigation, text entry and event monitoring tasks such as Click, Enter Text, Select Menu ..
      • Integrated playback mechanism for testing individual steps
      • Optional display of detailed logs during playback
      • Extensible interface simplifies insertion of custom actions and preserves customizations when regenerating the Bridge
      • Plug-in architecture enables extensibility to incorporate new actions and events and for accommodating new application development technologies
    Sentillon has a patent on context management (US 6,993,556)
Existing solution using CCOW as a participant

  • Centricity Framework from GE
    • Centricity Framework offers GE developers a way to integrate separate GE products, while consolidating sign-on and security to a single point of entry.
    • Developed by the Advanced Technologies Group (ATG), Centricity Framework provides a consistent presentation of login, navigation (menus), and patient banner.
    • Hosted products share context information and can offer cross-product workflows, regardless of their UI technology.
    • Centricity Framework 5.0 (CF 5.0) offers a choice of two client desktop solutions (both require .NET 2.0 on the client desktop):
      • Traditional browser-based Web client (as provided in 4.x)
      • Iris, a .NET-based client solution that does not require Internet Explorer (based on Microsoft smart client technology)
    • Centricity Framework 5.0 supports the Sentillion single sign-on (SSO) solution and Carefx's context manager. The Carefx library is loaded only if CCOW is enabled for the workstation/user.
    • Communications with the Web Framework (WF) server is done via XML-based service calls. Each instance of the CF exposes a certain URL as the handler for all service calls. This URL can be found in the DataURL tag in the ServerInfo.xml file which is located in the WF's main web folder:
      • servlet/IDXWFServlet (for Tomcat-based installs)
      • IDXWFData.asp (for IIS-based installs)
    • CF enable the use of a security plug-in to implement an alternate authentication mechanism in place of the standard Framework username/password check. If a security plug-in is used, the plug-in performs any server-side authentication of users or of authentication tokens generated on the client. The Framework currently provides plug-ins for
      • Kerberos (v4.01)
      • RSA SecurID (v5.0)
      • CCOW userlink (v4.0)
      • CCOW/LDAP integration (v4.03)

Alternatives to CCOW

Worth noting is the Global Session Manager (GSM) developed at Siemens which offers features almost equal to a CCOW environment but is much easier to implement.
The patented system includes:
  • A system that enables (Web) applications to be integrated into process involving concurrent operation of applications
  • The system specifies the rules for conveying URL data and other data between applications
  • The system employs a managing application and services (session manager) to facilitate application session management
  • The system employs by a first (parent) application for supporting concurrent operation with other (children) applications.
  • The system involves an entitlement processor for authorizing user access to the first (parent) application in response to validation of user identification information.
  • The system involves a communication processor for communicating a session initiation request to a managing application to initiate generation of a session identifier particular to a user initiated session.
  • The session manager is used by the managed applications to reference global data that is essential to a workflow. Such global data includes:
    • user identification information
    • a shared key used for the encryption of URL data
    • a common URL to be used for handling logoff and logon function.
  • The session manager is regularly notified of activities from the applications to prevent an inactivity timeout while a user is active in another concurrent application.
  • The session manager employs a system protocol for passing session context information between applications via URL query or form data.
    • The session context information comprises:
      • a session identifier (used by the managed applications to identify a user initiated session in communicating with manager)
      • a hash value (used by the managed applications to validate that a received URL has not been corrupted)
      • application specific data (can be encrypted)
  • The session manager uses a unique session identifier (SID) for each new session (to protect against corruption and replay of a URL)
  • In addition to this, to avoid redirection, the parent application needs to generate a URL link with an embedded hash value from the domain, port and filepathname of the URL (e.g. using RSA MD5)
  • The communication protocol between the client browser and the applications is HTTP
  • The communication protocol between the applications and the Session manager is TCP/IP.
Siemens has a patent on this technology (US 7,334,031).

Wednesday, October 7, 2009

Health 2.0 - 2009 (San Francisco) - Day 2

8:40am - 3 Health 2.0 CEOs & a President!

Adam Bosworth, CEO, Keas

The idea with Keas was to start small trying to help a small number of people and scaling from there. Chronic diseases are life style disease. Keas tries to address these issues.

Quest Diagnostics has been a great partner. We also have good partnership with MS Health Vault and Google Health.

Lessons learned: try to be modest, get out early your product and learn from your customers!

Roy Schoenberg, CEO, American Well

Bottom line: try to make our customers (e.g. the Pentagon) happy. We seems to be at the right place at the right moment, especially now with the Health Care reforms that are taking place. American Well for patient it is convenience (immediate gratification, cost etc ...), for the physician and the payers, the solution brings efficiency, more revenue and ROI.

In Q1 2010 we will deploy our application to more PCP and specialists networks.

Christopher Schroeder, CEO, Health Central

We offer a more holistic experience than other web sites, a sense of connection and empathy. We are more focus on the consumer side of the issues.

Alexandra Drane, President, Eliza

We have 43% click through from email. We have the ability to look at the data that we store overtime and improve our system. We had to acquire a company to quickly get the social network infrastructure and experience.

9:30am - The Consumer Aggregators
27% of American go online to seek HealthCare related information and services.
  • Wayne Gattinella, WebMD - The market more mobile, more global and more personal! - Focus on continuity of care. Demo of WebMD on the iPhone. We need to demonstrate the utility of the Health 2.0 applications. Adoption is key.
  • Roni Zeiger, Google Health - New launches: (e.g. Google flu trend) - Demo of MDLiveCare.
  • David Cerino, Microsoft Health Solutions - Demo of My health Info.
11:00am - Data Drives Decisions - Panel

Tools and platforms to support decision-making by doctors
  • Rex Jakobovits, McKesson - Upload online version of medical images / Pacs systems. Demo of - more than 100K medical images. Fine grained search capabilities on images (CGI/perl based web site). Help radiologist to look at challenging cases to learn and solve related cases.
  • Lance Hill, Within3 - Customers are hospitals, Pharma, Research centers. Demo of Within3 medical social network in the context of a medical conference (running on Amazon EC2). Issues with publishing abstracts of papers shared between peers before publication.
Tools and platforms to support decision-making by patients
  • Sanjay Koyani, FDA - Pushing information to consumers and providing not only services but also a platform. - Show recalls database from FDA (4000 products) . The integrated FDA widget (e.g. on Salmonella peanut recall). Collaborates with CDC as well. More than 20,000 sites are using FDA widgets.
  • John deSouza, MedHelp - Online and mobile applications to help patients deal with specific conditions (e.g. breast cancer). Data can be shared with other patients. Mobile applications available as well.
  • Hugo Stephenson, iGuard - Offer online and paper based tools related to drugs interactions - Launch in oct 2007 - 2M US citizen registered - 25 times more registered by paper! Demographic and statistic numbers available online on these patients. Includes recalls information. Business model based on revenue from clinical trials. Hope to have 3M users in the coming months.
The impact of Health 2.0 tools and platforms on clinical research

Kristin Peck, Pfizer

Alexandra Carmichel, CureTogether
- Patient data sharing site - Lot of data on depression. Offers correlation (e.g. depressions & fibromyglia)

Jamie Heywood, PatientsLikeMe
- Very detailed statistics on patients with similar conditions. Compare data with clinical trials.

Amy DuRoss, Navigentics
- Comparison of personal and general population genetic information as well as risks factors.

12:30pm - IDEO design competition

  • Finalist winner of the IDEO competition is LabCheck Plus (Satellite Laboratory Services) - The fastest growing dialysis lab in the US. Users are Nurses, Physicians, Patient care technicians etc. The process involved ethnographic field studies, focus groups and usability testing.

1:00pm - Launch
  • Pathway Genomics - Genetic tests for $348 - Includes ancestry and health tests . Done by saliva.
  • Remedy Systems - Web based Portal & Mobile Portal - ePrescribing application at the point of care
  • AccessDNA - WebMD for genetic testing compare DNA testing providers. Offer personalized reports.
  • CarePass - Online and Mobile solution
  • - Multimedia online tool to find and understand clinical trials.
  • DNA Guide - Personal online genomic map (includes DNA Classifieds).
  • Unity Medical - ultimedia online content to help diagnosis. Technology to push content to the desktop (e.g. videos relevant to the user). ***
  • Livestrong - Help to determine how food can impact users/patients. Includes interactive graphs.
  • Healthline - Web site offering health related content
  • BiodiMojo - To help families who raise teenagers.Includes health and fitness tracking goals, journal. Send mojos by notifications and community tools related to teenagers.
  • RelateNow - To help families that have children with autism, including reducing the cost of the therapy. Offer collaboration tools for the family and the health care professionals.
2:00pm - Innovations in Health 2.0 Tools: Showcasing the Health 2.0 Accelerator

Combined demos by:

MediKeeper - PHR with a portal look and feel including a health risk management.

change:healthcare - Cost saving alerts and analysis

Kryptic - portal integration hub

Sage - EHR integration tools and platform. Supports CCR imports

MedSimple - Online questionnaires to prepare medical encounters (electronic patient history).

PharmaSURVEYOR - Medication safety survey (interaction and toxicity of individual drugs).

Polka - Mobile observation engine - manage prescriptions and observations.

ReliefInsite - Pain management system.

Keas - Launch Keas Beta - Personalized care plan. Includes todo list, history of tasks and report cards. Uses CCR . Import data from Google Health and Health Vault.

Kinnexxus & MedSimple - Kiosk dashboard for elderly and online application for care givers. 3:30pm - Health 2.0 Around the world

See also:

Tuesday, October 6, 2009

Health 2.0 - 2009 (San Francisco) - Day 1

This year, the Health 2.0 conference 2009, San Francisco takes place at the Design Center Concourse at 635 8th Street (at Brannan). It is an old dark wood train loading station which contrasts interestingly with the image of health care in general where everything is supposed to be bright and clean. The setting is similar to last year with round tables of ten people that facilitates social contacts. On the back of the building on what was the loading platforms are more than 30 exhibitors. This year the crowd is roughly the same size, between 950 to 1000 people (got these numbers from Matthew and Indu). The conference was well organized as usual, expect the wireless connections that were very poor!

The focus of this year is the platforms for mixing and aggregating data, applications services and channels, including mobile devices, social networks , widgets and portal applications.

8:30am - Introduction by Matthew Holt and Indu Subaiya
  • In the past, health 2.0 was essentially about user generated health care, then the issue of connecting to providers started to be important. More recently the partnerships to reform delivery was the focus. This year, as data drives decisions and discovery, tools and platforms seems to take more and more importance .
8:50am - Keynotes by Aneesh Chopra, Assistant to the President Obama & CTO, Office of Science & Technology Science.
  • Building blocks of innovation: the US need a more modern and secure infrastructure
  • How do we control costs?
  • How to ensure that we have the skills professionals?
  • The synergy of innovation between health care and energy, IT, green technology
  • Promotion of enterprise creation since this is where the growth of productivity comes from
  • Help promote public data sets (e.g. CMS, VA) as soon as possible
  • Promotes innovations in various areas including mobile
9:15am - Panel Clinical Groupware and the Next Generation of Clinician-Patient Interaction Tools.
9:50am - Adoption of Health 2.0 Platforms by Physicians on Main Street
  • The bottom line is culture change for technology and tools adoption.
11:15am - Payers and Health 2.0
Including demos from:
12:00pm - Doctor Office special showcase demos
  • The doctor channel (partner with publishers, lots of channels, videos, documentaries ..). Not clear what is the business model (compete with Youtube?). Should be part of a PHR.
  • rxvantage (For providers Office tools, alerts, scheduling ) - Started in RI -
  • Practicefusion (Web based PHR/EMR - on the Cloud for patient. Has a professional view - including scheduling). Based on Saleforce. Contains adds that can be removed for $100/month. The data does not belong to the patient.
  • BoundaryMedical (Tool and framework, provider and patient portals - give the ability to create a product/project in less than 30 mn)
  • Phreesia (streamline billing and payments - integrated with EMRs - for patient and providers) ***
  • MdDigest - (Opens source platform and solutions for patient and physicians - .net based) - (e.g. Healthforge practice monitor)
  • Spinal Disorders Registry - based on Microsoft HealthVault, integrate with Cisco video and Webex conference system - 50K patients - Seems a specific feature of an EMR
  • Ozmosis - Tools such as Health Alerts (partner with Veratect)
  • Phytel (Patient registry, reporting and analytics) -
  • Doctations (Interoperability platform and tools? 3 tiers: Free, $33/mo, $1033/mo) - 22 partners
  • Dr Chrono (Pratice Management + notifications reminder through voice over IP, IM etc) offer an App Store.

2:00pm - The Patient is in.
Highligthing the importance of personalization of the applications.3:40pm - Breakout sessions
  • Gaming and HealthCare
  • Health 2.0 Tools for Administrative Efficiency
  • Search and Content
See also:

Friday, September 18, 2009

Usability and Healthcare Portal Applications

A healthcare portal application is usually more than just an aggregation of portlets. To be really usable, a portal application needs a clear and well defined interaction model between the portlets. In addition to this, since speed and ease of use plays an important role in the quality of care for the patients and the clinical adoption of the solution, the performance of the portal application must be excellent.

Creating portal themes:
The theme of a portal application typically includes portal header, navigation (horizontal and/or vertical), portlet chrome, and footer for controlling the general look and feel of a portal application. It might also include CSS and JavaScript for controlling the look and feel of portlets.

The way themes are created varies from one portal server to another. Fortunately, the overall layout of a portal application and the look and feel of the individual portlets can be separated from the underlying functionalities of the portlets. This separation makes branding much easier and facilitates the porting of the application to other portal servers.

There are several approaches to creating a custom theme for portal applications. Certain vendors (e.g. IBM Websphere) offer portal theme builder, portlets that provide minimum functionalities to create basic themes. For more sophisticated themes and branding of a portal application, developers and designers will start with an existing theme and modify it (e.g. Liferay). Themes are usually a combination of HTML, CSS, images and javascript files. Designers typically use tools such as eclipse plugins, Dreamweaver, Photoshop, Fireworks, etc to modify these files.
Personalization in HealthCare Portal Applications:

Personalization is one of the key features of portal applications. If granted personalization rights, users can personalize their portal Web pages based on their specific roles and authorization schemes.
Themes and layout can also be changed manually by the user or programatically based on the user profile. Additional personalization mechanisms (e.g. using a business rule coupled with user profile matching engine) can also be integrated with the portal solution.
Personalization can be very valuable for care givers, as a means to organize the general views or dashboards associated with their daily tasks in the most comprehensive and efficient way. Personalization can also be important for patients. For example, diabetes patients might want to view medical content related to their diagnosis while cancer patients might want to see their treatment protocols on personalized portal pages.

Tuesday, August 25, 2009

Liferay Portal 5.2 Systems Development - Book review

Recently Packt Publishing Ltd sent me a copy of the new book from Jonas X. Yuan untitled "Liferay Portal 5.2 Systems Development" for review.

In this post, I would like to give my feedback including some input from my colleagues who have read parts of this book.

I personally read all the 12 chapters which cover a large variety of topics related to developing portal application with Liferay 5.2 including JSR-286 portlets, EXT and SDK, JSP/struts based portlets, portal pages management, tools, CMS and WCM, personalized community, Layout templates and themes, Inter Portlet Communication (IPC), collaboration features of Liferay, Staging, publishing and APIs.

Reading the book from the front to the back is probably not the best way to take full advantage of the content. I would rather recommend to use it as a reference to Liferay 5.2. application developments.

This book is particularly valuable if your project includes high level of customization, using Liferay Extension Environment and or the integration of Content Management System (CMS) capabilities, as well as Web 2.0/social and collaboration features. The content of the book is consistent with Packt publishing practice to "focus on producing cutting-edge books for communities of developers, administrators, and newbies alike".

If you are an architect, a graphic designer, developer or a build manager, you will find ample step by step configurations and recommendations, code sample, tips and best practices on developing portal applications with Liferay 2.5.

Sometimes, the content is so rich with code snippets, variable names and configurations paths, that the mix of various fonts makes the text a little bit difficult to read, or at least slows your reading. Fortunately, the granularity of the chapters is fine enough that you can jump directly to a very precise topic. The index is also very handy.

I like the fact that the author combine best practices that are specific to Liferay (e.g. Liferay has a property called for performance optimization) and general good web site programming practices (e.g. the use of CSS sprites and the placement of javascript code).

The fact that most of the book describes the development of a specific and complex portal application (Sesame Workshop) is a good thing since you can see how every pieces of the solution are put together. You can even download code sample from Packt Publishing. However, additional examples would have been nice too. It would have been also interesting to see alternatives to JSP and Struts MVC framework such as development based on JSF, RichFaces and/or ICEFaces.

The chaper 9 on Layout templates and themes is very useful, although starting with EXT rather than the Liferay SDK is quite harsh. Also a discussion on the development process: how graphic designers and developers can work more efficiently together would have been very useful in this chapter.

Overall I highly recommend using this book as reference book if you plan or are involved in a portal project based on Liferay 5.2. Even though your overall configuration/architecture might be different, you will find practical tips and solutions to integrate and customize most features of a portal application.

If you are new to Liferay in general (developer or graphic designer) and want to learn the potential of the platform, you can also definitively use this book for specific topics.

Thursday, July 30, 2009

How to update a TrustStore

When it comes to security, I often got questions from engineers related to truststore update.

Let say you have a truststore with a certain number of trusted certificates that are used for SSL authentication and you want to add or replace a certificate.

You will need a tool such as Portecle which is a java based is friendly GUI application for creating, managing and examining key stores, keys, certificates, certificate requests, certificate revocation lists and more.

Open your initial truststore with Portecle:

I then use Microsoft Internet Explorer (IE) to access, view and save your additional/new trusted certificate.

In this example, I am using ICW Lifesensor Personal Health Record (PHR) application because I want to add the associated certificates to my TrustStore (the goal is to to enable secure access to PHR accounts):

Use Portecle to import this new trusted certificate in your trust store:

Your updated truststore is now ready to use!

Monday, June 1, 2009

Community One 2009

This year Cloud Computing was really the buzz word at Community One in the West Coast (San Francisco)!

Cloud Computing was in fact the opening topic by Dave Douglas on the general session (the other topic was Open Solaris).

It was interesting to learn that SUN Cloud offer started only few months ago, but it has been quite successful with more than 3000 people using it every days.

Dave did introduce also a couple of interesting companies that offer applications that run on the SUN Cloud infrastructure:
Security is still a concern in the cloud. Sun seems to take security quite seriously. It participates to the Center for Internet Security and offer tools to encrypt data as well.

There also a very good material on programming languages and the Cloud from Ted Leung Principal Engineer at SUN who presented an overview of cloud computing architectures and the ways they interact with programming languages. He covered various topics : Security, Concurrency, Performance, Distribution, Operational Considerations and Domain Specific Languages (DSL).

Ted introduced some of the innovations in the Cloud infrastructure including storage and computing in the Infrastructure as a Service (aaS) layer, Virtual Machine Images (Stack aaS), AppEngine, Heroku, Zembly (Platform aaS), Salesforce (Software aaS).

Infrastructure aaS issues:
  • No predefined Software Stack
  • You have to do everything
  • Languages cannot help
Stack aaS issues:
  • You get whatever language is in the stack
  • Depends on the quality of the stack interaction
  • Languages can help, part of the stack interaction
  • Services are not part of the stack
Platform aaS issues:
  • Specialized high performance Data Access/Storage (CouchDB, Big Table, Key/Value Stores, Non Relational DB, Map Reduce)
  • Identity
  • Asynchronous messaging (XMPP, Queing)
  • Payments
  • You get whatever language is in the platform
  • Platform inlcudes network services beyond language runtime
  • Leads to a service oriented system
  • Part of the difference is the quality of the integration
Software aaS issues:
  • SaaS application may or may not be programmable
  • The SaaS may have its onw language
  • Learning curve/training
  • Integration
Characteritics of the Cloud Environment:
  • Multitenants
  • Heterogeneous
  • Scalability is a goal
  • Elastic/Provisioned by machine
  • Monitored/Audited
  • Services Oriented
The most interesting part of the presentation was certainely the part dedicated to languages with a comprehensive overview of specialized programming languages for the Cloud.

Areas where languages intersect the Cloud:
  • Security/Resource Control
  • Performance
  • Concurrency
  • Distribution
  • Operational Considerations
  • Domain Specific Languages
There are two language models for the cloud:
Projects and Languages targeted to address Cloud issues:
Monitoring and instrumentation is also an important issue in Cloud Computing. DTrace for example (integrated with the latest Open Solaris version) is a powerful tool to analyse resource usage/behavior (e.g. which files are accessed throughout the whole stack).

Other topics at Community One:

There were also other interesting topics besides Cloud Computing:

  • Network vitualization
  • Snapshot using ZFS (very cool@!)
  • Optimization of storage devices using Flash drives
    (these days, the bottle neck for a applications is data read/write on storage devices!)
  • SUN 7000 Storage: New enterprise storage appliance - 800 customers in just 4 months. up to 1/2 Petabytes of storage!
SUN Master Data Management 6.2 - (presentation by Parijat Prosun Kar):
  • To help managed the business context data of entities or objects involved in business transaction (great for Context Management!)
  • Can be used in System aggregation/federation (e.g. portals)
  • Just in time business models require agility and integration across the enterprise
  • Help ongoing mergers and acquisitions
  • Compliance and localized governmental requirements
  • Includes a Master Index Studio, Data Integrator, Data Quality, Data Mashup/Services, Data Migrator
  • see also Mural (Open source Master Data Management from SUN)

Atmosphere: a POJO based framework using inversion of control (IoC) to support Comet.

/ AjaxPush: updates on the J2EE Ajax framework presentation by IceSoft.
Here is an example that uses Liferay Portal platform.

Android: some good tips about the use of adapters, bitmap scaling, background refresh.
By the way, the next version of Android (Doughnout) is expected in Q3 of 2009.

updates on the Java implementation of the Ruby.

Friday, May 22, 2009

Speech Technology and HealthCare

Recently, I was invited to participate to a meeting of AVIOS (Applied Voice Input Output Society) local chapter in Menlo Park, California to discuss the use of speech technology in HealthCare and Medicine.

Speech technology is not widely used in healthcare at the moment. The healthcare industry is still focusing on efficiency and cost saving by solving systems integration, re-wamping legacy systems and making paper based processes digital.

Dictation and transcription for EMRs

The most successful type of applications is probably dictation/transcription for electronic medical records (EMR).

Speech recognition, enhancing productivity and reducing medical costs as a result. In this domain, Nuance is one of the market leader.

The products and services of Nuance Healthcare are used at more than 5,000 hospitals and by more than 400,000 providers.

Nuance’s on-premise Dictaphone Enterprise Speech System (ESS) components support recording the dictation audio, managing the audio and the resulting transcription process, transcription document distribution, and online reporting.

Dragon medical is another product from Nuance with which physicians dictate in real-time into their EMR in their own words letting them instantly review, sign, and make their notes available for other clinicians. This include Medical Vocabularies, covering nearly 80 specialties and subspecialties and regional accent support.

Potential use for Care and Disease Management

Besides dictation/transcription there are some additional potential uses of speech technology in other domains related to heathcare. Care and Disease Managament is one of them.

Organizations/companies like Lifemasters have call centers where nurses help to help patients with chronic disease achieve optimal health by closing the gaps between recommended and actual care (evidence-based medicine) and encouraging patients to adopt a healthy lifestyle and reducing the overall cost of healthcare. Speech technology could be used to complement and optimize this type of services: virtual operators, voice activation services, automatic text-to-speech combined with voice-over-IP reminder and notifications (e.g. to take drugs, schedule an exam, do certain types of exercices etc ...). Companies like requall and Jott already provide this type of notification infrastructure that can be delivered on mobile phones for example.

Other Areas

Additional research areas in speech technology and healthcare include:
  • disease assessment (e.g. parkinson over the phone, although this disease is very complex and voice is probably not the most important factor)

Overall, there is a big potential for use of Speech Technology in the healthcare industry.

The recent improvements in Text-to-Speech make it very attractive to healthcare, especially to non life critical applications.

Speech recognition accuracy is sometimes still a problem, but it is well suitable for sub-languages with specific vocabulary. It might be more difficult to be used directly by patients/health consumers, especially senior citizens where the language can be altered by their conditions.

Thursday, April 23, 2009

HIMSS 2009 - How Consumers use PHRs (KP)

While at HIMSS 2009 in Chicago early this month I did attend a very interesting talk from Judy Derman and Jan Oldenburg from Kaiser Permanente untitled: "How Consumers use Personal Health Records (PHRs) : lessons learned".

Kaiser Permanente (KP) has a very large user based (2.5M consumers/patients and 13,000 healthcare professionels) for their online services (a portal accessible at portal and My Health Manager, a Personal Health Record (PHR) built with the help of EPIC).

In this talk, Judy and Jan described the lessons learned from usage patterns on these web applications.

The consumers/patients are motivated by the fact that they can act on their information. It is not just about looking at a medical record, but act one it. Example of useful actions include:
  • start changing health related behavior
  • refill a prescription online
  • make appointment with their doctor
  • send email with care professionals
  • access educational programs (some of the most popular are: diabetes, depression, insomnia, weight management)
The consumers will trust these applications and the associated medical information as long as it is :
  • transparent
  • accessible
  • consistent
  • secure
  • timely and accurate
Kaiser Permanente study shows that the implementation success factors include:
  • early adopters are leaders in usage and feedback
  • there is a strong leadership from senior leaders
  • importance of clearly define explicit and articulated benefits
  • allocate appropriate and sufficient resources to do the job
  • resource must have appropriate skills
  • involve stakeholders / members / patients early in the process
  • make decision at the appropriate level
  • provide tools to support implementation (marketing material and toolkits)
  • use standard prcedures
  • use effective and integrated marketing
  • simplify the "getting started" mechanism (one step activation + pre-populate heath record)
  • drive adoption with multiple channel marketing
The Kaiser PHR was launched in January 2007 and has reached 2.7 users by April 2009.

In 2008, 84% of the users choose the "One step activation" mechanism and 54% of KP members signed-in with 40.8% of user male and 51.2% female.

Here are the top features in the last two years:

Here are some statistics/facts about the Email/secure messaging service of the KP PHR:
  • 6M emails in 2008 sent to doctors (13M since the launch in 2007)
  • 600,000 emails per months in 2009
  • 14% of messages are written by physicians and clinicians
  • 14,000 physicians are using emails regularly
One of the benefits of the email services is that the patients using email were 7-10% less likely to schedule an appointment.

Here are some statistics/facts about the Lab/test results service of the KP PHR:
  • 16.7M test in 2008
  • 61M tests results available online
  • 31M since launch
  • certain tests are not online (HIV, genetic tests ...)
Here are some statistics/facts about the Presciption refill service of the KP PHR:
  • 5.6M refill in 2008
  • increase of 26% in 2007-2008
  • Up to 23% of refill are done online

Tuesday, March 31, 2009

HealthCare and the benefits of a Portal Strategy

The idea that software should be componentized (built from prefabricated components) has been proposed more that 40 years ago. However it is only recently, with the advent of Service Oriented Architecture (SOA) and Software as a Service (SaaS) that effective software componentization methods to integrate systems and develop solutions have been available.
These methods help promote code reuse, low-cost system development, contribute to software quality and to more flexible IT infrastructures.

Software componentization can help software companies acquire and maintain a competitive advantage by developing, deploying and maintaining services and solutions faster, cheaper and better than their competitors. Using Web and Mobile based Graphic User Interface (GUI) components is the most common way for users to interact with IT systems.

The ability to create customizable and reusable front-end software components is especially valuable for software companies and their partners. Combined with cost effective deployment solutions such as Cloud Computing, new services can quickly be bundled, offered and tuned for specific targeted sets of customers and later rolled-out to new markets very easily.

Componentization can also help to rapidly make custom changes (such as re-branding or re-skinning) since the presentation layer is isolated from the service layer. Aggregated in web portals, front-end components can be layered on top of existing data structures, enterprise and legacy systems as well as third party services.

In healthcare for example, portals can offer a unified and personalized view for healthcare professionals, and provide real-time access to a selected patient's clinical information. The same portal infrastructure can be also customized for the patients and their care givers.

Portal technology provides ways to integrate information, people and processes across organizational boundaries. It provides a secure unified access point (SSO), often in the form of a web-based user interface, and is designed to aggregate and personalize information through application-specific component or portlets.

Another characteristic of the portal technology is the fact that content management can be decentralized allowing richer content and more efficient update of the data and information presented to the users.

A portal approach brings benefits to your customers/end-users (healthcare professionals and patients), your development, professional service and IT teams, but also your partners!
  • benefits for your end-users: Portal solutions also offer rich user experience by leveraging Web 2.0 technologies and specific components (e.g. wikis, blogs, message boards, widgets, social networking, maps, SSO, etc). Portal customization and personalization also offers to the end-users a more personalized experience based on their profiles such as their role in the organization or user group and preferences (e.g. choice of layout and look and feel).
  • benefits for your development team: This includes a common architecture for the aggregation of heterogeneous components and services, a clear separation between the presentation layer and the service layer, and the fact that portlets are based on standard technologies (e.g. JSF, Spring, Spring MVC, Hibernate, JSR-168, JSR-286, WSRP 1.0/2.0, AJAX, Java EE, or even Flex).
  • benefits for your professional service and IT teams: Portal technology can save substantial costs to both the professional service team in charge of creating solutions using a portal approach including the ability to create and combine quickly customized components that are easy re-branded for various customers is clearly a good return on investment (ROI).
  • benefits for your IT department: For the IT department, in charge of deploying and maintaining services and applications, to be able to run multiple portal sites, each with a unique domain, on the same portal server reduces avoids to duplicate hardware and image instances. Portlets can be deployed at run-time (hot deployment) reducing down time for the user and facilitate the maintenance of the applications. In addition to this, specific content, branding, layout and skins can be stored and managed independently of the application in a content management system, saving costs during development, deployment and maintenance.

For the past couple of years, there has been a clear interest in the healthcare industry, not only in the US, but also in Canada and Europe to use portal frameworks as a solution to aggregate heterogeneous services and applications. There are still a lot of important and sensitive issues to address for this type of solution in the healthcare industry (security, auditing capabilities, flexibility, extensibility, maintainability, user and content management, integration, performance, scalability, availability, quality assurance, lifecycle management, maintenance and monetization).

Next week (April 4-8 2009) at HIMSS-09 in Chicago, it will be interesting to see if the trend is confirmed and how many vendors have been repackaged their solutions using portal technology.