Migrating Healthcare Applications to the Cloud through Containerization and Service Brokering

Organizations that are building their own cloud infrastructure from scratch or rely uniquely only on an infrastructure as a service (IaaS) from a provider, risk spending valuable resources and time building a specialized platform instead of focusing on their core business. On the other hand, organizations who adopt a turnkey proprietary cloud stack will lack flexibility and may end up locked into a specific technology or vendor.

Instead of designing the cloud architecture from the bottom up or the top down, a better strategy is to design from the inside out. By starting with the platform as a service (PaaS) as the central critical layer and creating ways to use various IaaS models and offerings in generic ways, it is possible to create a flexible and efficient lifecycle for the services and applications running on the platform.

In Healthcare, PaaS technology such as the one offered by Pivotal Cloud Foundry facilitates the rapid creation and migration of existing applications towards better user engagement, increasing collaboration between care givers and improving the lives of patients, while reducing the total cost of ownership (TCO).

The main characteristics of this platform are:

• Application containerization
• Optimized application scaling
• Application to service brokering
• Abstraction of IaaS
• Excellent application lifecycle management
• Automatic middleware stack and operating system configuration
• Advanced application monitoring

In this architecture, backing services (e.g., databases, caching systems, other data services (e.g., Amazon S3), messaging/queueing systems, SMTP services, various external APIs (Google Maps, terminology services, healthcare registry services) are just attached resources. For example, there is a distinction between a local digital imaging and communications in medicine (DICOM) local image store and a remote, 3rd party DICOM picture archiving and communication system (PACS) service hosted in the cloud.

The type of platform is especially suitable managing micro services, which allows better componentization, development and testing processes, decentralized governance, resilience and maintainability. These services, especially when they are based on a RESTful architecture, are extremely easy to build, integrate, test, extend, and maintain, and are extremely adapted for mobile applications integration.

Good and efficient lifecycle management is important to produce and maintain high quality software. This is particularly important in healthcare where the patient life is at risk or a breach of privacy could occur as a result of poor quality software.

The advantage of abstracting the IaaS layer access through a common API is that there no need to have multiple versions of application code for each deployment model. The same code will work and be monitored the same way for all cloud deployment models, including on premise and hybrid.

On top of the generic open PaaS infrastructure, we are adding generic and cross-cutting capabilities not part of the original platform including:

• Identity management to allow customers, patients and consumers to be accurately and uniquely recognized by using an enterprise master patient index (eMPI) for patients and a lightweight directory access protocol (LDAP) based directory for healthcare providers and consumers.
• Security/Identity Access Management: authentication, authorization, and single sign-on, all critical to secure provider, patient, and consumer applications and in certain cases, can be addressed by declarative proxification of these services.
• Cloud-based, connected device management: device registration, discovery, routing, diagnostics, remote control, firmware provisioning, data collection, device-app-user pairing (we are currently supporting 6 million active consumer devices).
• Open cloud based clinical workflow collaboration capabilities.
• Secure cloud-based big data store and analytics capability (e.g., to store patient’s observations and genomic data.

  

We are also creating and exposing healthcare and wellness related services that applications can consume:

• IHE-based demographic, clinical, providers web services (e.g., PIX/PDQ, XDS, HPD)
• A virtual longitudinal healthcare record (VHR) and associated services
   - ATNA-based auditing services
   - Consent and delegation services

Our HealthSuite Digital platform also offers high availability, scalability, privacy and security compliance with regulations (e.g., HIPAA, HITECH) and standards (e.g., NIST SP800-53, ISO 27001) using multitenancy, redundancy, 24/7 monitoring and operations, and disaster recovery.

   More on:  F. Andry, R. Ridolfo, J. Huffman, Migrating Healthcare Applications to the Cloud through Containerization and Service Brokering, 8th International Conference on Health Informatics (HealthINF 2015), pp. 164-171, Lisbon, Portugal, January 2015.

Multitenancy and Healthcare Software Applications

 

Virtualization abstracts  the running stack and components in order to have services users to appear to run on a separate physical machine has been an earlier attempt to lower the cost of resources. In fact, virtualization has brought tremendous progresses in heath care for the development, testing and running applications during the past 10 years or so. However multitenancy goes one step further.

Multitenancy is at the core of the design of Web based applications offered as Software as a Service (SaaS). In a multitenant software application, the service offered to each client organization (e.g. in healthcare that would be a physician office, a lab, a clinic ...)  is virtually partitioned. Data and configuration are separate for each organization that use the service. This is required to ensure the confidentiality of the patient records.

In a multitenancy architecture, the same set of hardware, network resources, software stack, application code base are shared between all users of the service. As a result, SaaS applications are managed and delivered more efficiently at a lower cost.



Here is a subset of the services management tasks that can be greatly simplified by a multitenancy architecture :

• patch deployments
• GUI, API and platform/stack upgrades
• data migration
• customizations
• customer support
• monitoring
• reporting

The amount of resource: hardware, network and IT staff, dedicated to a specific application is drastically reduced from a model where every organization has its own instance. In addition to this, multitenancy tends to benefit the whole user set of a particular service, since defects fixes and new features are deployed incrementally very frequently. Agile development process methodologies such as Scrum are particularly suitable for this technology since development and deployment cycles can be extremely short.

This can be critical in healthcare when several organizations such as hospitals, labs and pharmacies using the same service, need to exchange data across an Health Information Exchange or a Regional Health Information Organization). In this case, all end-points of the HIE have to use the same data format , the same protocols and security scheme. Is parts or all of the end-points are running in a multitenant architecture, then the orchestration of all end-points is facilitated greatly.  For example, every time a new service functionality is deployed available, all end-points have access to it and are compatible. Moreover, maintenance such are the provisioning and re-provisioning of user credentials and security certificates is simplified. Finally monitoring and  reporting such as meaningful use are much easier to implement and deploy.

The unified architecture and deployment topology (for development, QA testing, staging and production), makes the application cheaper to develop, deploy and maintain. In healthcare software development, it can take more than a year to acquire not only the necessary IT skills, but also knowledge of the domain.This is why it is very difficult to hire, train  and keep qualified engineers, support and administration specialists, and the demand is growing.  With a multitenancy model, more and better services can be developed and maintained with the same engineering and IT workforce. The support specialists can then refocus their efforts on solving end-users problems related to healthcare rather than pure IT infrastructure and improve customer satisfaction overall.

Further more, multitenancy provides much greater performance, scalability and maintainability as applications are generally hosted on elastic cloud infrastructures and platforms. Even though more and more vendors offer cloud based products from basic elastic resources through infrastructure as a Service (IaaS), or a full customizable development and deployment cloud based platform (PaaS), professional healthcare IT professionals are still reluctant to have their patient's records hosted on commercial public clouds. Obviously, offloading generic healthcare related services that do not contain any PHI information (e.g. ICDx, HL7, SNOMED taxonomy and terminology services) can certainly be realized from private to public cloud if needed. On the other hand, when any patient demographic information or clinical data is included, healthcare IT decision makers needs assurances that the data is always secure and the applications and processes involved are in compliance with HIPAA regulation. One minimum requirement for example is that all protected data must be encrypted at rest and in flight at all time. Other legal requirements in certain states also require that the patient's data stays within the limit of the states and this can be an issue when physical servers on public clouds can reside anywhere.

The migration of legacy single tenant applications to multitenant based services is definitively challenging and requires new paradigms (e.g. metadata driven architecture and data models, polymorphic applications), new tools and platforms and engineers and IT personnel familiar with this new model and its related technologies. Multitenancy is an essential part of the whole cloud computing market for the healthcare industry that is estimated to grow to $5.4 billion by 2017.

Multitenancy is certainly one of the most critical technologies that will drastically help improve the efficiency of healthcare, reduce cost and will be the base of business intelligence and data warehousing solutions to make better health predictions and decisions for the overall population.

SOA and Health Care Meaningful Use requirements of the Recovery Act

The Interim Final Rule of the Health Information Technology for Economic and Clinical Health (HITECH) Act was passed by Congress in February of 2009.  Under this act, eligible providers will be given financial rewards if they demonstrate "meaningful use" of "certified" Electronic Health Record (EHR) technologies.

Therefore there is a big incentive for health care vendors to offer solutions that meet the criteria described in the law.  More precisely, the associated regulation provided by the Department of Health and Human Services describes the set of standards,  implementation, specifications and certification for Electronic Health Record (EHR) technology.

As a Software Architect, I was curious to see whether Service Oriented Architecture (SOA) or Web Services in general were mentioned in these documents.

The definition of an EHR Module includes an open list of services such as electronic health information exchange, clinical decision support, public health and health authorities information queries, quality measure reporting etc.

In the transport standards section, both SOAP and RESTful Web services protocols are described. However Service Oriented Architecture (SOA) is never explicitly described or cited. No reference how these services might be discovered and orchestrated in a "meaningful way". I would assume that the reason is that the law makers and regulators wanted to be as vague as possible on the underlying technologies for an EHR and its components.

The technical aspect of "meaningful use" is specified more precisely when associated with interoperability, functionality, utility, data confidentiality and integrity of the data, security of the health information system in general.

These characteristics are not necessarily specific to SOA, but to any good health care software and solution design.

Still, the following paragraph seems to describe a solution that could be best implemented using a Service Oriented Architecture: "As another example, a subscription to an application service provider (ASP) for electronic prescribing could be an EHR Module"  where software is offered as a service (SaaS).  This looks more like the description of an emerging SOA rather than a full grid enabled SOA.

It will be up to the solutions providers to come up with relevant products and tools to maximize the return on investment (ROI) of the tax payer's money and the professionals and organizations eligible for ARRA/HITECH.

SOA will definitively be part of the mix since it gives the ability create, offer and maintain large numbers of complex EHR Software solutions (SaaS) that have a high level of modularization and interoperability.
 

Further developments toward a complete SOA stack such as offering a Platform as a Service (PaaS) and even the underlying Infrastructure as a Service (IaaS) in the cloud will face more resistance in a domain known for a lot of legacy systems and concerns about privacy and security.

The Object Management Group (OMG) is organizing a conference this summer on the topic of  "SOA in Healthcare: Improving Health through Technology: The role of SOA on the path to meaningful use". It will be interesting to see what healthcare providers, payers, public health organizations and solution providers from both the public and private sector will have to say on this topic.

Google IO 2008

Keynote: Client, Connectivity, and the Cloud - Vic Gundotra, Vice President, Engineering

• Historically access to computing and deployment of applications have not been easy
• in the 50s & 60s Mainframe were powerful but not very accessible, deployment was easy (terminal were dumb)
• in the 70s & 80s PCs were not powerful, but accessible, deployment were difficult (complex deployment on all clients)
• since the 90s Internet made access to power and deployment easier, but there is sill some progress to be made

• Google wants to move the internet forward by
• making clouds more accessible (providing more power to web applications)
• making clients (browsers) more powerful
• keeping (internet) connectivity pervasive

• Technologies offered by Google to achieve these 3 goals*
• Google Gears: an open source browser extension that lets you create web applications that run offline.It lets you store and serve application resources locally, store data locally in a fully-searchable relational database, and run asynchronous JavaScript to improve application responsiveness - to be compared with Adobe AIR
• Android: a software stack for mobile devices including an operating system, middleware and key applications.
• Google App Engine(Google Cloud) - New MEMCACHE & Image APIs available - (see also pricing) - to be compared with Amazon Elastic Compute Cloud (Amazon EC2)
• Google AJAX Search API
• Google Chart API
• Google Data APIs
• Google Gadgets API
• Google Maps API
• OpenSocial OpenSocial defines a common API for social applications across multiple websites.With standard JavaScript and HTML, developers can create apps that access a social network's friends and update feeds.
• Identity: OpenID
• Authentication + Authorization: OAuth
• Applications: OpenSocial - see reference implementation:Apache shindig

• Google Web Toolkit *Version 1.5 available with support to Java 5* - The Google Web Toolkit (GWT) is an open source Java software development framework that helps you produce user-friendly AJAX applications. With GWT, you can use your favorite Java development tools to build AJAX applications without having to tackle the steep learning curve of JavaScript/CSS browser quirks. GWT has bee used to develop Google Health
• YouTube Data API - Integrate YouTube videos into your website or application.

See other blog on this topic

Keynote: Imagination, Immediacy and Innovation... plus a little glimpse under the hood at Google
      Marissa Mayer, Vice President of Search and User Experience

• Google focus on most popular Web Applications on the Web:
• EMail
• Social Networks
• Blogs
• News
• Search
• ...

• "The simplest design is probably the best"
• e.g. in Google Search, everytime a search query is done, it hits between 700-1000 Google servers. This involves load balancers, mixers, several search engines (image, blogs, books, news, videos, maps ...). The whole process takes 0.16 seconds. However the GUI still hides the complexity of the process and remains very simple. E.g. Use an unified logging/authentication/authorization system (eg. OAuth)

• On User Usability
• a lot of studies are done regularly with a lot of statistics gathered on very small changes on Google Applications. e.g. small changes such as the space between lines e.g. testing various background colors
• performance remains one of the most important criteria for users
• user want instant feedback (e.g. uploaded content should be available right away)
• novice users become very quickly experts users (e.g. simple google search page to iGoogle portal).
• It is therefore important to not spend too much effort to coach novice users and/or provide too much guidance (this could slow expert users)
• experts users are those who will being more revenue
• usability studies should target expert users
• Google uses a mix of direct user feedbacks (such as emails), existing applications user studies (instrumentation + metrics) and testing new designs changes with controlled panels of

• Use an Happiness Matrix for your products to measure user satisfaction
• Use Design more as a Science than an Art
• Try to think 10 years ahead- Goal: Aim at quantum leap (a good example is the iPhone)
• Build on real flexible technologies
• Be Scrappy. Revel in constraints. Google works in small groups and create quickly prototypes for testing and try to address very difficult problems that seem impossible to solve.
• Imagination is a muscle : Do not hesitate to brain storm about crazy projects with your team even if you do not intend to make a product of it. Try to come up with solutions and mockups (at Google 50% of the product features come from 20% time given to Googlers to work on personal project).
• On Google Health: We will never be able to have all the medical record information online, but Google hope to make a difference in this domain too.
• On Future Directions for Google Applications and Services
• All: Personalization
• Search Engines:
• search on Phones
• search on Graphs
• Location based search (GPS will be soon integrated by default in most cars and vehicles)
• Take into account previous search to improve future searches.

See other blog on this topic