A Portal Framework for HealthCare

Portals are Web-based applications that give users a centralized point of access for information and applications of relevance. Therefore the portal paradigm is an attractive proposition for health care because it offers a solution to rapidly aggregate heterogeneous applications and services while offering a high level of customization and personalization to the users, patients, care givers and IT personnel.

The integration of healthcare systems and data is a major challenge. Business conditions that typically result in fragmented data stores and limited application functionality are prominent in the healthcare industry.

To meet these challenges, we have created a Portal framework architecture which makes the SOA concept less abstract by offering a concrete service aggregation infrastructure including integration glue like context and code mapping, transformations, master patient index, single sign on and standards based interfaces. The framework facilitates the integration of various applications, so they need not be rewritten to be able to provide services to the portal. Our portal framework is compliant with industry standards such as JSR 168, JSR 286 and WSRP.



In addition to the front-end aggregation layer, a context management layer which uses a subset of the concepts of the HL7 Clinical Context Object Workgroup (CCOW) standard (centralized scheme, robust push-model, simplified context data representation) is used to solve user mapping and facilitate the coordination and synchronization between visual components (portlets in our case). This context management layer connects to the Web services (SOAP or RESTfull) that are exposed by the different systems.







Sessions and Contexts

A portal application like any other web application works with a session. All requests are executed in the context of such session. The session is associated with an authentication context and a lot of other information that is accumulated while processing the requests that are executed with the session. A session can be understood as a temporary storage with a well-defined life cycle. A session is ended either explicitly (log out, connection closing) or by a time-out.



The basic relationship and mechanism between the sessions, identity and context is described as follow: when accessing the web application for the first time there is no session established yet. The user is forced to log in (providing his identity and the credentials to prove the identity). This establishes an authentication context which is kept within a dedicated session. During the requests executed in a session, information is accumulated and processed in the session.





Connecting the Services
Both the portal application (A) and the remote system (B) may have their own identity management capabilities and their own credential storage. In order to integrate A and B we have implemented an extended SAML based token service. The resulting Security Token Service (STS) service includes the token service module as well as an eHF based context management module. This eHF Context Module stores the mapping information between user identifiers from A and the identities of B.








More complex scenarios

In reality, portal applications typically consist of multiple portlets that interact together. Each portlet can themselves aggregate services from various sources. This is where the portlet proxy is very handy because it can shield the presentation layer from back-end service implementation details.

The integration of a new application exposing web services (SOAP or RESTful) is made easier because eHF provides a mediation and routing platform component (IPF) based on Apache Camel that can wrap these services, operate transformations on data and expose them to the portlet proxies. In addition to this the current use of the Security Token Service for authentication can be complemented by the use of a Single Sign On (SSO) mechanism.

For this specific implementation we used Liferay 5.2. as portal server container and a medicine cabinet as healthcare related topic and material.

More details can be found in the paper "A Portal Framework Architecture for Building Healthcare Web-Based Applications" published at the 3rd International Conference on Health Informatics (Health Inf 2010).

HealthCare and the benefits of a Portal Strategy

The idea that software should be componentized (built from prefabricated components) has been proposed more that 40 years ago. However it is only recently, with the advent of Service Oriented Architecture (SOA) and Software as a Service (SaaS) that effective software componentization methods to integrate systems and develop solutions have been available.
These methods help promote code reuse, low-cost system development, contribute to software quality and to more flexible IT infrastructures.

Software componentization can help software companies acquire and maintain a competitive advantage by developing, deploying and maintaining services and solutions faster, cheaper and better than their competitors. Using Web and Mobile based Graphic User Interface (GUI) components is the most common way for users to interact with IT systems.

The ability to create customizable and reusable front-end software components is especially valuable for software companies and their partners. Combined with cost effective deployment solutions such as Cloud Computing, new services can quickly be bundled, offered and tuned for specific targeted sets of customers and later rolled-out to new markets very easily.

Componentization can also help to rapidly make custom changes (such as re-branding or re-skinning) since the presentation layer is isolated from the service layer. Aggregated in web portals, front-end components can be layered on top of existing data structures, enterprise and legacy systems as well as third party services.

In healthcare for example, portals can offer a unified and personalized view for healthcare professionals, and provide real-time access to a selected patient's clinical information. The same portal infrastructure can be also customized for the patients and their care givers.

Portal technology provides ways to integrate information, people and processes across organizational boundaries. It provides a secure unified access point (SSO), often in the form of a web-based user interface, and is designed to aggregate and personalize information through application-specific component or portlets.

Another characteristic of the portal technology is the fact that content management can be decentralized allowing richer content and more efficient update of the data and information presented to the users.

A portal approach brings benefits to your customers/end-users (healthcare professionals and patients), your development, professional service and IT teams, but also your partners!

• benefits for your end-users: Portal solutions also offer rich user experience by leveraging Web 2.0 technologies and specific components (e.g. wikis, blogs, message boards, widgets, social networking, maps, SSO, etc). Portal customization and personalization also offers to the end-users a more personalized experience based on their profiles such as their role in the organization or user group and preferences (e.g. choice of layout and look and feel).
• benefits for your development team: This includes a common architecture for the aggregation of heterogeneous components and services, a clear separation between the presentation layer and the service layer, and the fact that portlets are based on standard technologies (e.g. JSF, Spring, Spring MVC, Hibernate, JSR-168, JSR-286, WSRP 1.0/2.0, AJAX, Java EE, or even Flex).
• benefits for your professional service and IT teams: Portal technology can save substantial costs to both the professional service team in charge of creating solutions using a portal approach including the ability to create and combine quickly customized components that are easy re-branded for various customers is clearly a good return on investment (ROI).
  
• benefits for your IT department: For the IT department, in charge of deploying and maintaining services and applications, to be able to run multiple portal sites, each with a unique domain, on the same portal server reduces avoids to duplicate hardware and image instances. Portlets can be deployed at run-time (hot deployment) reducing down time for the user and facilitate the maintenance of the applications. In addition to this, specific content, branding, layout and skins can be stored and managed independently of the application in a content management system, saving costs during development, deployment and maintenance.
  
  

For the past couple of years, there has been a clear interest in the healthcare industry, not only in the US, but also in Canada and Europe to use portal frameworks as a solution to aggregate heterogeneous services and applications. There are still a lot of important and sensitive issues to address for this type of solution in the healthcare industry (security, auditing capabilities, flexibility, extensibility, maintainability, user and content management, integration, performance, scalability, availability, quality assurance, lifecycle management, maintenance and monetization).

Next week (April 4-8 2009) at HIMSS-09 in Chicago, it will be interesting to see if the trend is confirmed and how many vendors have been repackaged their solutions using portal technology.

Liferay Portal : My first impressions

My company ICW creates Health Care web applications and solutions.

We have a need to create reusable components that can be bundled into highly customizable and personalized web applications. Our stack uses Java Enterprise and Web 2.0 technologies, so we naturally turned to the open source Liferay Portal.

This was my first experience with Liferay. By looking at the features, it seems that this portal solution had a lot of things we were looking for:

• A well recognized open source product (1.5 million downloads, 6000+ registered participants ...)
• A business-friendly MIT License
• Compatibility with all major servers, databases and operating systems (we are using Tomcat, Oracle, Windows for development and Linux for production).
• Compatibility with our stack (J2E) and light container (Spring).
  
• An easy way to create new skins and branding
• An integrated content management system
• Highly secure platform (especially important for Health Care applications)

Installing Liferay (version 5.1.0) was a little bit longer than expected (>1 GB), but after this, it went pretty smoothly besides minor MySQL configuration issues. This installation included all the source code of Liferay (I did not have to customize the code initially, but it seems nice to have all the source code available in case ...).

I did create a specific project for our need - a portal version of our Personal Health Record (PHR) - call phr-portal-assembly (see screen shot on the left):

I liked the fact that the runtime portion of the portal is contained inside the project: bundles/tomcat/ (although this takes a lot of space if you have several projects).

To be up and running, you just have to start MySQL and Tomcat and open a browser at http://localhost:8080/web/guest/home (I am using Firefox).

I find it easy to create new plugins (portlets and themes). You just have to open a prompt under the liferay-plugins-sdk-5.1.0/portlets or liferay-plugins-sdk-5.1.0/themes directory and use the command:

create new_portlet_name new_portlet_title and
create new_theme_name new_theme_title

I was then able to start to modify my portlet skeletons (by modifying the default view.JSP file under docroot) and redeploy them (without having to restart tomcat!) by using the ant deploy command. Easy and efficient!

For the themes, I was a little bit different: The style sheet changes/differences is specified under the docroot/_diffs and the new theme is built by adding the differences to the default classic look and feel.

Becoming familiar with the portal application itself was not too complicated. Especially with version 5.1.0 which can give admin rights to any type of users, so I was able to customize my portal page without having to log a as an administrator.

To make the border/chrome disappear, I just had to click on the look-and-feel icon.








This opens a new window where I had to uncheck 'Show Borders' and refresh the browser.






After this, I had to uncheck the 'Toggle Edit Controls' check box.

The resulting portal had the same look and feel as our initial PHR, but was now highly customizable.I did some also some quick tests with different layouts and themes that was provided by one of my colleague with fast and good and results. We also did some tests encapsulating an existing Flex based application and some widgets with great success.

Overall my first impression of Liferay portal is a very positive one.

I am now looking forward to tackle the re-factoring of our existing products with this technology (we are using JSF, Ajax and Flex as front-end technology)!