National Ministry of Health

Securely sharing medical records through SOA

This National Ministry of Health is responsible for the accessibility and quality of public healthcare, welfare and social-cultural work. Day-to-day management and delivery of the healthcare system is provided by a network of private health suppliers (General Practitioners, hospitals, medical specialists, obstetricians, paramedical caregivers, etc.), but the costs are borne by the government. With an aging national population, controlling healthcare costs was fast becoming the key mandate for the Ministry. Reducing overhead and administration costs by creating a central point of access for all care givers and patient records seemed like the most economical solution, but with 15M+ citizens, all of whom have some form of healthcare insurance, a centralized solution posed a significant challenge.

Ministry of Health
15M+ citizens Hundreds of individual practitioners Dozens of care institutions and services (clinics, labs, emergency services, etc) Tens of hospitals

A Decentralized Approach
The National Ministry of Healths IT department recognized that, given their current resources and budget and the enormous undertaking a centralized solution might require, the timeline to deliver a solution would not meet expectations. In addition, a number of security issues also arose around the ability to share medical records across the entire network of healthcare providers without compromising the privacy of their patients. As a result, the Ministry brought onboard the local resources of a global Systems Integrator (SI). The SI identified the fact that the Ministrys small budget and short time frame for implementing a national system meant that a traditional centralized approach a single database containing all patient records would not be feasible. A leaner, more flexible, decentralized solution would better fit budget and time constraints. The SI proposed a Service Oriented Architecture (SOA) approach, since SOA would enable standards-based interactions between the countrys many diverse medical applications without requiring structural-level integration. However, to control costs, patient records would need to flow across public networks. This meant that not only would security have to be maintained for data in flight, but interactions at both ends would have to be secured in order to ensure privacy. The solution was the Layer 7 XML Networking Gateway (Layer 7 Gateway), which sits in the middle of each interaction and acts as a Web services broker, validating message-level digital signatures, enforcing access control rules (based on each healthcare providers smart card), and protecting against XML-based threats. The resulting system securely pulls records from where they reside at multiple healthcare providers across the country effectively assembling a complete medical history of a patient on demand.

SOA-ifying Healthcare
The solution follows a hub and spoke architecture, with the Layer 7 Gateway at the hub connecting healthcare provider systems located in hospitals, clinics, doctors offices systems that store patient information to healthcare practitioners such as physicians and pharmacists, via standard, Web services APIs. Each of the countrys healthcare systems, registered as services, can be centrally queried and accessed via the Layer 7 Gateway. Since the Gateway is policy-based, new services and new security requirements can be rapidly accommodated by centrally updating a single policy rather than updating the code for each healthcare application. To create a more flexible, secure system, each healthcare provider that requires access to patient data is issued with a smart card which automates the digital signing of their requests. Swiping the card initiates a token-based logon to the Layer 7 Gateway. With all the pieces in place, registered physicians can now access information their patient has previously granted them access to in an authorization profile. For example, when a healthcare provider swipes their smart card, an

National Health Case Study

authentication token is received by the Layer 7 Gateway, which verifies them against a central LDAP and allows/denies the physician access. If the physician is authenticated, they can then submit a query. The Layer 7 , Gateway extracts the patients id from the query and performs a lookup on each health service within the system until a match is found. The patient record is then encrypted over the wire and decrypted on the physicians system, ch where it is displayed locally, but not stored ensuring patient privacy can be preserved.

The Results
Compared to centralized national healthcare projects (some of which are currently over budget and have missed projects deadlines), the decentralized, SOA-based solution has not only proven itself to be a successful approach, but has based also resulted in cost reductions and improvements in the quality of healthcare (principally by reducing manual principally errors) all without compromising patient record privacy While most IT architects believe that centralized privacy. systems will usually have the edge in terms of scalability and accessibility, this decentralized approach has , demonstrated comparable capabilities while realizing better security, greater cost savings and a faster implementation time. In fact, analysts from International Data Corp nalysts Corporation (IDC) and Computerworld magazine gave the SI an Innovator Award for its rapid development of a national health system system. The IT team now tasked with maintaining and updating the system, is also impressed with the Gateways capabilities: Being able to update the system by revising policies on the Gateway streamlines the maintenance process for us. Theres no need to update, test and re deploy application code across the wide range of registered re-deploy healthcare provider systems when requiremen change. equirements

Copyright 2011 Layer 7 Technologies Inc. All rights reserved. SecureSpan and the Layer 7 Technologies design mark are trademarks of Layer 7 Technologies Inc. All other trademarks and copyrights are the property of their respective owners.