Your SlideShare is downloading. ×
Stop dreaming about fluid data
interoperability and start focusing on
actionable enterprise systems integration
By Shahid ...
www.netspective.com 2
This and many of my other presentations are available at
www.SpeakerDeck.com/shah
@ShahidNShah
shahi...
NETSPECTIVE
www.netspective.com 3
Who is Shahid?
• 20+ years of software engineering and multi-
discipline complex IT impl...
NETSPECTIVE
www.netspective.com 4
What’s this talk about?
Background
• Many enterprise apps are being built
these days, mo...
NETSPECTIVE
www.netspective.com 5
Application focus is biggest mistake
Application-focused IT instead of Data-focused IT i...
NETSPECTIVE
www.netspective.com 6
NCI
App
NEI
App NHLBI
App
Healthcare Provider Systems
Clinical
Apps
Patient
Apps
Billing...
www.netspective.com 7
Why do health IT systems
integrate poorly?
www.netspective.com 8
Because customers don’t know how
to effectively punish vendors that
don’t integrate well.
But, that’...
www.netspective.com 9
Because apps developers don’t have
a systems engineering culture where
we think of data integration ...
www.netspective.com 10
Because we want to wait for others
to create a new standard or magical
API that makes integration
p...
NETSPECTIVE
www.netspective.com 11
The tactical issues
• We don't support shared
identities, single sign on (SSO),
and ind...
So what do we do?
And now…
www.netspective.com 13
Unused data never gets better.
Fix broken windows.
Iterate your way to better
data by forcing its u...
NETSPECTIVE
www.netspective.com 14
Legacy integration
Application A
Data
Functionality
Presentation
Feature Y
Feature X
Ap...
NETSPECTIVE
www.netspective.com 15
Services
Modern integration
Application A
Data
Functionality
Presentation
Feature Y
Fea...
www.netspective.com 16
Create a formal Enterprise
Integration Group (EIG)
Even get a cool logo and team mascot.
www.netspective.com 17
Start cataloging and
formalizing use of enterprise
integration patterns.
You’re not the first (or s...
www.netspective.com 18
Learn about ESB, ETL, and BPM –
grab open source or commercial
implementations and build around
the...
www.netspective.com 19
Create a technical profile
questionnaire and
checklist
Don’t hand code things.
www.netspective.com 20
Lets see what all of this
looks like in practice.
You can do this in less than 40 man-hours of work.
NETSPECTIVE
www.netspective.com 21
Start with read-centric integration, move to enrichment later
Where users spend time Wh...
NETSPECTIVE
www.netspective.com 22
Stop and think about workflows
Sexy but wrong: Device-centric closed systems Dull but r...
NETSPECTIVE
www.netspective.com 23
Promote “Outside-in” architecture
Think about clinical and
hospital operations and
proc...
NETSPECTIVE
www.netspective.com 24
Promote “Outside-in” architecture
Patients
and
Referral
Partners
Clinical
Personnel
Adm...
NETSPECTIVE
www.netspective.com 25
Proprietary identity is hurting us
• Most health IT systems create their own
custom ide...
NETSPECTIVE
www.netspective.com 26
Dogma is preventing integration
Many think that we shouldn’t integrate
until structured...
NETSPECTIVE
www.netspective.com 27
Old way to architect:
“What data can you send me?” (push)
The "push" model, where the s...
NETSPECTIVE
www.netspective.com 28
HL7 and X.12 aren’t the only formats
The general assumption is that
formats like HL7, C...
NETSPECTIVE
www.netspective.com 29
Legacy systems trap valuable data
In many existing contracts, the
vendors of systems th...
NETSPECTIVE
www.netspective.com 30
Proprietary data formats limit findability
• Legacy applications only present
through t...
NETSPECTIVE
www.netspective.com 31
Healthcare fears open source
• Only the government spends more per
user on antiquated s...
Thank You
Visit
http://www.netspective.com
http://www.healthcareguy.com
E-mail shahid.shah@netspective.com
Follow @ShahidN...
Upcoming SlideShare
Loading in...5
×

HxRefactored: Stop dreaming about fluid data interoperability and start focusing on actionable enterprise systems integration

177

Published on

This was presented at Health 2.0's HxRefactored 2014 Conference in Brooklyn.

Background:
* Many enterprise apps are being built these days, but most are designed to work as a stand alone system similar to consumer apps
* Healthcare-specific software engineering and integration tools are going to do more harm than good (industry-neutral is better).

Key Takeaways:
* Any enterprise app which acts like a consumer app that doesn’t integrate well into hospital or ambulatory systems and workflows is doomed
* There’s nothing unique about health IT data that justifies complex, expensive, or special technology.
* There’s a lot unique about healthcare workflows that require common technologies to be adapted properly.

Published in: Technology, Business
1 Comment
1 Like
Statistics
Notes
No Downloads
Views
Total Views
177
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
1
Likes
1
Embeds 0
No embeds

No notes for slide
  • Examples will be provided during talk
  • Transcript of "HxRefactored: Stop dreaming about fluid data interoperability and start focusing on actionable enterprise systems integration"

    1. 1. Stop dreaming about fluid data interoperability and start focusing on actionable enterprise systems integration By Shahid N. Shah
    2. 2. www.netspective.com 2 This and many of my other presentations are available at www.SpeakerDeck.com/shah @ShahidNShah shahid@shah.org www.ShahidShah.com
    3. 3. NETSPECTIVE www.netspective.com 3 Who is Shahid? • 20+ years of software engineering and multi- discipline complex IT implementations (Gov., defense, health, finance, insurance) • 12+ years of healthcare IT and medical devices experience (blog at http://healthcareguy.com) • 15+ years of technology management experience (government, non-profit, commercial) • 10+ years as architect, engineer, and implementation manager on various EMR and EHR initiatives (commercial and non- profit) Author of Chapter 13, “You’re the CIO of your Own Office”
    4. 4. NETSPECTIVE www.netspective.com 4 What’s this talk about? Background • Many enterprise apps are being built these days, most are designed to work as a stand alone system similar to consumer apps • Healthcare-specific software engineering and integration tools are going to do more harm than good (industry-neutral is better). Key takeaways • Any enterprise app which acts like a consumer app that doesn’t integrate well into hospital or ambulatory systems and workflows is doomed • There’s nothing unique about health IT data that justifies complex, expensive, or special technology. • There’s a lot unique about healthcare workflows that require common technologies to be adapted properly.
    5. 5. NETSPECTIVE www.netspective.com 5 Application focus is biggest mistake Application-focused IT instead of Data-focused IT is causing business problems. Healthcare Provider Systems Clinical Apps Patient Apps Billing Apps Lab Apps Other Apps Partner Systems Silos of information exist across groups (duplication, little sharing) Poor data integration across application bases
    6. 6. NETSPECTIVE www.netspective.com 6 NCI App NEI App NHLBI App Healthcare Provider Systems Clinical Apps Patient Apps Billing Apps Lab Apps Other Apps Master Data Management, Entity Resolution, and Data Integration Partner Systems Improved integration by services that can communicate between applications The Strategy: Modernize Integration Need to get existing applications to share data through modern integration techniques
    7. 7. www.netspective.com 7 Why do health IT systems integrate poorly?
    8. 8. www.netspective.com 8 Because customers don’t know how to effectively punish vendors that don’t integrate well. But, that’s changing. Slowly.
    9. 9. www.netspective.com 9 Because apps developers don’t have a systems engineering culture where we think of data integration as a discipline our customers will buy. But, that’s changing. Slowly.
    10. 10. www.netspective.com 10 Because we want to wait for others to create a new standard or magical API that makes integration problems disappear. But, that’s changing. Slowly.
    11. 11. NETSPECTIVE www.netspective.com 11 The tactical issues • We don't support shared identities, single sign on (SSO), and industry-neutral authentication and authorization • We're too focused on "structured data integration" instead of "practical app integration" in our early project phases • We focus more on "pushing" versus "pulling" data than is warranted early in projects • We have “Inside out” architecture, not “Outside in” • We're too focused on heavyweight industry-specific formats instead of lightweight or micro formats • Data emitted is not tagged using semantic markup, so it's not securable or searchable by default • When health IT systems produce HTML, CSS, JavaScript, JSON, and other common outputs, it's not done in a security- and integration-friendly manner
    12. 12. So what do we do? And now…
    13. 13. www.netspective.com 13 Unused data never gets better. Fix broken windows. Iterate your way to better data by forcing its use.
    14. 14. NETSPECTIVE www.netspective.com 14 Legacy integration Application A Data Functionality Presentation Feature Y Feature X Application B Data Functionality Presentation Feature Y Feature X Feature Z Copy features and enhance (everything is separate) Application A Data Functionality Presentation Feature Z Feature X Application B Data Functionality Presentation Feature Y Feature X Feature Z Connect directly to existing data, but copy features and enhance
    15. 15. NETSPECTIVE www.netspective.com 15 Services Modern integration Application A Data Functionality Presentation Feature Y Feature X Application B Data Functionality Presentation Feature Y Feature X Feature Z Create API between applications, integrate data, create new data Application A Data Functionality Presentation Feature Z Feature X Application B Data Functionality Presentation Feature Y Feature X Feature Z Create common services and have all applications use them REST SOAP, RMI SOA ETL WOA APIs
    16. 16. www.netspective.com 16 Create a formal Enterprise Integration Group (EIG) Even get a cool logo and team mascot.
    17. 17. www.netspective.com 17 Start cataloging and formalizing use of enterprise integration patterns. You’re not the first (or second) to see these problems.
    18. 18. www.netspective.com 18 Learn about ESB, ETL, and BPM – grab open source or commercial implementations and build around them. Don’t hand code things.
    19. 19. www.netspective.com 19 Create a technical profile questionnaire and checklist Don’t hand code things.
    20. 20. www.netspective.com 20 Lets see what all of this looks like in practice. You can do this in less than 40 man-hours of work.
    21. 21. NETSPECTIVE www.netspective.com 21 Start with read-centric integration, move to enrichment later Where users spend time What they’re missing
    22. 22. NETSPECTIVE www.netspective.com 22 Stop and think about workflows Sexy but wrong: Device-centric closed systems Dull but right: Workflow-centric open solutions
    23. 23. NETSPECTIVE www.netspective.com 23 Promote “Outside-in” architecture Think about clinical and hospital operations and processes as a collection of business capabilities or services that can be delivered across organizations.
    24. 24. NETSPECTIVE www.netspective.com 24 Promote “Outside-in” architecture Patients and Referral Partners Clinical Personnel Admin Personnel IT Personnel Unsophisticated and less agile focus Sophisticated and more agile focus Inside-out focus Outside-in focus
    25. 25. NETSPECTIVE www.netspective.com 25 Proprietary identity is hurting us • Most health IT systems create their own custom identity, credentialing, and access management (ICAM) in an opaque part of a proprietary database. • We’re waiting for solutions from health IT vendors but free or commercial industry- neutral solutions are much better and future proof. Identity exchange is possible • Follow National Strategy for Trusted Identities in Cyberspace (NSTIC) • Use open identity exchange protocols such as SAML, OpenID, and Oauth • Use open roles and permissions-management protocols, such as XACML • Consider open source tools such as OpenAM, Apache Directory, OpenLDAP, Shibboleth, or commercial vendors. • Externalize attribute-based access control (ABAC) and role-based access control (RBAC) from clinical systems into enterprise systems like Active Directory or LDAP. Implement industry-neutral ICAM Implement shared identities, single sign on (SSO), neutral authentication and authorization
    26. 26. NETSPECTIVE www.netspective.com 26 Dogma is preventing integration Many think that we shouldn’t integrate until structured data at detailed machine- computable levels is available. The thinking is that because mistakes can be made with semi-structured or hard to map data, we should rely on paper, make users live with missing data, or just make educated guesses instead. App-centric sharing is possible Instead of waiting for HL7 or other structured data about patients, we can use simple techniques like HTML widgets to share "snippets" of our apps. • Allow applications immediate access to portions of data they don't already manage. • Widgets are portions of apps that can be embedded or "mashed up" in other apps without tight coupling. • Blue Button has demonstrated the power of app integration versus structured data integration. It provides immediate benefit to users while the data geeks figure out what they need for analytics, computations, etc. App-focused integration is better than nothing Structured data dogma gets in the way of faster decision support real solutions
    27. 27. NETSPECTIVE www.netspective.com 27 Old way to architect: “What data can you send me?” (push) The "push" model, where the system that contains the data is responsible for sending the data to all those that are interested (or to some central provider, such as a health information exchange or HL7 router) shouldn’t be the only model used for data integration. Better way to architect: “What data can I publish safely?” (pull) • Implement syndicated Atom-like feeds (which could contain HL7 or other formats). • Data holders should allow secure authenticated subscriptions to their data and not worry about direct coupling with other apps. • Consider the Open Data Protocol (oData). • Enable auditing of protected health information by logging data transfers through use of syslog and other reliable methods. • Enable proper access control rules expressed in standards like XACML. Pushing data is more expensive than pulling it We focus more on "pushing" versus "pulling" data than is warranted early in projects
    28. 28. NETSPECTIVE www.netspective.com 28 HL7 and X.12 aren’t the only formats The general assumption is that formats like HL7, CCD, and X.12 are the only ways to do data integration in healthcare but of course that’s not quite true. Consider industry-neutral protocols • Consider identity exchange protocols like SAML for integration of user profile data and even for exchange of patient demographics and related profile information. • Consider iCalendar/ICS publishing and subscribing for schedule data. • Consider microformats like FOAF and similar formats from schema.org. • Consider semantic data formats like RDF, RDFa, and related family. Industry-specific formats aren’t always necessary Reliance on heavyweight industry-specific formats instead of lightweight micro formats is bad
    29. 29. NETSPECTIVE www.netspective.com 29 Legacy systems trap valuable data In many existing contracts, the vendors of systems that house the data also ‘own’ the data and it can’t be easily liberated because the vendors of the systems actively prevent it from being shared or are just too busy to liberate the data. Semantic markup and tagging is easy • One easy way to create semantically meaningful and easier to share and secure patient data is to have all HTML tags be generated with companion RDFa or HTML5 Data Attributes using industry-neutral schemas and microformats similar to the ones defined at Schema.org. • Google's recent implementation of its Knowledge Graph is a great example of the utility of this semantic mapping approach. Tag all app data using semantic markup When data is not tagged using semantic markup, it's not securable or shareable by default
    30. 30. NETSPECTIVE www.netspective.com 30 Proprietary data formats limit findability • Legacy applications only present through text or windowed interfaces that can be “scraped”. • Web-based applications present HTML, JavaScript, images, and other assets but aren’t search engine friendly. Search engines are great integrators • Most users need access to information trapped in existing applications but sometimes they don’t need must more than access that a search engine could easily provide. • Assume that all pages in an application, especial web applications, will be “ingested” by a securable, protectable, search engine that can act as the first method of integration. Produce data in search-friendly manner Produce HTML, JavaScript and other data in a security- and integration-friendly approach
    31. 31. NETSPECTIVE www.netspective.com 31 Healthcare fears open source • Only the government spends more per user on antiquated software than we do in healthcare. • There is a general fear that open source means unsupported software or lower quality solutions or unwanted security breaches. Open source can save health IT • Other industries save billions by using open source. • Commercial vendors give better pricing, service, and support when they know they are competing with open source. • Open source is sometimes more secure, higher quality, and better supported than commercial equivalents. • Don’t dismiss open source, consider it the default choice and select commercial alternatives when they are known to be better. Rely first on open source, then proprietary “Free” is not as important as open source, you should pay for software but require openness
    32. 32. Thank You Visit http://www.netspective.com http://www.healthcareguy.com E-mail shahid.shah@netspective.com Follow @ShahidNShah Call 202-713-5409

    ×