Upload
truongtruc
View
214
Download
1
Embed Size (px)
Citation preview
July 25, 2012
Federally‐Facilitated Exchange (FFE) and Data Services Hub (Hub) Overview
Federally‐Facilitated Exchange (FFE) and Data Services Hub (Hub) Overview
AgendaAgenda
• Background• Technical Overview• Project Management Overview
2
BackgroundBackground
• Patient Protection and Affordable Care Act of 2010 (PPACA or ACA)– Health Care and Education Reconciliation Act of 2010
• Health Insurance Exchange (HIX)– Federally Facilitated Exchange (FFE)– State Based Exchange (SBE)
• Data Services Hub (Hub)– Connectors to Federal partner agencies, states, issuers
3
Technical Overview
4
FFE Concept DiagramFFE Concept Diagram
5
Hub Concept DiagramHub Concept Diagram
6
Data Service Hub
Exchange 1
Exchange 2
Exchange 3
FTP
Web Service
Messag
e
Agency 1
Agency 2
Agency 3
FTP
Message
Web Service
XML/ EDI/ CSV
Conceptual ArchitectureConceptual Architecture
7
Technical ArchitectureTechnical Architecture
88
Shared Platforms‐Access Management‐Portal‐JBOSS Stack‐Business Services‐Data Services‐ETL‐EIDM (& RIDP)‐MDM‐Database (Marklogic)‐Continuous Delivery
Unique Platforms‐EDI Translator ‐Data Warehouse‐BI Backend
Service Life CycleService Life Cycle
Hub ServicesHub Services
Service(s) Data SourceVerify SSN, Citizenship, Incarceration, SSA Income, Quarterly Coverage, Death SSA
Verify Lawful Presence DHS
Calculate Max Advanced Premium Tax Credit IRS
Annual Household Income IRS
Verify Non‐ESI Mimimum Essential Coverage (MEC)
Medicaid/CHIP, Medicare, Tricare, VHA, PeaceCorp, OPM, Indian Health Services
Verify ESI MEC <TBD>Verify Residency <TBD>Verify Current Income <TBD>Remote Identity Proofing Experian
HUB Messaging ArchitectureHUB Messaging Architecture
Web Services Security Standards: Notional Reference ModelWeb Services Security Standards: Notional Reference Model
Access Control
Network Layer Security IPSec
Transport Layer Security SSL/TLS
XML Security XML Encryption XML Signature
SOAP Foundation
Message Security
WS-Security
WS-SecureConversation
Reliable Messaging
WS-Reliability
WS-ReliableMessaging
Policy
XACML
WS-Policy
SAML
Security Management
XKMS
WS-Trust Identity Management
Liberty Alliance WS-Federation
SAML
• Use the reference model to recognize the different functional layers of typical web service implementation
• Use the model as a guide for selecting the implementation strategy for securing the web services exchange at DSH
Security Schemes for ServicesSecurity Schemes for Services
• Transport Layer Security using X.509 Certificates and HTTPS: Provides brokered authentication using X.509 certificates on the transport layer and used to secure point‐to‐point communication. Messages do not require intermediaries to process them and they are not securely persisted for any period of time, i.e. securing the messages on the wire not at rest.
• Message Layer Security: Represents an approach where all the information related to security is encapsulated in the message. Parts of the message or the entire message can be encrypted.
Project ManagementOverview
14
HUB Development to DateHUB Development to Date
• Verify SSN, Citizenship, & Incarceration Status (SSA)• Verify Annual Household Income and Family Size Business Service
Definition (IRS)• Verify Lawful Presence (DHS)• Verify Current Household Income (TBD)• Advance Payment Calculations (HUB)• Verify Non‐ESI for Other Public Minimum Essential Coverage (MEC)
– Individuals & (Multiple) Household– Used to check MEC with Medicaid, CHIP, BHP, Medicare, TRICARE,
Veterans Health Program (VHP), or Peace Corps• Account Transfer from Exchanges to Medicaid/CHIP or from
Medicaid/CHIP to Exchanges• Eligibility Information store from Exchanges (e.g., FFE and SBEs,
Medicaid/CHIP TBD) to the CMS common data storage
HIX‐DSH Services Current StateHIX‐DSH Services Current State
• The Services are deployed on the ESB• The Service end points are published via EWS (Enterprise Web Server) of JBoss SOA stack
• The current end points are accessed via SOAP over HTTP
• Run time enforcement of governance policies like security, compliance, reliability, transport and protocol mediation etc still in progress
FFE and DSH Release Artifacts SummaryFFE and DSH Release Artifacts Summary
Artifacts:• Service Notes• Release Overview• Release/Sprint Plan• Release Notes• BSDs• Data Models• WSDL's & XSD's• RTM• SDD• Test Scenarios• Test Cases
• Test Summary• Defect Reports• SoapUI Projects• ICDs• Source Code• Blue Prints• High Level Arch.• User Guides• Business Rules Spec.• UI Spec
*Note: Artifacts are broken out by Internal and External Stakeholders need, responsible parties and artifacts development schedule during release.
FFE and DSH Artifacts for Medicaid/CHIPFFE and DSH Artifacts for Medicaid/CHIP
Artifacts:• Service Notes (HUB & FFE)• Release Overview (HUB & FFE)• Release Notes (FFE)• BSDs (HUB)• Data Models (FFE)• WSDL's & XSD's (HUB & FFE)• ICDs (HUB)• Test Scenarios (HUB)• Test Data (HUB)• Business Rules (FFE)
Tools:• Service Repository, zONE• CALT, zONE• CALT, zONE• BSDs (HUB)• CALT• Service Repository• CALT• CALT• CALT• CALT, zONE
Distribution Schedule• Start of Sprint: BSDs• Sprint (End): Service Notes, Data Models, WSDL/XSD, Test Scenario/Data• End of Release: Release Overview, Notes, ICDs, Business Rules
HUB BSD OverviewHUB BSD Overview
Sample HUB BSD Process Flow Diagram Sample HUB BSD Process Flow Diagram
Sample HUB BSD XML SchemaSample HUB BSD XML Schema
Milestones (ACA Go‐Live Dates)Milestones (ACA Go‐Live Dates)
Essential Health Benefits Benchmark (August 2012)RQA for QHP Application (November 2012)Plan Evaluation and Certification (Jan 2013)Rate and Benefit Evaluation (Feb 2013)Educational Consumer Portal (Jan 1, 2013)Edge Servers Operation (July 1, 2013)FFE Call Center Operations (July 1, 2013)Consumer Portal (October 1, 2013)
Appendix – Supporting MaterialsAppendix – Supporting Materials
24
• Release planning meeting (1 month prior to start of release)• Monthly sprints (development and system testing)• Quarterly releases (Alpha and Beta testing periods)
• Internal Validation • External and Partner Validation (states, issuers, Federal
agencies)
Sprint Life Cycle / Agile DevelopmentSprint Life Cycle / Agile Development
25
CMS EnvironmentsCMS Environments
Terremark Region: PRODUCTION/DR
Terremark Region: IMPLEMENTATION
Terremark Region: TEST
Terremark Region: DEVELOPMENT Development Environment
• supports sprint builds and testing• support defect fixes across releases• business owner demonstration
Partner Validation Environment•supports partner testing•User Acceptance Test• Code migrated for quarterly releases
Pre‐Production Environment• supports security and load testing• Pre‐Production• Code staged for production
Production/DR Environment• supports production/DR operations• Production• full code migrated after ORR
Quarterly promotion for:beta, GA
Quarterly promotion for:beta, GA
Release N
Release N/N+1
Release N+1
Internal Validation Environment• supports post sprint testing and defect fixing• Integration Test• Code migrated after monthly sprint
Release N/N+1/N+2
Release N+2
External Validation Environment• supports independent validation testing• User Acceptance Test• Code migrated for quarterly release
ReleaseN+1
Key:• N – Release in production• N+1 – Release completed and in some level of testing or pre‐prod
• N+2 – Release in development with sprints being developed
Continuous Integration Continuous Build
• central CM repository• code and other artifacts
Testing StrategyTesting Strategy
Testing strategy through stages and stakeholders: Development – Internal Validation (CMS) – Partner/External Validation (states, agencies,
issuers) – Implementation – Production