Upload
databaseguys
View
292
Download
3
Tags:
Embed Size (px)
Citation preview
Technical Pre-Production Review
August 7, 2002
Laura Klepper, Jeff Byrd, Ellen YanJohniene Doran, Mark Gardner, David Brewer, Roger
Adamson
SAMPLEModified to Remove Confidential Data
CONFIDENTIAL
AgendaAgenda
Project Overview Team Leadership Operational Deployment Diagram – Phase I Operational Deployment Diagram – Future Development Server Deployment Production Server Deployment Portal Administration Security
Page 2
CONFIDENTIAL
Project OverviewProject Overview
E-3 Initiative Electronic data collection (medical histories, etc.) Reduced phone calls to Patient Representatives
Internet-based communication with patients Phase I – “View Only” Access to Accounts and
Appointments Phase II – Online Bill Pay Phase III – Online Access to Clinical Information
Security Online Banking Model Onsite Account Signup Password Mailed to Patient’s Home
Page 3
CONFIDENTIAL
Team LeadershipTeam Leadership Technical
Jeff Byrd, Senior Web Developer Ellen Yan, Web Developer Johniene Doran/CL McKinney/Joan Fleming, Data Access Mark Gardner, Password Distribution (ExpressBill) David Brewer, Oracle Database Administration Roger Adamson, Weblogic Server Administration Jason Coles, Graphic Design
Project Support Jeanine Garner/Jennifer Ridings, QA Leads Laura Klepper, Project Lead
Project Team Racy Peters, VMG Administration Lisa Huff/Jerry Batte, Billing Information Brenda Yutzy, Appointments Nancy Doyle, Account Setup
Page 4
CONFIDENTIAL
Operational Deployment DiagramOperational Deployment DiagramPhase IPhase I
Page 5
CONFIDENTIALPage 6
Operational Deployment Operational Deployment DiagramDiagram
Phase IIPhase II
CONFIDENTIAL
MyHealthAtVanderbilt System Architecture (Development Server)
Development Server
IBM DB2Driver
Dev01DB2
Oracle 8.1.7(w/ advanced security options)
Portal security realm Medical Record NumberPatient Password
Business Data
Patient account info
Appointment Info
Weblogic JDriver
Patientportal enterprise application is deployed in the development server in exploded directory. It has:
•\useradmin : MyHealthAtVanderbilt Account Administration web application (localhost:xxxx/useradmin
•\patientportal : MyHealthAtVanderbilt web application. (localhost:xxxx/patientportal)
•XXXXXXXXX_XXXXXXX.XXX: patient Info EJB
•\Datasync: Master Data Repository for webflow information(http://localhost:xxxx/xxxxxxxx/xxxxxhtml)
•\tools: Portal Administration web application (localhost:xxxx/xxxxxx/xxxxxxjsp)
•Xxxxxxx.war: Server status testing for Help Desk
•Other Out-of-box Portal Tools and EJBs
RACF server
Validates RACF ID
HOST: XXX.XXX.XXX.XXX
HTTP port: XXXX
HTTPS: XXXX
Page 7
CONFIDENTIAL
MyHealthAtVanderbilt System Deployment
(Production Server)
Production Server
HOST: http://www.MyHealthAtVanderbilt.com
HTTP port: xx
HTTPS: xxx
IBM DB2Driver
System-X(ADM04P)DB2
Business Data
Patient account info
Appointment Info
Weblogic JDriver
Patientportal enterprise application is deployed in the production server in patientportal.ear file. It includes:
• xxxxxxxx.war: MyHealth Account Administration web app
• xxxxxxxxxxx.war: MyHealth web application
• XXXXXXX_xxxxx.jar : patient Info EJB
• xxxxxxxxx.war: Master Data Repository for webflow information
• xxxxxx.war: Portal Administration Tool
• xxxxxxxxxxxxxx.war: Server status testing for Help Desk.
• Other Out-of-box Portal Tools and EJBs
RACF server
Validates RACF ID
Oracle 8.1.7(w/ advanced security options)
Portal security realm Medical Record NumberPatient Password
Page 8
CONFIDENTIAL
MyHealthAtVanderbilt Administration(http://xxxxxxxxxxxxxxx.jsp)
Portal System Administrator
DelegatedAdministrator
assignsPatientAccountAdministrators
assigns
Useradmin
login
FullAccessUser Group
manage patient accounts
LimitedAccessUser Group
MyHealthAtVanderbilt
Full access patient login
Limited access patient login
Guest
Guest or patient who forgot password
Page 9
CONFIDENTIAL
Password DistributionPassword DistributionTechnical ViewTechnical View
Page 10
Web AppGenerates Password
OracleDatabase
Password Stored(Encrypted)
Chron JobPulls Data,
Marks recordGenerates Flat File
MR#Date
Password(Unencrypted)
Epic (Bert)Adds DemographicsGenerates Flat File
DatePassword (Unencrypted)
Name (Last, First, MI)Address
CityStateZip
MainframeSends File
on Dedicated LineTo ExpressBill
Express BillPrints and DistributesPassword Letter
File Deleted after 30 Days
CONFIDENTIAL
SecuritySecurityTechnical RequirementsTechnical Requirements
HTTPS Between Client and Server (Bidirectional) Password – One-Way Ecryption Account Administration
Four Levels of Access: Web Administration Account Administration Patient – Full Access Patient – Limited Access
Authentication of Portal Users Managed by Web Portal Patient Data Access by Medical Record Number
Transaction Audit - Usage Logs written by application Add periodic job to archive logs
Page 11
CONFIDENTIAL
SecuritySecurityProcess Requirements – Password DistributionProcess Requirements – Password Distribution
#1-Patient Signs In at Clinic
#2-Receptionist provides Invitation Sheetfor Patient to Read while Waiting
#3-Patient Requests Portal AccountAnytime During Visit(Not part of Checkin)
#4-Receptionist (or PSC) uses MR#to set up Username and Request Password
#6-Password Request Processed
#7-Password Mailed to Patient'sHome Address
#8-Patient Logs In with Usernameand Password and resets Password
#5-Patient Receives Instruction Sheetwith Unique Username
Activities During Clinic Visit Post Visit Activities
Page 12
CONFIDENTIAL
SecuritySecurityProcess Requirements – Password DistributionProcess Requirements – Password Distribution
Page 13
#3 - Central Appointments Repsets up Account and
sends email to Employee with instructionsand Username confirmation
(same information on form handed topatient in clinic)
#6-Password Request Processedby ExpressBill
#7-Password Mailed to Employee'sHome Address
#8-Employee Logs In with Usernameand Password and resets Password
#4-Employee Receives Emailfrom Super Reps
with Username and Website Address
#1-Employee selects Username andPersonally Requests aMyHealth Account from
RACF Security Administrator
#2-RACF AdministratorVerifies Identity of Employee
and sends MyHealth Account Requestto Central Appointments
via internal emailwith Employee Name and Username
#5-Web Account Administration Systemgenerates request for
Password
PROPOSED VUMC EMPLOYEE ACCOUNT SETUP OPTIONMR# and RACF Security Administrator Approval Required
CONFIDENTIAL
Worth MentioningWorth Mentioning
DB2 Tables Test Environment Production Issue with Appointments
Production Support Patient Representatives Help Desk
Development Backup Metrics Report Code Audit
Page 14
CONFIDENTIAL
Next StepsNext Steps
Completion of Database Test Environment Move to New Production Server Upgrade to BEA Web Portal 7.0 Proposed Scope for Phase II
Online Bill Pay Appointment Request Medical History/Surgical Intake Forms Prescription Request Electronic Medical Chart Access Personal Behavior Tracking Enhancements to Phase I
Page 15