Upload
others
View
0
Download
0
Embed Size (px)
Citation preview
The MDPHnet Distributed Querying
Approach for Public Health
1
Jeffrey Brown, PhD
Micheal Klompas, MD, MPH
MDPHnet Research Team
October 18, 2012
Approach to Distributed Querying
2
• Data partners maintain control and analyze their data
• Standardize the data using a common data model
• Data partners’ ongoing involvement is needed to
interpret findings
• Little or no exchange of person-level data is needed
Distributed Querying Distributed Querying Guiding PrinciplesGuiding Principles
• Little or no exchange of person-level data is needed
• Secondary use can’t interfere with primary use
• Few data elements are needed to answer most
questions
• Distribute code to partners for local execution
• Provide results, not data, to requestor
3
PopMedNet Architecture Overview
Internet
Web Services
Document IRB ModelWorkflow
ProjectOrganization User DataMart
Business Objects
Security
Manager
Roles
Manager
Rights
Manager
Access Control
Network Portal
Presentation Layer
Content
Manager
Security
Manager
Search
Manager
Network
Public AdminDataMart Application
Business Objects
Web Services
Connection
Manager
Security
Manager
Results
Manager
Request
Manager
Presentation Layer
DataMart Administrator
Data Manager
Data Partner
DataMart
Administrator
Network
Administrators
Researchers
Archive Data Vault
Repository
Database
Document
Manager
IRB
Manager
Model
Manager
Workflow
Manager
Archive
Manager
Search
Manager
Audit
Manager
Request
ManagerSchema
Results
ManagerMeta Data
Data Source
Data
AccessPortal
Database
Models
Data Manager
Data Source
ManagerData Source
Database
Data Partner Host
Data Source
Common
Data Model
EMR
Database
Internet
PopMedNet Architecture – Deployment Overview
HTTPS, TLS
System
Administrator
(Two Factor
AuthN)
Fir
ew
allInternet
FISMA Compliant Data Center
Ne
two
rk
Se
curi
ty (
IDS
/IP
S, V
PN
/RS
A)
DataMart Management
(Metadata,
Authorization)
User and DataMart
Provisioning
And Administration
Workflow
Job
Scheduling
Request/
Response
Mgr
We
b S
erv
ers
/ R
ev
ers
e P
roxi
es/
Loa
d
Ba
lan
cers
Fir
ew
all
HTTPS, Mutual TLS
Fir
ew
all
Data Partner Organization
Data Mart
Client
Data
Source
(Common
Data
REST
Internet
Data Administrators
& Reviewers
(Two Factor AuthN)HTTPS, TLS
DMZ Internal
5
Investigator
Enhanced
Investigator
Observer
Ne
two
rk
Se
curi
ty (
IDS
/IP
S, V
PN
/RS
A)
PopMedNet Portal
User Account
Management
(Groups/Roles/User
Accounts)
User
Interface
We
b S
erv
ers
/ R
ev
ers
e P
roxi
es/
Loa
d
Ba
lan
cers
DMZ Non DMZ (Internal Components)
Data
Model)
DataWarehouse /
Repositories
Optional
Audit
ETL
Optional Site to
Site VPN
• PMN Software – Supports multiple deployment models
• Agnostic to data center infrastructure and complements existing network infrastructure
• VM based deployments enabling ease of disaster recovery and planning
• Seamless overlay of VPN Connections (Remote Access, Site to Site, Two Factor User Authentication)
• Supports consolidation of remote sites into the data center for central management (Data Partner
Components can be hosted in a central data center similar to the PMN Portal)
• Secure End to End connection (Encrypted Transport using X.509 certificates)
• Supports industry standard RBAC configuration for users
• Supports Data Source provisioning based on RBAC and additional data source specific metadata
• Data Partners execute queries using PULL model instead of PUSH model
PopMedNet Design FeaturesPopMedNet Design Features
• Any data model from any source
• Flexible and secure distributed querying options
– Execution of custom analytic code
– Menu-driven queries
• Role-based access control
• Data partner autonomy• Data partner autonomy
• Query execution options from fully automated to
manual
• Auditing
• Software-enabled governance
6
Security FeaturesSecurity Features
• FISMA compliant tier III data center
• 3rd-party secure audit completed
– Enhanced system procedures
• Securely store credentials as Salted Hashes
• No maximum password length, require expiration, enforce history
• Use cryptographically secure random values for session IDs (.Net Type 4 GUID)
• Cookies marked as ‘SECURE’, ‘SESSION’ & ‘HTTPONLY’ and the cookie domain
– Transmission
7
– Transmission
• Require/force Secure Socket layer (SSL) for all communications
• Enable strongest cipher suites and Transport Layer Security (TLS) versions
– Web Service and Portal Authorization
• Ensure all submissions are performed via POST method
• Do not publish WSDL
• Limit the number and size of file submissions
• Passed multiple independent security audits and penetration tests
PopMedNet Website
8
www.popmednet.org
Existing Networks
9
• SPAN: Scalable PArtnering Network for CER (AHRQ)
• PEAL: Population-Based Effectiveness in Asthma and Lung Diseases Network (AHRQ)
• Mini-Sentinel (FDA)
PopMedNet Networks
•
• HMO Research Network (HMORN)
• MDPHNet (ONC): MA Department of Public Health
• Several ONC QueryHealth Pilots
10
Implementing MDPHNet
11
MDPHnetMDPHnet OverviewOverview
• Funded by ONC and coordinated by MA eHealth
Collaborative (MeHI)
• Distributed public health surveillance query
capability for Massachusetts DPH– Menu-driven query capability
• Based on the ESP data model (esphealth.org) that is • Based on the ESP data model (esphealth.org) that is
used for other public health surveillance systems
• 2 large medical group practices represents ~1million
patients and hundreds of clinics– Mass League of Community Health Centers
– Atrius Health
• Go-live planned for November 2012
12
• MDPHnet Governance Rules Document developed and approved by all stakeholders
• Governance document describes:– Overview of network activities and types of participants
– Scope and use cases
– Current organizational structure
– Guiding principles
GovernanceGovernance
– Guiding principles
– Network implementation policies (e.g., Network roles, query types, expectations for member organizations, DataMart settings, security policies)
– Network usage
13
MDPHnet Phased Implementation
� Phase I� Menu driven ad-hoc querying � Request scheduler functionality
� Phase II� Diabetes and ILI report query types� Enhancements to menu-driven querying� Granular access control� Project Management functionality
14
MDPHnet Screenshots
15
Portal LoginPortal Login
PopMedNet Architecture – Deployment Overview
HTTPS, TLS
System
Administrator
(Two Factor
AuthN)
Fir
ew
allInternet
FISMA Compliant Data Center
Ne
two
rk
Se
curi
ty (
IDS
/IP
S, V
PN
/RS
A)
DataMart Management
(Metadata,
Authorization)
User and DataMart
Provisioning
And Administration
Workflow
Job
Scheduling
Request/
Response
Mgr
We
b S
erv
ers
/ R
ev
ers
e P
roxi
es/
Loa
d
Ba
lan
cers
Fir
ew
all
HTTPS, Mutual TLS
Fir
ew
all
Data Partner Organization
Data Mart
Client
Data
Source
(Common
Data
REST
Internet
Data Administrators
& Reviewers
(Two Factor AuthN)HTTPS, TLS
DMZ Internal
17
Investigator
Enhanced
Investigator
Observer
Ne
two
rk
Se
curi
ty (
IDS
/IP
S, V
PN
/RS
A)
PopMedNet Portal
User Account
Management
(Groups/Roles/User
Accounts)
User
Interface
We
b S
erv
ers
/ R
ev
ers
e P
roxi
es/
Loa
d
Ba
lan
cers
DMZ Non DMZ (Internal Components)
Data
Model)
DataWarehouse /
Repositories
Optional
Audit
ETL
Optional Site to
Site VPN
PMN DashboardPMN Dashboard
Select A Request ModelSelect A Request Model
Select A Request TypeSelect A Request Type
Multiple request types available:Multiple request types available:
�� MenuMenu--driven Querydriven Query
�� Several query typesSeveral query types
�� File DistributionFile Distribution
Set Request Parameters Via FormsSet Request Parameters Via Forms
Set Request Parameters Via WizardsSet Request Parameters Via Wizards
Set Request SchedulingSet Request Scheduling
PopMedNet Architecture – Deployment Overview
HTTPS, TLS
System
Administrator
(Two Factor
AuthN)
Fir
ew
allInternet
FISMA Compliant Data Center
Ne
two
rk
Se
curi
ty (
IDS
/IP
S, V
PN
/RS
A)
DataMart Management
(Metadata,
Authorization)
User and DataMart
Provisioning
And Administration
Workflow
Job
Scheduling
Request/
Response
Mgr
We
b S
erv
ers
/ R
ev
ers
e P
roxi
es/
Loa
d
Ba
lan
cers
Fir
ew
all
HTTPS, Mutual TLS
Fir
ew
all
Data Partner Organization
Data Mart
Client
Data
Source
(Common
Data
REST
Internet
Data Administrators
& Reviewers
(Two Factor AuthN)HTTPS, TLS
DMZ Internal
24
Investigator
Enhanced
Investigator
Observer
Ne
two
rk
Se
curi
ty (
IDS
/IP
S, V
PN
/RS
A)
PopMedNet Portal
User Account
Management
(Groups/Roles/User
Accounts)
User
Interface
We
b S
erv
ers
/ R
ev
ers
e P
roxi
es/
Loa
d
Ba
lan
cers
DMZ Non DMZ (Internal Components)
Data
Model)
DataWarehouse /
Repositories
Optional
Audit
ETL
Optional Site to
Site VPN
Select Data Providers to QuerySelect Data Providers to Query
PopMedNet Architecture – Deployment Overview
HTTPS, TLS
System
Administrator
(Two Factor
AuthN)
Fir
ew
allInternet
FISMA Compliant Data Center
Ne
two
rk
Se
curi
ty (
IDS
/IP
S, V
PN
/RS
A)
DataMart Management
(Metadata,
Authorization)
User and DataMart
Provisioning
And Administration
Workflow
Job
Scheduling
Request/
Response
Mgr
We
b S
erv
ers
/ R
ev
ers
e P
roxi
es/
Loa
d
Ba
lan
cers
Fir
ew
all
HTTPS, Mutual TLS
Fir
ew
all
Data Partner Organization
Data Mart
Client
Data
Source
(Common
Data
REST
Internet
Data Administrators
& Reviewers
(Two Factor AuthN)HTTPS, TLS
DMZ Internal
26
Investigator
Enhanced
Investigator
Observer
Ne
two
rk
Se
curi
ty (
IDS
/IP
S, V
PN
/RS
A)
PopMedNet Portal
User Account
Management
(Groups/Roles/User
Accounts)
User
Interface
We
b S
erv
ers
/ R
ev
ers
e P
roxi
es/
Loa
d
Ba
lan
cers
DMZ Non DMZ (Internal Components)
Data
Model)
DataWarehouse /
Repositories
Optional
Audit
ETL
Optional Site to
Site VPN
DataMart Administrator Processes RequestDataMart Administrator Processes Request
Administrative Workflow In BoxAdministrative Workflow In Box
DataMart Administrator Processes RequestDataMart Administrator Processes Request
Administrator Can Review Query Administrator Can Review Query
Input...Input...
DataMart Administrator Processes RequestDataMart Administrator Processes Request
...and output, and sends results back to ...and output, and sends results back to
the requestorthe requestor
PopMedNet Architecture – Deployment Overview
HTTPS, TLS
System
Administrator
(Two Factor
AuthN)
Fir
ew
allInternet
FISMA Compliant Data Center
Ne
two
rk
Se
curi
ty (
IDS
/IP
S, V
PN
/RS
A)
DataMart Management
(Metadata,
Authorization)
User and DataMart
Provisioning
And Administration
Workflow
Job
Scheduling
Request/
Response
Mgr
We
b S
erv
ers
/ R
ev
ers
e P
roxi
es/
Loa
d
Ba
lan
cers
Fir
ew
all
HTTPS, Mutual TLS
Fir
ew
all
Data Partner Organization
Data Mart
Client
Data
Source
(Common
Data
REST
Internet
Data Administrators
& Reviewers
(Two Factor AuthN)HTTPS, TLS
DMZ Internal
30
Investigator
Enhanced
Investigator
Observer
Ne
two
rk
Se
curi
ty (
IDS
/IP
S, V
PN
/RS
A)
PopMedNet Portal
User Account
Management
(Groups/Roles/User
Accounts)
User
Interface
We
b S
erv
ers
/ R
ev
ers
e P
roxi
es/
Loa
d
Ba
lan
cers
DMZ Non DMZ (Internal Components)
Data
Model)
DataWarehouse /
Repositories
Optional
Audit
ETL
Optional Site to
Site VPN
Results Upload to PortalResults Upload to Portal
Requester Views the ResultsRequester Views the Results
Or DownloadsOr Downloads
Thank YouThank You
• For more information:
– PopMedNet : popmednet.org
– ESP: esphealth.org
– Query Health: queryhealth.org
34
Engagement with National Initiatives
35
PopMedNet and National Standards
• PMN is a key component of the ONC’s
QueryHealth Initiative
• ONC national standard for distributed querying
– QueryHealth Initiative uses PMN as the distributed
querying platform for policy and governancequerying platform for policy and governance
• Standards & Interoperability (S&I) Framework:
http://wiki.siframework.org/Home
36
PopMedNet OverviewPopMedNet Overview
InvestigatorInvestigator
EnhancedEnhanced
InvestigatorInvestigator
ObserverObserver
Query ComposersQuery Composers
Model AdaptersModel Adapters
Data ProvidersData Providers
i2b22b2i2b22b2
MiniMini--SentinelSentinelMiniMini--SentinelSentinel
hQueryhQueryhQueryhQuery
Others…Others…Others…Others…
DataMartDataMart
AdministratorAdministrator
DataMartDataMart
AdministratorAdministrator
Portal
PopMedNetPopMedNetPopMedNetPopMedNet
ReviewReviewRequestRequest
Data ProviderData Provider
Data SourceData Source
DataMartDataMart
AdministratorAdministrator
DataMart
Model AdaptersModel Adapters
i2b22b2i2b22b2
MiniMini--SentinelSentinelMiniMini--SentinelSentinel
hQueryhQueryhQueryhQuery
Others…Others…Others…Others…
PopMedNetPopMedNetPopMedNetPopMedNet
Query ExecutersQuery Executers
ResponseResponse
ClinicalClinical
Data SourceData Source
PMN Implements HHS ONC Query HealthPMN Implements HHS ONC Query Health
Query ComposersQuery Composers
Model AdaptersModel Adapters
i2b22b2i2b22b2
MiniMini--SentinelSentinelMiniMini--SentinelSentinel
hQueryhQueryhQueryhQuery
Portal
PopMedNetPopMedNetPopMedNetPopMedNet
DataMart
Model AdaptersModel Adapters
i2b22b2i2b22b2
MiniMini--SentinelSentinelMiniMini--SentinelSentinel
hQueryhQueryhQueryhQuery
PopMedNetPopMedNetPopMedNetPopMedNet
Query ExecutersQuery Executers
HQMFHQMFHQMFHQMF RightsRightsRightsRights
RequestRequestRequestRequest
AgentAgent
ResponseResponseResponseResponse
AgentAgent
Others…Others…Others…Others…Others…Others…Others…Others…
PopMedNetPopMedNet
Policy Enablement Policy Enablement
LayerLayer
Query Composition Query Composition
LayerLayer
TranslationTranslation ManagementManagement
QueryQueryQueryQuery
EnvelopeEnvelope
RESTfulRESTfulRESTfulRESTful
InterfaceInterface
QRDAQRDAQRDAQRDA
TranslationTranslation
Query ExecutionQuery Execution
& Results Layer& Results Layer
QueryHealth – Query Lifecycle
39
Query Health Pilots
40
Query Health Pilot: MDPHnet
� Implement the Query Health Query Envelope standard
� Standardize Privacy and Security
� Query agnostic, content agnostic, facilitates privacy guidance from HIT Policy Committee
� Map ESP to the Query Health Clinical Element Data Dictionary
� Query against the CEDD in addition to ESP� Query against the CEDD in addition to ESP
� Use Health Quality Measures Format (HQMF) to issue a query
� Standardize Structure
� Query format for distributed population queries to work across diverse platforms
41