Post on 28-Jan-2017
© 2014 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution unlimited. 13-3623, 13-1012, 12-2797, 12-2251
D a ve H i l l , T h e M I T R E C o r p o r a t i o n d w h i l l @ m i t r e . o r g
VistA on FHIR with VistA Novo
| 2 |
Overview
VistA Novo VistA Novo is a foundational piece Other existing open source technologies to build VistA-based
applications – Security – Mobile – Clinical Quality Measures
| 3 |
© 2013 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution unlimited. 13-3623
wiki.osehra.org/display/VN/VistA+Novo+Home
| 4 |
Purpose
Demonstrate VistA Novo – a proof of concept – Sponsored by VA ASD – Open source OSEHRA project
Show value of simple Patient Generated Data (PGD) use case – Using realistic patient scenario – Leveraged through MITRE’s Patient Toolkit project Working with Kathy Frisbee, VHA Research project focused on PGD Kristina Sheridan, MITRE Project Lead
Simulate Patient Scenarios to: – Show value to Veterans of clinician access to both VistA and PGD
data
© 2013 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution unlimited. 13-3623
| 5 |
What VistA Novo Provides
Open Standards Support – Open standard, RESTful API to VistA Based Services – Fast Healthcare Interoperability Resources (FHIR) standard data format Data interoperability, across internal VA systems and external systems Uses the automated FHIR code generator with new JavaScript module
Potential army of innovators, reviewers, and quality assurance help Using mainstream technologies
A Test Stub to accelerate innovation – Simplifies testing, particularly corner cases and error conditions – Apps can be developed in parallel with service development Test Stub provides simulation before real service is available
Underpinnings for better care at lower cost – Get healthcare “off the mainframe”1 – More empowered patients
1E. Dishman, “Take health care off the mainframe,” TEDMED 2009.
© 2013 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution unlimited. 13-3623
| 6 |
Mobile Apps
Open Source
Services
Things we haven’t
thought of
VistA Based Applications
PGD Database
VistA
Other Data Sources
Data Sources
Service Invocation
Data Storage
FHIR Services
Simple CRUD interface allows for easy development
and surprisingly sophisticated applications
Only used for caching
Pluggable back end that can be
adapted to other services
Patient-Generated Data (PGD) Service
VistA Based
Service*
Other Services
FHIR
FHIR
FHIR
VistA Novo
*VistA Based Services may be generated using the VistA Service Assembler (VSA)
VistA Novo Production Architecture
© 2013 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution unlimited. 13-3623
| 7 |
Service Invocation
Data Storage
FHIR Services
Test Data
Test Stub
Test Data Creation
User Interface
Mock Services Mock Service Calls
CRUD FHIR calls on patient data
Web User Interface Use to enter synthetic BP readings for testing
VistA Novo Development Architecture
Mock Authoritative VistA Based Services • Get Vitals (RESTful API)
• VistA or patient-generated data • Set Vitals (RESTful API)
• Patient-generated data
Use HTTP utility, such as cURL, Poster, etc. to
invoke FHIR service and view results
FHIR Services • Get Observation
(RESTful API) • Set Observation
(RESTful API)
VistA Novo Framework
© 2013 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution unlimited. 13-3623
| 8 |
Synthetic BP readings are cached in Data Storage
Test Stub returns synthetic BP
readings
User enters synthetic
blood pressure readings for testing
Service Invocation
Data Storage
FHIR Services
Test Data
Test Stub
Test Data Creation
User Interface
Mock Services
VistA Novo
Data Storage checks for data & invokes
a service to retrieve observations
FHIR Services check Data Storage for observation
External application requests
observations via FHIR
Observations are served through
the FHIR interface from Data Storage
Blood Pressure (BP) Scenario with VistA Novo Test Stub
1
2 3 4
5 6 7
| 9 |
generates
VistA Novo Technical Architecture
Test Stub VistA Novo Framework
DB Tools: Mongoose
Runtime: JavaScript
HTTP Client: Restlet
Database:
Service API: FHIR
Runtime: Ruby
Database:
Web UI: Rails Admin
HL7 FHIR Code
Generator
Mock Service API
C# module
App Server:
Web Framework:
MITRE created and donated back to HL7
Delphi module
JavaScript module
Java module
© 2013 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution unlimited. 13-3623
| 10 |
The Future Is Bright
VistA Novo is a foundational first step Building block for passive data collection instead of active data
collection – Leverage open standards in VistA Novo with mainstream
technologies – Mobile sensors provide patient-generated data automatically – Fewer data errors – Easier for the patient
| 11 |
Patient “Black Box”
Smartphones – Mobile sensor hub Scales Blood pressure cuffs Sleep monitors Vitals monitors Diabetes monitors Fitness monitors
– More engaged patient – Better communication
Computable Patient Record – Faster diagnosis and
treatment – Better care, lower cost
| 12 |
© 2013 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution unlimited. 12-2251
Data Is Medicine
| 13 |
Blue Button Plus blue-button.github.io/blue-button-plus-pull/
| 14 |
RESTful Health Exchange wiki.siframework.org/RHEx
© 2012 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution unlimited. 12-2797
| 15 | RHEx Security & Privacy
Safeguarding Access to Health Information Use same trust model as Direct but implemented with Web
Technologies Communications secured with https Use proven, open standards
– OpenID Connect for distributed Identity management and user authentication
– Oauth 2 for service-to-service authentication Privacy is enforced at the provider location at the time the
information is requested – Provides information needed for authorization determination E.g., Extends standard profile information to add clinical role
for use in enforcing access control
© 2012 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution unlimited. 12-2797
| 16 |
Content
Security
Transport
Encryption in Transit
Interface
Layer Purpose
Identity & Authentication
Content Payload
TLS/SSL
HTTP
Standards
CCDA
OpenID OAuth
HL7 V2 C32
HTML DICOM …
© 2012 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution unlimited. 12-2797
| 17 |
© 2012 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution unlimited. 12-2251
hreader.org
| 18 |
© 2012 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution unlimited. 12-2251
| 19 |
© 2012 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution unlimited. 12-2251
| 20 |
© 2012 The MITRE Corporation All rights reserved
20
© 2012 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution unlimited. 12-2251
| 21 |
© 2012 The MITRE Corporation All rights reserved
21
© 2012 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution unlimited. 12-2251
| 22 |
© 2012 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution unlimited. 12-2251
| 23 |
© 2012 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution unlimited. 12-2251
| 24 |
© 2012 The MITRE Corporation All rights reserved
24
© 2012 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution unlimited. 12-2251
| 25 |
© 2012 The MITRE Corporation All rights reserved
25
© 2012 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution unlimited. 12-2251
| 26 |
© 2012 The MITRE Corporation All rights reserved
26
© 2012 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution unlimited. 12-2251
| 27 |
© 2012 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution unlimited. 13-1012
project-imas.github.io
| 28 |
iMAS - iOS Mobile Application Security Problem iOS is considered secure, but out of
the box security is not enough Simple device passcodes enable
easy compromise of applications and data
Solution Veteran empowerment with secure
mobile Additional security controls beyond
Apple Reduce iOS app attack surface Extends security with or without
MDM and commercial solutions Open source available
project-imas.github.com Raise iOS app security levels -
closer to the Art of the Possible
| 29 |
Data Is Medicine
© 2012 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution unlimited. 12-2251
| 30 |
More Information
Mailing List: vistanovo@groups.osehra.org
VistA Novo Code Repositories:
– Test Stub: https://github.com/OSEHRA/vista-novo-test-stub
– FHIR Code: https://github.com/OSEHRA/vista-novo-generated-fhir
– FHIR HL7 Generator: https://github.com/OSEHRA/vista-novo-fhir
Includes JavaScript FHIR generator module
– Demo applications: https://github.com/OSEHRA/vista-novo-demos
Wiki: http://wiki.osehra.org/display/VN/VistA+Novo+Home
Issue Tracking: http://issues.osehra.org/browse/VN
Blue Button Plus REST API: http://blue-button.github.io/blue-button-plus-pull/
© 2013 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution unlimited. 13-3623
| 31 |
hreader.org
wiki.siframework.org/RHEx
projectpophealth.org
http://project-imas.github.io
wiki.osehra.org/display/VN/VistA+Novo+Home
Dave Hill
dwhill@mitre.org