Welcome!

Microservices Expo Authors: Liz McMillan, Harry Trott, Pat Romanski, Mamoon Yunus, Elizabeth White

Blog Feed Post

MaaS applied to Healthcare – Use Case Practice

MaaS (Model as a Service) might allow building and controlling shared healthcare Cloud-ready data, affording agile data design, economies of scale and maintaining a trusted environment and scaling security. With MaaS, models map infrastructure and allow controlling persistent storage and deployment audit in order to certify th at data are coherent and remain linked to specific storage. As a consequence, models allow to check where data is deployed and stored. MaaS can play a crucial role in supplying services in healthcare: the model containing infrastructure properties includes information to classify the on-premise data Cloud service in terms of data security, coherence, outage, availability, geo-location and to secure an assisted service deployment and virtualization.

Introduction
Municipalities are opening new exchange information with healthcare institutes. The objective is sharing medical research, hospital acceptance by pathology, assistance and hospitalization with doctors, hospitals, clinics and, of course, patients. This open data [6] should improve patient care, prevention, prophylaxis and appropriate medical booking and scheduling by making information sharing more timely and efficient. From the data management point of view it means the service should assure data elasticity, multi-tenancy, scalability, security together with physical and logical architectures that represent the guidelines to design healthcare services.

Accordingly, healthcare services in the Cloud must primarily secure the following data properties [2]:
-      data location;
-      data persistence;
-      data discovery and navigation;
-      data inference;
-      confidentiality;
-      availability;
-      on-demand data secure deleting/shredding [4] [5] [11] [12].

These properties should be defined during the service design and data models play the “on-premise” integral role in defining, managing and protecting healthcare data in the Cloud. When creating healthcare data models, the service is created as well and properties for confidentiality, availability, authenticity, authorization, authentication and integrity [12] have to be defined inside: here is how MaaS provides preconfigured service properties.

Applying MaaS to Healthcare – Getting Practice
Applying MaaS to design and deploy healthcare services means explaining how apply the DaaS (Database as a Service, see [2] and [4]) lifecycle to realize faster and positive impacts on the go-live preparation with Cloud services. The Use Case introduces the practices how could be defined the healthcare service and then to translate them into the appropriate guidelines. Therefore, the DaaS lifecycle service practices we are applying are [4]:

Take into account, healthcare is a dynamic complex environment with many actors: patients, physicians, IT professionals, chemists, lab technicians, researchers, health operators…. The Use Case we are introducing tries to consider the whole system. It provides the main tasks along the DaaS lifecycle and so how the medical information might be managed and securely exchanged [12] among stakeholders for multiple entities such as hospital, clinics, pharmacy, labs and insurance companies.

The Use Case
Here is how MaaS might cover the Use Case and DaaS lifecycle best practices integrate the above properties and directions:

Objective To facilitate services to healthcare users and to improve exchange information experience among stakeholders. The Use Case aims to reduce costs of services by rapid data designing, updating, deployment and to provide data audit and control. To improve user experience with healthcare knowledge.
Description Current costs of data design, update and deployment are expensive and healthcare information (clinical, pharmaceutical, prevention, prophylaxis…) is not delivered fast enough based upon user experience;
Costs for hospitalization and treatments information should be predictable based upon user experience and interaction.
Actors Clinical and Research Centres;
Laboratories;
Healthcare Institute/Public Body  (Access Administrators);
Healthcare Institute/Public Body (Credentials, Roles Providers);
Patients;
IT Operations (Cloud Providers, Storage Providers, Clinical Application Providers).
Requirements Reducing costs and rapidly delivering relevant data to users, stakeholders and healthcare institutes;
Enabling decision making information to actors who regularly need access [11] [12] to healthcare services but lack the scale to exchange (and require) more dedicated services and support;
Fast supporting and updating healthcare data to users due to large reference base with many locations and disparate applications;
Ensuring compliance and governance directions are currently applied, revised and supervised;
Data security, confidentiality, availability, authenticity, authorization, authentication and integrity to be defined “on-premise”.
Pre-processing and post-processing Implementing and sharing data models;
Designing data model properties according to private, public and/or hybrid Cloud requirements;
Designing “on-premise” of the data storage model;
Modeling data to calculate “a priori” physical resources allocation;
Modeling data to predict usage “early” and to optimize database handling;
Outage is covered by versions and changes archived based on model partitioning;
Content discovery assists in identifying and auditing data to restore the service to previous versions and to irrecoverably destroying the data, if necessary, is asked by the regulations.
Included and extended use case Deployment is guided from model properties and architecture definition;
Mapping of data is defined and updated, checking whether the infrastructure provider has persistence and finding out whether outages are related to on-line tasks;
Deploying and sharing are guided from model properties and architecture definition.


Following, we apply MaaS’ properties (a subset) to the above healthcare Use Case. Per contra, Data Model properties (a subset) are applied along the DaaS lifecycle states:


MaaS Properties

DaaS Lifecycle States

Healthcare Data Model Properties
Data Location Create Data Model
Model Archive and Change
Deploy and Share
Data models contain partitioning properties and can include data location constraints. User tagging of data (a common Web 2.0 practice, through the use of clinic user-defined properties) should be managed. Support to compliant storage for preventative care data records should be provided
Data persistence Create Data Model
Model Archive & Change
Secure delete
For any partition, sub-model, or version of models, data model has to label and trace data location. Model defines a map specifying where data is stored (ambulatory care, clinical files have different storages). Providers persistence can be registered. Data discovery can update partition properties to identify where data is located
Data inference Create Data Model Data model has to support inference and special data aggregation: ambulatory might inference patient’s insurance file. All inferences and aggregations are defined, updated and tested into the model
Confidentiality Create Data Model
Populate, Use and Test
Data model guides rights assignment, access controls, rights management, and application data security starting from data model. As different tenants (hospitals, clinics, insurance companies and pharmacies) access the data, users and tenants should be defined inside the model. Logical and physical controls have to be set
High availability Deploy and Share
Model Archive and Change
Data model and partitioning configuration together with model changes and versions permits mastering of a recovery scheme and restoration when needed. Data inventory (classified by Surgery, Radiology, Cardiology, for example) vs discovery have to be traced and set.
Fast updates at low cost Create Data Model
Generate Schema/Update Data Model
Data reverse and forward engineering permits change management and version optimization in real-time directly on data deployed properties
Multi-database partitioning Create Data Model
Deploy and Share
Bi-directional partitioning in terms of deployment, storage, and evolution through model versioning has to be set. Multi-DBMS version management helps in sharing multi-partitioning deployments: for example, Insurance and Surgery by Patient, normally are partitioned and belong to different tenants vs different databases
Near-zero configuration and administration Create Data Model
Generate Schema/Update Data Model
Data models cover and contain all data properties including scripts, stored procedures, queries, partitions, changes and all configuration and administration properties. This means administrative actions decrease to leave more time for data design and update (and deployment). Regulation compliance can be a frequent administration task: models ensure that healthcare compliance and governance is currently aligned



The Outcome
MaaS defines service properties through which the DaaS process can be implemented and maintained. As a consequence, applying the Use Case through the introduced directions, the following results should be outlined.

Qualitative Outcomes:
1)    Healthcare actors share information on the basis of defined “on-premise” data models: models can be implemented and deployed using a model-driven paradigm;
2)    Data Models are standardized in terms of naming convention and conceptual templates (Pharma, Insurance, Municipality… and so on): in fact, models can be modified and updated with respect the knowledge they were initially designed;
3)    Storage and partitioning in the Cloud can be defined “a priori” and periodic audits can be set to certify that data are coherent and remain linked to specific sites;
4)    The users consult the information and perform 2 tasks:
4.1) try the (best) search and navigate the knowledge for personal and work activities;
4.2) give back information about user experience and practice/procedures that should be updated, rearranged, downsized or extended depending upon community needs, types of interaction, events or public specific situations.
5)    Models are “on-premise” policy-driven tools. Regulation compliance rules can be included in the data model. Changes on current compliance constraints means changes on the data model before it is deployed with the new version.

Quantitative Outcomes:
1)    Measurable and traceable costs reduction (to be calculated as a function of annual Cloud Fee, Resources tuning and TCO);
2)    Time reduction in terms of knowledge fast design, update, deployment, portability, reuse (to be calculated as a function of SLA, data and application management effort and ROI);
3)    Risk reduction accordingly to “on-premise” Cloud service design and control (to be calculated as a function of recovery time, chargeback on cost of applied countermeasures compared with periodical audit based upon model information).

Conclusion
MaaS might provide the real opportunity to offer a unique utility-style model life cycle to accelerate cloud data optimization and performance in the healthcare network. MaaS applied to healthcare services might be the right way to transform the medical service delivery in the Cloud. MaaS defines “on-premise” data security, coherence, outage, availability, geo-location and an assisted service deployment. Models are adaptable to various departmental needs and organizational sizes, simplify and align healthcare domain-specific knowledge combining the data model approach and the on-demand nature of cloud computing. MaaS agility is the key requirements of data services design, incremental data deployment and progressive data structure provisioning. Finally, the model approach allows the validation of service evolution. The models’ versions and configurations are a catalogue to manage both data regulation compliance [12] and data contract’s clauses in the Cloud among IT, Providers and Healthcare actors [9].

References
[1] N. Piscopo - ERwin® in the Cloud: How Data Modeling Supports Database as a Service (DaaS) Implementations
[2] N. Piscopo - CA ERwin® Data Modeler’s Role in the Relational Cloud
[3] D. Burbank, S. Hoberman - Data Modeling Made Simple with CA ERwin® Data Modeler r8
[4] N. Piscopo – Best Practices for Moving to the Cloud using Data Models in the DaaS Life Cycle
[5] N. Piscopo – Using CA ERwin® Data Modeler and Microsoft SQL Azure to Move Data to the Cloud within the DaaS Life Cycle
[6] N. Piscopo – MaaS (Model as a Service) is the emerging solution to design, map, integrate and publish Open Data http://cloudbestpractices.net/2012/10/21/maas/
[7] N. Piscopo - MaaS Workshop, Awareness, Courses Syllabus
[8] N. Piscopo - DaaS Workshop, Awareness, Courses Syllabus
[9] N. Piscopo – Applying MaaS to DaaS (Database as a Service ) Contracts. An intorduction to the Practice http://cloudbestpractices.net/2012/11/04/applying-maas-to-daas/
[10] N. M. Josuttis – SOA in Practice
[11] H. A. J. Narayanan, M. H. GüneşEnsuring Access Control in Cloud Provisioned Healthcare Systems
[12] Kantara Initiatives -http://kantarainitiative.org/confluence/display/uma/UMA+Scenarios+and+Use+Cases

Disclamer
This document is provided AS-IS for your informational purposes only. In no event the contains of “How MaaS might be applied to Healthcare – A Use Case” will be liable to any party for direct, indirect, special, incidental, economical (including lost business profits, business interruption, loss or damage of data, and the like) or consequential damages, without limitations, arising out of the use or inability to use this documentation or the products, regardless of the form of action, whether in contract, tort (including negligence), breach of warranty, or otherwise, even if an advise of the possibility of such damages there exists. Specifically, it is disclaimed any warranties, including, but not limited to, the express or implied warranties of merchantability, fitness for a particular purpose and non-infringement, regarding this document or the products’ use or performance. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies/offices.


Read the original blog entry...

More Stories By Cloud Best Practices Network

The Cloud Best Practices Network is an expert community of leading Cloud pioneers. Follow our best practice blogs at http://CloudBestPractices.net

@MicroservicesExpo Stories
There are several reasons why businesses migrate their operations to the cloud. Scalability and price are among the most important factors determining this transition. Unlike legacy systems, cloud based businesses can scale on demand. The database and applications in the cloud are not rendered simply from one server located in your headquarters, but is instead distributed across several servers across the world. Such CDNs also bring about greater control in times of uncertainty. A database hack ...
In his session at 20th Cloud Expo, Scott Davis, CTO of Embotics, discussed how automation can provide the dynamic management required to cost-effectively deliver microservices and container solutions at scale. He also discussed how flexible automation is the key to effectively bridging and seamlessly coordinating both IT and developer needs for component orchestration across disparate clouds – an increasingly important requirement at today’s multi-cloud enterprise.
DevOps at Cloud Expo, taking place October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 21st Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to w...
API Security is complex! Vendors like Forum Systems, IBM, CA and Axway have invested almost 2 decades of engineering effort and significant capital in building API Security stacks to lockdown APIs. The API Security stack diagram shown below is a building block for rapidly locking down APIs. The four fundamental pillars of API Security - SSL, Identity, Content Validation and deployment architecture - are discussed in detail below.
IT organizations are moving to the cloud in hopes to approve efficiency, increase agility and save money. Migrating workloads might seem like a simple task, but what many businesses don’t realize is that application migration criteria differs across organizations, making it difficult for architects to arrive at an accurate TCO number. In his session at 21st Cloud Expo, Joe Kinsella, CTO of CloudHealth Technologies, will offer a systematic approach to understanding the TCO of a cloud application...
API Security has finally entered our security zeitgeist. OWASP Top 10 2017 - RC1 recognized API Security as a first class citizen by adding it as number 10, or A-10 on its list of web application vulnerabilities. We believe this is just the start. The attack surface area offered by API is orders or magnitude larger than any other attack surface area. Consider the fact the APIs expose cloud services, internal databases, application and even legacy mainframes over the internet. What could go wrong...
Cloud adoption is often driven by a desire to increase efficiency, boost agility and save money. All too often, however, the reality involves unpredictable cost spikes and lack of oversight due to resource limitations. In his session at 20th Cloud Expo, Joe Kinsella, CTO and Founder of CloudHealth Technologies, tackled the question: “How do you build a fully optimized cloud?” He will examine: Why TCO is critical to achieving cloud success – and why attendees should be thinking holistically ab...
Web services have taken the development world by storm, especially in recent years as they've become more and more widely adopted. There are naturally many reasons for this, but first, let's understand what exactly a web service is. The World Wide Web Consortium (W3C) defines "web of services" as "message-based design frequently found on the Web and in enterprise software". Basically, a web service is a method of sending a message between two devices through a network. In practical terms, this ...
Docker is on a roll. In the last few years, this container management service has become immensely popular in development, especially given the great fit with agile-based projects and continuous delivery. In this article, I want to take a brief look at how you can use Docker to accelerate and streamline the software development lifecycle (SDLC) process.
The goal of Continuous Testing is to shift testing left to find defects earlier and release software faster. This can be achieved by integrating a set of open source functional and performance testing tools in the early stages of your software delivery lifecycle. There is one process that binds all application delivery stages together into one well-orchestrated machine: Continuous Testing. Continuous Testing is the conveyer belt between the Software Factory and production stages. Artifacts are m...
We define Hybrid IT as a management approach in which organizations create a workload-centric and value-driven integrated technology stack that may include legacy infrastructure, web-scale architectures, private cloud implementations along with public cloud platforms ranging from Infrastructure-as-a-Service to Software-as-a-Service.
In his session at @DevOpsSummit at 20th Cloud Expo, Kelly Looney, director of DevOps consulting for Skytap, showed how an incremental approach to introducing containers into complex, distributed applications results in modernization with less risk and more reward. He also shared the story of how Skytap used Docker to get out of the business of managing infrastructure, and into the business of delivering innovation and business value. Attendees learned how up-front planning allows for a clean sep...
In IT, we sometimes coin terms for things before we know exactly what they are and how they’ll be used. The resulting terms may capture a common set of aspirations and goals – as “cloud” did broadly for on-demand, self-service, and flexible computing. But such a term can also lump together diverse and even competing practices, technologies, and priorities to the point where important distinctions are glossed over and lost.
Enterprise architects are increasingly adopting multi-cloud strategies as they seek to utilize existing data center assets, leverage the advantages of cloud computing and avoid cloud vendor lock-in. This requires a globally aware traffic management strategy that can monitor infrastructure health across data centers and end-user experience globally, while responding to control changes and system specification at the speed of today’s DevOps teams. In his session at 20th Cloud Expo, Josh Gray, Chie...
"At the keynote this morning we spoke about the value proposition of Nutanix, of having a DevOps culture and a mindset, and the business outcomes of achieving agility and scale, which everybody here is trying to accomplish," noted Mark Lavi, DevOps Solution Architect at Nutanix, in this SYS-CON.tv interview at @DevOpsSummit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
We have already established the importance of APIs in today’s digital world (read about it here). With APIs playing such an important role in keeping us connected, it’s necessary to maintain the API’s performance as well as availability. There are multiple aspects to consider when monitoring APIs, from integration to performance issues, therefore a general monitoring strategy that only accounts for up-time is not ideal.
In his session at 20th Cloud Expo, Mike Johnston, an infrastructure engineer at Supergiant.io, discussed how to use Kubernetes to set up a SaaS infrastructure for your business. Mike Johnston is an infrastructure engineer at Supergiant.io with over 12 years of experience designing, deploying, and maintaining server and workstation infrastructure at all scales. He has experience with brick and mortar data centers as well as cloud providers like Digital Ocean, Amazon Web Services, and Rackspace. H...
As many know, the first generation of Cloud Management Platform (CMP) solutions were designed for managing virtual infrastructure (IaaS) and traditional applications. But that’s no longer enough to satisfy evolving and complex business requirements. In his session at 21st Cloud Expo, Scott Davis, Embotics CTO, will explore how next-generation CMPs ensure organizations can manage cloud-native and microservice-based application architectures, while also facilitating agile DevOps methodology. He wi...
When you focus on a journey from up-close, you look at your own technical and cultural history and how you changed it for the benefit of the customer. This was our starting point: too many integration issues, 13 SWP days and very long cycles. It was evident that in this fast-paced industry we could no longer afford this reality. We needed something that would take us beyond reducing the development lifecycles, CI and Agile methodologies. We made a fundamental difference, even changed our culture...
These days, change is the only constant. In order to adapt and thrive in an ever-advancing and sometimes chaotic workforce, companies must leverage intelligent tools to streamline operations. While we're only at the dawn of machine intelligence, using a workflow manager will benefit your company in both the short and long term. Think: reduced errors, improved efficiency and more empowered employees-and that's just the start. Here are five other reasons workflow automation is leading a revolution...