Lessons Learned
Our SOA initiative has significantly changed the way we work and the impact that our IT teams can have on the business. First of all, one has to realize that is just way too much for one person or one role to do. We are a small shop. We wear many hats. But now we are trying to give everyone his own hat. We have expanded the team, hired people with more specific skills. Our developers can now concentrate on developing. Web Services infrastructure specialists can concentrate on infrastructure. We have expert programmers who really understand the nuts and bolts of Personal Health Records. We have another set of engineers who really understand Web Services - how to make them work together, how to secure, deploy, and manage them. This deepening specialization enables us to be more concerned about the bigger picture.

To me, a critical aspect of SOA delivery is about making sure a Web Service is modeled and designed properly - that it's reusable, solution-agnostic, and can be actively versioned. Part of that challenge lies in defining layers of services. The lower you go in terms of service layers, the more reusable your services should be. The opposite is true as well. The higher you go in terms of service layers, the less reusable because they start to solve very specific business problems.

Another aspect of SOA delivery is the orchestration of business processes in the integration layer. Web Services become more useful when they're combined with other Web Services to provide the substance of a particular business process. You start to address bigger business problems - not just updating a database record, for example.

In addition, make sure you've established a solid plan for management and security before your launch your endeavor. It's all too easy to lose control of services if they're merely launched in an ad hoc, bottom-up fashion. This chaos will eventually undermine your ability to act with agility and dynamism. At the same time, poor approaches to security threaten to leave the operation vulnerable.

One also must draw on the perspectives, capabilities, and best practices of experts when possible. Select vendors with a proven ability to deliver in runtime conditions - with an eye toward their design-time contributions and capabilities as well. Check their customer references and industry partners. We made our vendor selections with great care and diligence, and we've been pleased with the outcome.

However, the most important thing we've learned in the course of our SOA initiative - something I try to convey to other architects - is that complacency is a career and organization killer. If you enter the world of SOA thinking you already know it, then you're going to fail. You must go into this with a very open mind. Architectural and development approaches that have worked in the past may no longer scale or perform at the levels that are now possible. It's critical to keep learning the craft and looking for opportunities to enhance the agility of the business.

About MedicAlert
The MedicAlert Foundation is a non-profit healthcare informatics organization dedicated to providing services to our members that protect and save lives.

MedicAlert services are built around a repository of health information that enables members to manage their personal health records while maintaining security, privacy and confidentiality. As the trusted third party custodian of comprehensive personal health information, the MedicAlert(r) repository can connect to and provide critical medical information between patients, providers, payers, and first responders 24 hours a day anywhere in the world. The premium we place on patient confidentiality has earned the trust of 4 million members and the healthcare community worldwide.

MedicAlert is committed to providing technology-based solutions and is an active member and a leader in developing interoperability standards with all the major Healthcare IT standards organizations. The MedicAlert(r) repository uses Web service interfaces to support standard Electronic Health Records (EHRs), including electronic drug prescriptions and for patient record interoperability. These activities will ensure the rapid development and deployment of standards to improve the quality of care, lower healthcare costs while increasing patient safety.

MedicAlert is a nonprofit membership organization founded in 1956 with a mission to protect and save lives, is headquartered in the United States and has international affiliates in nine countries.