770 likes | 921 Vues
Launch Event eCare Framework v1.0 19 May 2006. Kerr Donaldson Standards Branch Head. Murray McVicar Policy Branch Head. Efficient Government Group. Data Sharing and Standards. Policy Policy on data sharing Support to policy colleagues on: Children’s services Adults at Risk
E N D
Launch Event eCare Framework v1.0 19 May 2006 F235110
Kerr Donaldson Standards Branch Head
Murray McVicar Policy Branch Head
Data Sharing and Standards Policy • Policy on data sharing • Support to policy colleagues on: • Children’s services • Adults at Risk • Governance arrangements including National Forum; Data Sharing Partnerships • Communications including stakeholder relationships
Data Sharing and Standards Standards • Identity and Authentication • Performance measurement • Quality Assurance • Technology & Data Standards for the eCare Framework
Data Sharing and Standards Implementation • eCare framework development • Procurement • Supplier relationships • Roll-out of national solutions
eCare Framework • Is a strategic approach to the sharing of personal data across Scottish public sector • Comprises a set of technical, security and data standards, architecture and infrastructure • Fully supported software products • Based on a federated model of data and identity management (14 data sharing partnerships) • Managed service hosting and national network infrastructure
Vision for Improved Service Delivery • Meeting the needs of the citizen, not the convenience of the service provider • Looking beyond the normal boundaries for partnerships • Culture of continuous improvement embracing quality and cost • Aim of efficiency savings is to release cash for front line services
Individual organisations improve internal processes by implementing re-engineered process and new technology Multiple organisations standardise on agreed best practice process and technology Technology is deployed on a shared basis Service provision is provided on a shared basis Lead authority ? Public sector company ? Joint Venture ? Outsourcing ? Reduced costs through staff and property rationalisation Reduced costs through shared hosting and maintenance of technology Reduced costs through single deployment of technology Benefits stream Reduced costs through joint procurement, development & training Reduced costs through joint procurement, development & training Reduced costs through single procurement and implementation More consistent cost/quality More consistent cost/quality Consistent cost/quality More efficient/effective internal processes in some organisations. More efficient/effective internal processessector wide More efficient/effective internal processes sector wide Single most efficient/effective process used
Succeeding through engagement • We can only achieve this by working in partnership across the sectors; • The agenda is complex, developing, and inter-connected; • Sharing knowledge of what we are doing – and what we find others are doing - is vital; and • The prize is big, so our work is challenging and worthwhile • We need to ensure efficient support for the delivery of care to those most at risk
Robbie Harris Senior Technical Architect
“address the technical barriers and costs to data sharing by agreeing a standard technical architecture. This will ensure that the technical implementation can re-use existing components; that data providers can maintain one interface for all their data partners rather than a separate interface for each data partner; and that common standards of security and authorisation can be systematically applied to all data exchanges.” F235110
“new risk management model, approved security architecture for government systems, a revised CSIA security policy, best practise guidance & standards” F235110
“consolidated network architecture for government. This would allow reduction in costs through aggregating demand and allowing individual agencies to use common network infrastructure seamlessly for intra-agency as well as inter-agency traffic.” F235110
Managed Service • Equivalent to existing architecture • Not a central, monolithic solution, each partnership has their own messaging service & store • Direct and straightforward migration for existing solutions • Adapters must meet minimum interconnect requirements for GSX/NHSnet connections • Plus specific technical requirements for interconnect to the eCare Framework – the technical aspects of which are covered by our security policy & architecture requirements F235110
James MacGregor Technical Architect, Atos Origin
eCare Managed Service • Centrally hosted eCare Service • Located in Atos new Tier IV Data Centre in Livingston • Tier IV Data Centre – highest level of availability (Uptime Institute) • Conforms to BS7799, ISO9001 and ITIL operational standards F235110
Infrastructure • Resilient Infrastructure • Load Balance Web Servers (blade) • Clustered SQL Server • Dual Firewalls / Switches • Offsite backups • Staging Servers • To allow partners to verify releases • GSX / N3 Connectivity F235110
Managed Service • Solution designed to scale • Service Available Summer 2006 • 24x7 Helpdesk • Atos Origin technical support F235110
Data architecture • Based on federated information, user and citizen identity models. It reuses existing data holdings, user and citizen management facilities in order to create on-demand, persistent shared citizen records and facilitate sharing via joint multi-agency business processes. A ‘single, shared view of the citizen’ “one way to avoid the risks of a central, state-run monolithic database of the entire population would be to have some sort of federated system” Richard Thomas, Information Commissioner, 3 February 2004 F235110
Kerr Donaldson Standards Branch Head
Standards (Branch) • Linkage between Information requirements of policy & • Local business requirements & • Subsequent Development and Implementation • In MGF-2, acted in Standards Design Authority role for the eCare Data Architecture F235110
Why Data Standards? • Define common information content of MAS • Basis for interoperability • Same data has the same meaning for all partners • Allow valid comparison for performance management, where appropriate • Ensure compliance with DPA and other regulatory frameworks F235110
Key principles • Ownership: policy and practice • ARCG • IAF • Collaboration • NCDDP • OSIAF • Consultation • Loose coupling of data and technical standards F235110
Development Model International and national (e.g. BS) standards International and national (e.g. BS) standards As per e-GIF TSC e.g. data models, XML Schema, WSDL F235110
Agency Systems are MIS applications within the varying agencies that perform client/patient/person processing functions An Adaptor is a software component that enables communications between agency systems and the eCare Framework […] the Adaptor can be a logical software component built into an agency system or on a separate physical machine eCare Safe Haven or DMZ is a secure perimeter network that connects the Agency networks with the network in which the eCare Framework’s hardware is located. The Messaging Service provides Agency Applications with an interface to the eCare Framework The Multi Agency Store is the repository used to store consented data for the purpose of information being shared between different agencies F235110
"This review has confirmed that the Framework has been written to high standard. The code conforms with previous versions of the Framework and has been produced to a high level of quality, following clear coding standards to provide a consistent well structured and easy to read style. The code is complemented by the publication of Web Service Design specifications, which provide a valuable overview of each web service as well as a more detailed design. These documents are (like the code) written in an easy to read and consistent style, providing a solid foundation for development and testing. The high level security review indicates that security has been designed up front and the Framework conforms to many of Microsoft’s security best practices, particularly with regards to securing Web Services. Finally, the examination of the unit test documentation and results gives a good level of confidence of test coverage and in fact 390 individual test cases is an impressive effort.“ ACS Europe review of eCare Framework Release Candidate April 2006 F235110
James MacGregor Technical Architect, Atos Origin
eCare Framework Product Set • Matching Framework • Messaging Framework • eCare Viewer (optional) • Matching Tools (optional) F235110
Documentation Set • Messaging Integration Guide • Messaging Admin Guide • Matching Integration Guide • Matching Admin Guide • Viewer Tool Guide • + Other National Documentation Set…. F235110
Service Granularity • Document Message Pattern • Coarse grained messages • Simplify message sequencing • Reduce network performance overhead • Simplify transaction management F235110
Authentication & Authorisation • Authenticate host application not user • Implemented through WS-Security • Support Role based authorisation F235110
Error Feedback • Soap Fault • Client Details – XML formatted error messages & codes • ClientUtilities DLL (for .Net) F235110
Agency Boundary Matching 1. New Service User Host Application 2. Poll for new service users Adaptor 3. New Match Request 8. Match Notification eCare DMZ NHS Boundary Messaging Manual Matcher CHI 4. Store Request Matching MAS 7. Index Created Auto Matcher 6. Search CHI 5. Attempt Match F235110
Agency Boundary Host Application Adaptor Agency Boundary Data Sharing Host Application 1. Service User Interaction 5. View Shared Data Adaptor Viewer 2. Store Disclosure Authorisation 3. Store Service User Data 4. Other Agencies Share Data eCare DMZ Messaging MAS F235110
Viewer • What is the Viewer and what can you do? • Access MAS Data • No searching • Embed in web page • .Net User Control (Web Page) • No inherent authentication / authorisation F235110
Matching Integration • Supports 3rd Party Integration • GetMatchRequests • CreateMatch • Indexes Created • Notifications Created • StoreMatchStatus (Manual / Query / Fail) F235110
Adaptor Architectural Discussion Discuss key adaptor design issues F235110
Common Application Architecture • Mainframe / Midrange • Client Server • Distributed Architecture • Browser based application F235110
Basic Adaptor Requirements • Support Matching • Publish data to MAS • Support MAS Notifications • Support inter-Agency processes F235110
Architectural Qualities • Integration • Availability • Scalability • Transactions • Deployment F235110
Adaptor Integration • Issue • How to identify data to publish in MAS • Possible Strategies • Database triggers – possible unexpected impact • Integrate with application logic • Monitor database (last change date / last sent) • API F235110
Adaptor Integration • Scenario • What happens if Disclosure is temporarily removed? • Publish Subject to MAS – including associated person • Remove Disclosure Authority in Host Application • Delete associated person • Re-apply disclosure • MAS still thinks Associated Person relationship exists • Potential Strategy • Track changes even while Disclosure off and apply to MAS once F235110
Availability • Issue • Line of Business applications must not be impacted by eCare availability • Possible Strategies • Queue service requests • Event based asynchronous processing • Avoid applications calling web services directly (for publishing data) F235110