Following a number of successful Rhapsody as a Service (RaaS) implementations, including the University of Louisville Hospital, we have had a number of inquiries from providers about migrating integration engines to the cloud to take advantage of the automation and ability to save on IT costs and maintenance.
To answer a number of the questions about the architecture of RaaS, we have compiled a high-level overview to explain how RaaS connects to an organization.
RaaS is a fully managed, monitored and supported implementation of Rhapsody, hosted in a cloud environment to meet the expectations of the popular Software-as-a-Service model. This new offering enables organizations, who require Rhapsody’s flexibility and ease of configuration, to get up and running quickly without having to worry about the day-to-day maintenance aspects of running a complex messaging integration engine.
The diagram below provides a basic architecture to show how RaaS fits within an organization.
- Customer: Rhapsody configurations are managed the Rhapsody IDE, as with an on-premise deployment. Local Rhapsody support staff can also be engaged to assist with configuration issues or help diagnose configuration problems.
- IPSec VPNs: A typical RaaS deployment uses an Internet Protocol Security Virtual Private Network (IPSec VPN) so that the RaaS instances can become an extension of the customer’s network. This VPN manages privacy concerns by encrypting all data in transit.
- Customer Domains: Any number of Rhapsody instances can be deployed within the customer’s private cloud. These could be for environments (i.e. production, staging, testing and development) and/or as a scale-out strategy. The proxy provided in each environment is used to enforce encryption on any protocols that require privacy as well as auditing for non-management and alerting traffic.
- Self-service: Customers can use the self-service portal to view this data as well as perform other management tasks.
- Metrics: Summarised metrics are sent to a metrics tracking system for reporting and performance monitoring.
- Rhapsody Support: Rhapsody Support staff use the automation and management tools in the Rhapsody private cloud to perform maintenance and support tasks. The Rhapsody Security team audits management logs and events, checking for any security concerns. Support staff will perform day-to-day management and maintenance of the system but will avoid interacting with any PHI data.
Basic Privacy and Security Principals:
Surrounding all of this is the strong respect Rhapsody, and RaaS, has for the principals of privacy and security. Standard practices for the integration engine include auditing system access and questioning possible data access, validating that no PHI data is logged under normal logging levels and restricting support teams (so they cannot access PHI data outside of their region). Furthermore, when an issue needs to be escalated to the development team all PHI data is anonymized before leaving the region. We also perform regular audits of processes and systems and report unexpected PHI contact.
For more information on how Rhapsody as a Service can help you deliver the best results for providers, payers, and patients: