ASSYST OnPoint xChange features an informative dialog on Health Data Interoperability. The maturity of the standards, regulatory mandates, and legislative compliance drive the adoption of Fast Healthcare Interoperability Resources (FHIR®). There are immense benefits at the provider-patient-payer levels, empowering patients to be in charge of their healthcare access. However, there can be benefits beyond the level of information sharing.
Mr. Vinay Shirke, Lead of ASSYST’s End-to-End Cloud based FHIR Solution “Hephaestus” Product Development and CIO, joins Mr. Khalil Zebdi, EVP Health IT solution, and Federal Business Development to discuss their journey to create Hephaestus.
They also explore the underlying technologies which support a high-quality FHIR® solution, the capabilities consumers should expect, and the potential interoperability standards benefits beyond compliance that FHIR® standards can provide for the Greater Healthcare Ecosystem, including Research and Nonprofit Organizations.
Vinay Shirke: Hello Khalil, witnessing current trends seen by healthcare providers adopting interoperability has been fascinating. Healthcare IT vendors seem keen on FHIR® based solutions to support data exchange within their technology ecosystem. With the recent introduction of government mandates requiring compliance for information sharing with patients, FHIR® is becoming more of obligation providers must meet. When we began developing Hephaestus, I remember what spurred your interest in Interoperability and led you to the idea that ASSYST should create our own FHIR® solution.
Khalil Zebdi: Vinay, having been working with HHS agencies featuring CMS, HRSA, and FDA for the past 15 years, we have held the privilege of developing close relationships I will cherish with these agencies and the people within them. A little over five years ago, as I was having lunch with a client from the CMS, she began to talk to me about the 21st Century Cures Act and the vision that she believed the legislation would drive for the future of healthcare IT. While we had heard about FHIR® and the concept of Interoperability, we weren’t quite sure how it would translate to real world use cases. But I couldn’t help myself but dive into research. As I dug deeper, I realized that FHIR® isn’t not only going to become an opportunity for IT vendors as providers would have to meet compliance but also a concept that will improve the overall quality of care we receive as patients.
When I dropped the idea of developing a FHIR® solution to the team, we evaluated the market and noticed that there weren’t many players engaged in FHIR®, which only made us more eager to jump right in. But as we began brainstorming, we asked ourselves, how can we be different from the other vendors? Many developers had stand-up FHIR® servers that performed the parsing and validation functions and housed FHIR® data. We researched many of the progressing trends occurring in HL7 and FHIR® but also with EMR vendors and Public Health IT. We wanted to exploit the experience we had obtained by working with various Federal, State, Local and Commercial agencies, as we already understood what it took to meet federal compliance with HIPAA and develop a federally approved software system. This drew us to the conclusion that whatever our product was going to be, it had to support the client in adopting FHIR®, maintain flexibility to the various use cases, be scalable to adapt to an expanding data environment and provide users the ability to visualize their data.
Thus, we created the vision for Hephaestus! Named after the God of Fire, we developed Hephaestus to bring change as a scalable solution that would aid organizations in transitioning from their use of legacy data formats to the most recent version of FHIR®. Hephaestus accelerates adopting and implementing the HL7 FHIR® standard by automating metadata exploration, data mapping, parsing, validating, transmission, API, and Business Intelligence (BI) with a data Visualization Dashboard. Being built in a Six-Component Microservice architecture and Cloud compatible, there are various use cases for ample providers that Hephaestus provides an answer for.
Khalil Zebdi: Vinay, when you kicked off developing Hephaestus, what tools and technologies did you feel were best to augment a FHIR® solution of this caliber? If I’m a Healthcare IT vendor, a provider, or an industry stakeholder, what approaches should I take when selecting a FHIR® solution that can aid the transition process? And what capabilities should I expect from a FHIR® solution?
Vinay Shirke: Khalil, as you explained earlier, from years of market research and experience with healthcare IT, we were in a good place to identify technologies and tools to construct a FHIR® solution, all of which we felt were necessary to build into Hephaestus.
As a basis, your FHIR® solutions should be able to effectively parse and validate non-FHIR® data sets into the most recent and relevant FHIR® format to be housed within a select FHIR® server so it can effectively be used for data exchange across platforms. The process of transforming data sets from legacy formats to FHIR® is the most important step, as many providers use varying data set formats, causing difficulties for users to remodel their data sets properly. Aggregated data collection can come from various sources and formats such as Excel sheets, CSV., XML, and JSON. Vendors are looking to build their apps with FHIR® to facilitate data ingestion from these sources. The platform should be able to collect metadata sets, analyze them and correlate them into schema formats (FHIR®Spy). For example, we built Hephaestus with SMART HL7 Bulk FHIR® to automate the uploading of Bulk FHIR® (large volumes of FHIR® data) data from various sources. In addition, users should be able to standardize their target schema formats reflecting their metrics for analysis fitting their business requirements, which is why we designed an interface enabling customization functions to format schemas. A proper solution should be able to interface with the source schemas (incoming datasets) and target schemas (FHIR® or defined metrics) and map out the transformation process and with the implementation of AI/ML capabilities stemming from the FHIR® server to automatically recommend the mapping of various data elements from the source schema to the target schema from previous activity (FHIR®Bricks).
A powerful parsing engine within your FHIR® server is imperative to complete the transformation process. We strongly recommend using a FHIR® server that leverages AI/ML to break down and restructure the various source data sets, re-structure them into the targeted FHIR® format, and prepare the dataset in a consumable format, then direct them to their appropriate storage location (FHIR®Proof). This step should also include a good validation tool, as we want to maintain the validity of data sets and their contents during the restructuring process. In addition, we believe that a platform should also be Cloud- compatible with supporting evolving data demands in Healthcare. From our years of experience, we have learned that everyone in the industry is adopting the cloud, including HHS agencies managing programs with the private sector, and are beginning to migrate their Healthcare systems to the cloud. So we felt it was imperative to make Hephaestus a Cloud-based solution.
Then comes the next step, which is the actual exchange of data. We identified SMART on FHIR® during our research. We built its RESTful API frameworks into Hephaestus, which not only augments your data collection process through quick exchanges of small and large data sets and contains authorization standards to govern data exchange. It clearly defines workload functions that guide applications to securely exchange data amongst each other efficiently while remaining versatile to different volumes of data sets (FHIR® Break). SMART on FHIR® supports integration with Bulk FHIR® Servers, which enables gathering large data sets using Bulk FHIR® API and meets compliance with the 21st Century Cures Act. Using the OAuth 2.0 Token Authentication standard, product and business owners can set controls on access levels using User-Managed Access (UMA) 2.0 protocol, which grants users tokens for a finite time for engagement in health information exchange. We feel that this is important to a successful adoption of FHIR® to assure all stakeholders that while their data is more open for sharing, it is also protected.
Lastly, we advise integrating a good analytical tool into your solution. Using SMART on FHIR® enables clients to integrate many open-source applications in the SMART App Gallery. These can be anything from patient dashboards to data visualization tools that can be used for reporting and analytics. For example, we are very enthusiastic about Superset. This open-source Data Visualization tool (FHIR® BI) is customizable. It enables users to define their metrics of measurement and Key Performance Indicators (KPI) and customize their interactive dashboards for analysis. Integrated dashboards provide organizations autonomy to slice and dice data with the AI/ML component of their FHIR® server and their aggregated health data and create dynamic graphical representations of their patients and the populations they serve.
Khalil Zebdi: We see the immediate need for healthcare providers to adopt FHIR® and the benefits it can provide to improve the overall quality of healthcare. However, with access to all that data, do you believe there are healthcare objectives that FHIR® beyond compliance can support? For example, can FHIR® support data analysis and construction of open health data products for Public Health initiatives?
Vinay Shirke: Today’s age in technology is moving more towards shared services and building open data models for services. Access to networks and the creation of open data services can aid Healthcare objectives for many organizations that use healthcare data programs to support their operational model. Interoperability can be the tethering framework for bringing together enterprises' health information data to build foundations of data models supporting healthcare programs, whether for private businesses or public health partners. We can use FHIR® to build open systems leveraging Cloud capabilities for ingesting and organizing Health data from a shared collection of participating stakeholders using FHIR® Bulk API exchanges to visualize populations based on their aggregate data in support of large-scale healthcare Programs. For instance, the Bulk FHIR® protocol, while not specifically established for data analytics and shared service programs, can interface with open data programs to define population groups and support information sharing across communities and population taxonomies. Organizations, Communities, and Public Health Stakeholders engaging in programs collecting large quantities of healthcare data in efforts to gain insights on trends in patient populations can adopt these standards to expedite data exchange, hone in requirements, customize metrics for data collection for analytical objectives, all of which will improve accuracy and speed of research and program operations.
How will this translate to the real world? We can support informative public platforms such as websites reporting important information with real time numbers on occurring phenomena such as infectious diseases or available hospital beds in a certain region. We can properly evaluate health conditions in a particular labor environment and use it to guide occupational safety policies. Grantors can gain direct analytical insight into their grantee constituents' activity & performance to more effectively manage their programs and allocate grants and resources in a cost efficient way. Clinical trials involved with the release of critical drugs for treatment will have access to obtaining accurate data that can improve trial processes and expedite approvals. Public health agencies can collect data models reflecting populations to improve operational strategy and provide information relevant citizen populations.
With greater data access, we can be more informed in how we conduct business and, as a result, provide better services and products to the people we serve. Promoting a more data driven culture across the healthcare industry will significantly help business processes mature and benefit with increased efficiency and the ability to integrate with modernized technologies.
Hephaestus is ASSYST's most recent innovation to come out of our Green Accelerator Program, designed, developed, and implemented for Healthcare Providers, Government Health Agencies, Health IT Companies, and Health Insurance Companies. Hephaestus is an eloquent, lightweight, low-code application platform that provides customers with the component architecture required to implement the FHIR® specification.
Discover more at https://www.assyst.net/hephaestus/
As a Health IT Systems Integrator and Platform Solutions provider, ASSYST helps US government health and human services agencies, research, and nonprofit organizations to deliver high-quality health and wellness services. Our customers include the Centers for Medicare and Medicaid Services (CMS), Food and Drug Administration (FDA), Health Research and Services Administration (HRSA), Program Support Center (PSC), and many State and Local Government agencies. ASSYST has been an industry leader in data interoperability, trusted data exchange, compliance, metadata, taxonomy, open data, and dissemination initiatives for over 25 years. In addition to HL7® FHIR®, ASSYST delivers solutions complying with data exchange standards, including XML, GJXDM, NIEM, XBRL, EDI, X12, and SDMX. ASSYST is an HL7 Gold Level member organization.
Thank you for all your feedback for Part One. In the second segment, our intent is to cover a few essential components of the Cybersecurity Program such as Knowledge Management, Project Management, and Talent Management.
ASSYST COO, Joe Anderson and VP of Technical Solutions, Vijay Narasimhan, reflect on the remarkable growth delivering capabilities to customers in the areas of DevSecOps, containers, and microservices.
Vijay Narasimhan leads service delivery across Federal Civilian and DoD, and he is the principal architect of ASSYST’s Green Accelerator Program. The Green Accelerator Program is our innovation lab and incubator program where we perform customer-focused applied research utilizing open-technology in the cloud infrastructure. Vijay’s focus includes native architectures, cloud-agnostic development, cloud hopping, collaborative coding, interoperability, and automation.
In addition to his role as the COO, Mr. Anderson leads several prominent programs in the Federal marketplace, providing consultation for IT and business leaders on several leading-edge technology areas, including multi-cloud, AI/ML, microservices, shift-left implementation approaches, robotic process automation, and zero-trust architecture implementation.
Joe Anderson: Hello Vijay. I find it promising to see the Federal sector embracing DevSecOps, and I know our engineering teams are excited about this transformational shift. I’m seeing a strong correlation between Agile, DevSecOps, and cloud migration within our customer base, and the number of opportunities is growing. I think the advancements in open-technology and new approaches to security have helped fuel the growth in opportunities for businesses like ours. The growth is certainly providing better opportunities for our UCD/UXD designers, DevSecOps engineers, cloud architects, and Pipeline engineers. I’m noticing that our customers who are truly committed to the practice are becoming more interested in using cross-cloud platforms and/or cloud-native approaches for their applications because of a greater emphasis on portability. I’ve also noticed that our engineers are becoming more adept at writing code and developing applications to run on or are portable to any cloud environment. In this way, DevSecOps and open-technology are really delivering on the promises.
Vijay Narasimhan: What I like about transforming our delivery teams to DevSecOps is how collaborative our Agile teams have become. In the past, the interaction between UCD/UXD, infrastructure, pipeline, configuration, back-end engineers, and front-end developers was occurring when there was a major release or at a defined phase-gate. With DevSecOps, the collaboration between the team members is happening hourly and daily across these areas of responsibility. Anyone can be brought into a daily standup or a huddle, and barriers and/or roadblocks are resolved almost instantaneously, keeping the development process moving forward. I’m also noticing how quickly the DevSecOps team comes together and socializes, and you can see how it is more engaging and rewarding to the team members.
Joe Anderson: I continue to be impressed by the maturity and sophistication in the DevSecOps tools, especially in the area of automation with respect to security, CI/CD pipeline activities, configuration and branching strategies, and Agile processes. The ability to monitor and measure all of the activities in the environment and present the information in a single window-pane or dashboard is an elegant solution for tracking performance. Additionally, the emergence of process automation in the DevSecOps environment results in faster time to market and a significant reduction in errors and defects. The ability to automatically identify, categorize and prioritize incidents and vulnerabilities, or automate and enforce the code branching strategy, or automate the test, build and deploy process are accelerating Sprint cycles.
Vijay Narasimhan: That’s right Joe. The number of processes you can automate in the DevSecOps environment continues to grow and mature. Also, many of these technologies come with built-in analytics capability which is very helpful. One of the areas I am focused on is working with our customers to aggregate and present the analytics utilizing the DevSecOps tool-chain for infrastructure, pipeline, configuration, back-end, front-end, and UCD/UXD activities into a customer-specific dashboard to capture and display the most important metrics for measuring performance and the business impact. The other positive outcome we are experiencing on our delivery teams is a heightened awareness across the different areas of responsibility amongst team members. For example, if the infrastructure is performing security patches or upgrading CI/CD tools, the backend and front-end engineers are immediately aware, and if there is a potential impact to a Sprint cycle, they’ll huddle, walk through any issues, resolve any potential roadblocks, and pivot resources to keep the build on schedule.
Joe Anderson: I see more of our customers’ environments are supported remotely and most of our DevSecOps teams are working in a virtualized infrastructure environment in the cloud. It’s become apparent to me that for the mission and enterprise systems we are supporting, and especially those systems with high availability and high volume requirements that Kubernetes container orchestration is becoming an increasingly more important service and skills provided by our cloud architects and administrators. What I find both empowering and inspiring is how our DevSecOps teams are utilizing Kubernetes for deploying and managing containerized applications and we have fully integrated Kubernetes with our CI/CD processes.
Vijay Narasimhan: Yes, continuing to expand our capabilities in Kubernetes container orchestration and utilizing Infrastructure as Code (IaC) for provisioning virtualized computing resources to support our DevSecOps teams and customers is a primary focus of mine. The speed at which we can stand up development, quality control, and production environments, and deploy Agile teams for our customers is unparalleled. The performance improvements we are seeing with Kubernetes in AWS and/or Azure are significant, and our ability to integrate Kubernetes with our other CI/CD pipeline tools and development environment has reduced delivery schedules significantly. The ease of provisioning and configuring the technologies you need to develop, enhance or modernize a system is a major factor in improving delivery schedules, and improving quality.
Joe Anderson: ASSYST is fortunate in that the partnerships we have established with AWS, Azure, RedHat, and GCP, and the investments we have made in DevSecOps, containerization, and microservices enable us to provide our customers with innovative approaches specific to their systems, applications and operating environment. Our customers are having difficulty trying to keep up with technology changes impacting tool selection, adoption, and new technologies, and sometimes struggle to understand how it fits into their existing operating environment. These distractions are resulting in activities that deviate from the core business. I think deviations away from the core business because of technology changes is a key driver behind the importance of UCD/UXD/IXD design activities within the DevSecOps team. When the user experience is integral to the DevSecOps team you can begin to achieve frictionless services and faster paths to a Minimum Viable Product (MVP). Then based on the user experience patterns and metrics, we enhance the features of the product using low code approaches and microservices. More and more this is what our customers are expecting.
Vijay Narasimhan: I’m glad that you are bringing up the importance of frictionless services and how we are approaching this with customers. I think you have outlined the DevSecOps path to frictionless services and digital transformation succinctly. An area I am focusing on is how to utilize the DevSecOps toolchain to provide customers the ability to measure the business impact of the DevSecOps team. For example, analyzing real-time interactions of UCD/UXD/IXD, front-end, back-end, pipeline, configuration, and infrastructure activities. This is currently an initiative of our Green Accelerator Program with interest from the Department of Homeland Security, Department of Defense, Centers for Medicare & Medicaid Services, Food and Drug Administration, Health Resources and Services Administration, and the Equal Employment Opportunity Commission. Our customers need DevSecOps to provide frictionless services, and for them to transform and succeed using this new delivery model, then we as service providers need to provide solutions where customers can easily measure our performance based on the user experience.