CzechIdM handle accounts in IS Medea
The General University Hospital in Prague, where user’s accounts are managed by our Identity Manager CzechIdM since spring 2013, uses the hospital information system (HIS) Medea provided by Stapro. In this article I will describe technical details of connection between CzechIdM and Medea HIS, and we will see a whole life cycle of user’s accounts on this information system.
CzechIdM and Medea HIS
CzechIdM is an Identity Manager, an application that automatically manages user’s accounts through enterprise IT systems. Administrators of these systems that are connected to CzechIdM not have to do basic operation like create user account for a new employee, disable user account when an user employment is finished and so on. All action executed by CzechIdM on connected systems are also registered in audit log, so administrator is allow to find modifications that were executed on given account. CzechIdM is allow to manage a lot of systems via Identity Connectors, libraries mostly written in Java programming language. Identity Connectors use standard communication protocols like JDBC, HTTP, JAX-WS etc.
One of the systems that is handle by CzechIdM at the General University Hospital in Prague is Medea, a hospital information system delivered by Stapro. There is number of instances of Medea over the hospital where are registered electronic health records, a pharmacy, records of hospitalized patients or archivated data. Medea is a key system for the hospital and contains confidential information so connection with CzechIdM has to be realized with maximum emphasis on security and stability.
Details of connection
CzechIdM doesn’t communicate with Medea HIS directly but through the simple database interface in Progress database. CzechIdM through this database interface creates new accounts, disables unused accounts in Medea, provides functionality to password change and sends related information needed for electronical signature of electronic health records. From the technical point of view is connection between CzechIdM an Medea realized by our universal JDBC connector that is ussualy used for communication with a relation database.
Electronic health record
The key module of Medea HIS at the General University Hospital in Prague is electronic health records registration. Doctors who works with electronic health records uses electronic signature. To these processes, that are related to electronic signature and digital certificates, is dedicated the recent article of my collegue Jakub Tomek.
Medea HIS is one of the destination systems which receives certificates and signature tokens from CzechIdM. If an user certificate is revocated, CzechIdM downloads the new one and provide the distribution into connected IT systems. If the new token is created for some doctor, CzechIdM automatically writes serial number ot this certificate into Medea HIS.
Lifecycle of user account
Business procesess defined in CzechIdM cover the whole life cycle of user’s accounts in Medea HIS:
- Creation of user account
- Certificate and token import into Medea
- Updating of user account
- Password change (by user or helpdesk)
- Disabling of user account
This article follow to the article of my collegue Jakub Tomek which was focus on business processes connected with digital certificates at the General University Hospital in Prague. The hospital information system Medea is one of the most important system which is handle by CzechIdM – CzechIdM creates, updates and deletes user’s account in Medea and so on. If you are interested in this topic I’m fell free for your questions. You can contact us at: firstname.lastname@example.org