Rhapsody Health Solutions Team

The Basic Architecture of Rhapsody as a Service

July 24, 2018

Erkan-Akyuz_185px

Following a number of successful Rhapsody as a Service (RaaS) implementations, including the University of Louisville Hospital, we have had a number of inquiries from providers about migrating integration engines to the cloud to take advantage of the automation and ability to save on IT costs and maintenance.

To answer a number of the questions about the architecture of RaaS, we have compiled a high-level overview to explain how RaaS connects to an organization.

In Brief:
RaaS is a fully managed, monitored and supported implementation of Rhapsody, hosted in a cloud environment to meet the expectations of the popular Software-as-a-Service model. This new offering enables organizations, who require Rhapsody’s flexibility and ease of configuration, to get up and running quickly without having to worry about the day-to-day maintenance aspects of running a complex messaging integration engine.

The diagram below provides a basic architecture to show how RaaS fits within an organization.

  1. Customer:  Rhapsody configurations are managed the Rhapsody IDE, as with an on-premise deployment. Local Rhapsody support staff can also be engaged to assist with configuration issues or help diagnose configuration problems.
  2. IPSec VPNs: A typical RaaS deployment uses an Internet Protocol Security Virtual Private Network (IPSec VPN) so that the RaaS instances can become an extension of the customer’s network. This VPN manages privacy concerns by encrypting all data in transit.
  3. Customer Domains: Any number of Rhapsody instances can be deployed within the customer’s private cloud. These could be for environments (i.e. production, staging, testing and development) and/or as a scale-out strategy. The proxy provided in each environment is used to enforce encryption on any protocols that require privacy as well as auditing for non-management and alerting traffic.
  4. Self-service: Customers can use the self-service portal to view this data as well as perform other management tasks.
  5. Metrics: Summarised metrics are sent to a metrics tracking system for reporting and performance monitoring.
  6. Rhapsody Support: Rhapsody Support staff uses the automation and management tools in the Rhapsody private cloud to perform maintenance and support tasks. The Rhapsody Security team audits management logs and events, checking for any security concerns. The support staff will perform day-to-day management and maintenance of the system but will avoid interacting with any PHI data.

Basic Privacy and Security Principals: 

Surrounding all of this is the strong respect Rhapsody, and RaaS, have for the principles of privacy and security. Standard practices for the integration engine include auditing system access and questioning possible data access, validating that no PHI data is logged under normal logging levels, and restricting support teams (so they cannot access PHI data outside of their region).
Furthermore, when an issue needs to be escalated to the development team all PHI data is anonymized before leaving the region. We also perform regular audits of processes and systems and report unexpected PHI contact.

For more information on how Rhapsody as a Service can help you deliver the best results for providers, payers, and patients, click here to contact an expert.

Interested in cloud-based integration? Click here for a white paper about what to consider when migrating out of a proprietary data center to the public cloud sector.

Related Blogs

Denise Stoermer

5 Points to consider when evaluating your API gateway strategy

How to extend the power of your integration engine with a built-for-healthcare API gateway

Read more

Dmitri Kitaynik

Improving integration team productivity with Corepoint distributed development features

Corepoint product manager Dmitri Kitaynik discusses existing and upcoming features that aim to improve employee productivity by advancing distributed development capabilities.

Read more

Dmitri Kitaynik

Corepoint 7.5.3 features Administration REST API, enhances auditing and configuration

Corepoint product manager explains new Administration API, other enhancements for Corepoint 7.5.3 release

Read more