APHL Informatics Messaging Services (AIMS) Accelerating the effectiveness and efficiency of ELR and related public health reporting APHL Informatics Messaging Services (AIMS) A secure, cloud based environment that accelerates the implementation of public health messaging solution by providing shared services to aid in the transport, validation, translation and routing of electronic data. The Big Picture Clinical Labs Lab Result Public Health Labs Hospital and Healthcare Systems Healthcare Providers Morbidity Report Test Order / Result EHR Data Lab Result EHR Data Lab Result Patient Registry PHAs Case Reporting / Syndromic Surveillance Test Order / Result Public Health Labs ELR (Traditional) Case Reporting Case Reporting Surveillance Test Order/Results Point-to-Point Stakeholder 1 Speaks HL7 v2.1 and Uses PHINMS PHINMS Adapter Stakeholder 4 Speaks EHR and Uses Web Service Web Service Call Stakeholder 2 Speaks HL7 v2.5 and NHIN Direct Convert HL7 v2.5 to HL7 v2.1 Convert HL7 v2.1 to CSV NHIN Direct Secure FTP Adapter Adapter PHINMS Adapter NHIN Direct Secure FTP Adapter Adapter Convert HL7 v2.1 to HL7 v2.5 Convert CSV to HL7 v2.1 PHINMS Adapter Stakeholder 3 Speaks CSV and Uses Secure FTP Convert CSV to HL7 v2.5 Secure FTP NHIN DirectAdapter Adapter Convert HL7 v2.5 to CSV AIMS Stakeholder 1 Speaks HL7 v2.1 and Uses PHINMS HL7 v2.1 Stakeholder 4 Speaks EHR and Uses Web Service Web Service Adapter PHINMS Adapter HL7 v2.1 <--> HL7 v2.5 HL7 v2.1 <--> CSV CSV <--> HL7 v2.5 Web service <-> HL7 2.5 … Validation Transformation Translation Vocabulary Routing Increased Efficiency Increased effectiveness AIMS Secure FTP Adapter CSV HL7 v2.5 Stakeholder 2 Speaks HL7 v2.5 and NHIN Direct NHIN Direct Adapter Stakeholder 3 Speaks CSV and Uses Secure FTP APHL Informatics AIMS ARCHITECTURE AIMS Functional Architecture ELR Reporting PHP Customer Portal Message Transform RCMT Alerts Future-Private Applications Transport Conversion Email Server Audit Portal Message Service Routing Message Service Routing Shared Applications Application Services WEB Server SFTP Server Rhapsody Integration Engine Mirth Integration Engine Database Management Route not Read (RnR) Hub Platform Services AIMS Systems Management Security AWS Message Infrastructure System Infrastructure Security and Compliance • System Security Plan (SSP) in place • Security Assessment (ST&E) and Audit conducted in 2013 by RTI International • FISMA Compliance granted in 2013 • Migration to FEDRAMP certified environment in 2014. • SSP is being upgraded to show security enhancements gained by moving to AWS Amazon Web Services • Migrated technology stack to AWS on March 1, 2014 • AIMS Hub is located in the AWS East Region • Planning is underway to enhance Continuity of Operations with Multi-Availability Zones The AWS cloud infrastructure has been designed and managed in alignment with regulations, standards, and best-practices including: • • • • • • HIPAA SOC 1/SSAE 16/ISAE 3402 (formerly SAS70) SOC 2 SOC 3 PCI DSS Level 1 ISO 27001 • • • • • • FedRAMP(SM) DIACAP and FISMA ITAR FIPS 140-2 CSA MPAA APHL AIMS Architecture Coverage State Public Health Laboratories include: Other Trading Partners Alabama Maryland Tennessee Alaska Mississippi Texas Arizona Missouri Utah Arkansas Montana Vermont Connecticut Nebraska Virginia Florida Nevada West Virginia Georgia New Hampshire Wisconsin Hawaii New Mexico Wyoming Houston New York City Illinois North Carolina Indiana Ohio Kansas Oregon Kentucky Rhode Island Louisiana South Carolina Maine South Dakota Other Trading Partners Centers for Disease Prevention and Control (CDC) Cerner Quest Diagnostics Lab Interoperability Collaborative (LIC) Mayo AIMS Advantages • • • • • Common architecture and services Open source architecture that can be shared (where possible) Centralized processing and message routing Monitoring and auditing Sharable systems • • • • • Reduced message transport complexity Reduced data translation and transformation complexity Reduced development and support costs FISMA Moderate compliant applications FedRAMP compliant environment Message Validation MQF and related tools and operations