FHIR Server for Azure https://github.com/Microsoft/fhir-server

Michael Hansen (mihansen@microsoft.com) Sr Program Manager | Microsoft Healthcare

D octo rFHIR cat

Platform Services Security & Hybrid Management Cloud Media & CDN Application Platform Data Azure AD Security Center Content SQL Health Monitoring Media Media SQL Data DocumentDB Services Analytics Delivery Web Mobile Database Warehouse Network Apps Apps Portal AD Privileged Identity SQL Server Redis Storage Azure Management Azure Active Integration API Cloud Stretch Database Cache Tables Search Directory Apps Services Domain Services Azure AD API BizTalk Services B2C Management Service Notification Fabric Hubs Intelligence Logic Backup Multi-Factor Cognitive Services Bot Framework Cortana Authentication Apps Service Bus Functions

Automation Operational Analytics & IoT Analytics Developer Services Scheduler Compute Services Machine HDInsight Stream Analytics Mobile Learning Visual Studio Import/Export Container VM Engagement Service Scale Sets Key Vault Data Data Lake Catalog Analytics Service Data Lake Store VS Team Services Batch Xamarin Azure Site Store/ RemoteApp Recovery Marketplace IoT Hub Event Data Power BI Application HockeyApp Hubs Factory Embedded Insights VM Image Gallery Dev/Test Lab StorSimple & VM Depot Infrastructure Services

Compute Storage Networking Virtual Load Traffic VPN App Virtual Machines Blob Queues Files Disks DNS Express Containers Network Balancer Route Manager Gateway Gateway

Datacenter Infrastructure On Responsibility Prem IaaS PaaS SaaS

Applications

Data

Balance of Runtime responsibility Middleware Balance of control and responsibility depends on the category of the service Operating system

SaaS: Move-in ready Virtualization Use immediately with minimal configuration

PaaS: Some assembly required Servers Existing services are a starting point, with additional configuration for a custom fit Storage

IaaS: Build from the ground up Building blocks, create your own solution or apps Networking from scratch

Customer Microsoft Azure App Service Quickly build, deploy and scale powerful cloud applications without worrying about infrastructure

High productivity

.NET, Node, Java, Docker, Staging & Testing in App gallery PHP, Ruby, Python deployment production marketplace

Fully managed

Auto scale & High availability Reduced Backup & load balancing w/ auto patching operations costs recovery

Enterprise grade

Global data Hybrid AAD Secure & center footprint support integration compliance Enterprise grade Get the control you want with a variety of hosting options Azure App Service App Service Azure (multi-tenant) Environment Stack

Get your Web, API, or Mobile App Run your apps in virtual network Leverage cloud innovations created in seconds in the cloud. at high scale. Create an isolated in on-premises infrastructure. We provide the plumbing, you environment specifically for your App Service on Azure Stack provide the application code or organization and access/manage brings the power of Azure App container(s). all of the resources behind your Service to your own data centers. public endpoint. Microsoft Data Platform Landscape

DATA MANAGEMENT DATA INSIGHTS

Operational data ON-PREM CLOUD Business intelligence Power BI Power BI Report Server SQL Server Azure Azure Azure DB Azure DB for SQL Database Cosmos DB for MySQL PostgreSQL SQL Server Reporting Services Data warehousing

Advanced Analytics & AI Azure SQL Server Azure SQL SQL Server Analysis Analysis Services Data Warehouse Services, R Services Azure Machine Learning Big data processing Azure Stream Analytics Apache Azure Azure Hadoop HDInsight Data Lake Azure Cognitive Services

SECURITY More certifications than any other cloud provider

FLEXIBILITY Any language, any platform, anywhere .NET JAVA Azure 3rd WHAT IS AZURE COSMOS DB A globally distributed, massively scalable, multi-model database service

Table API MongoDB

SQL

Key-value Column-family Document Graph

Guaranteed low latency at the 99th percentile Elastic scale out Five well-defined of storage & throughput consistency models

Turnkey global Comprehensive distribution SLAs DEPLOYING FHIR SERVERS IN AZURE PAAS https://github.com/hansenms/fhir-azure HAPI FHIR IN AZURE PAAS

DEMONSTRATION: HAPI FHIR IN AZURE DEMONSTRATION: HAPI FHIR IN AZURE DEMONSTRATION: HAPI FHIR IN AZURE https://github.com/Microsoft/fhir-server DEMONSTRATION: GITHUB DEPLOY DEMONSTRATION: FHIR SERVER DEPLOYMENT DEMONSTRATION: FHIR SERVER DEPLOYMENT DEMONSTRATION: FHIR SERVER DEPLOYMENT DEMONSTRATION: APPLICATION INSIGHTS MICROSOFT FHIR SERVER FOR AZURE

Hosting Layer Supports hosting in different environments, Microsoft.Health.Fhir.Web with custom configuration of IoC container

REST API Layer

Microsoft.Health.Fhir.Api

Core Logic Layer

Microsoft.Health.Fhir.Core

Persistence Layer Pluggable persistence provider Microsoft.Health.Fhir.CosmosDb OSS release includes Cosmos DB provider MICROSOFT FHIR SERVER FOR AZURE APPLICATION ARCHITECTURE

Consuming App FHIR Server for Azure Storage

Identity Azure Active Directory RESOURCE PERMISSIONS: ROADMAP

• Roles can have a set of permissions for resources

• Applicability is handled via a filter Role • Filter is based on FHIR URLs ResourcePermissions • Filter is based on a template Permission

• Possible actions Filter • Read, Write, HardDelete to start Actions • Future for operations, transactions

• Available today: • Global Read/Write/Delete assigned to roles SAMPLE ROLEPERMISSION (FUTURE STATE) IN JSON { "appRole": "patient", "resourcePermissions": [ { "criteria": "/Patient/{search('Patient?identifier=http://example.com/aad|{claims('sub')}', 'id', 3600)}/*", "actions": { "default": [ "Read", "Write", "OperationDefition/Resource-validate" ], "exceptions": [ { "actionsToRevoke": [ "Read", "Write" ], "criteria": "/observation?code=https://loinc.com/codes|1235" } ] } }, { "criteria": "/?_type=location,questionnaire,observation", "actions": { "default": [ "Read", "Write" ] } } ], "fieldPermissions": { "actions": [ "Read", "Write" ], "exceptions": [ { "fhirPath": "Patient.name", "actionsToRevoke": [ "Write" ], "criteria": "/Patient" } ] } }

IPAAS - AZURE INTEGRATION SERVICES APP DEVELOPERS Developer Portal

DIRECT OR BACKEND VPN APIs APPS Gateway

Hosted anywhere.

Developed using any technology.

API PUBLISHERS Admin portal FHIR2APIM SERVICE: AKA.MS/FHIR2APIM

FHIR2APIM App Service DEMONSTRATION: AKA.MS/FHIR2APIM DEMONSTRATION: AKA.MS/FHIR2APIM DEMONSTRATION: APIM DEVELOPER PORTAL DEMONSTRATION: APIM DEVELOPER PORTAL DEMONSTRATION: APIM DEVELOPER PORTAL DEMONSTRARTION: APIM DEVELOPER PORTAL DEMONSTRATION: APIM DEVELOPER PORTAL DEMONSTRATION: APIM DEVELOPER PORTAL

HYBRID DATA INTEGRATION AT SCALE

CLOUD Relational data Data Processing & Movement Any BI tool

Dashboards | Reporting Mobile BI | Cubes

OLTP ERP CRM LOB Advanced V-NET Analytics Machine Learning Non-relational data Stream analytics Cognitive | AI

Any language Web Media Social media Devices ON-PREMISE .NET | Java | R | Python Ruby | PHP | Scala

AZURE DATA FACTORY ORCHESTRATES DATA PIPELINE ACTIVITY WORKFLOW & SCHEDULING HYBRID DATA INTEGRATION MODERN DATA WAREHOUSE

Daily flat files

OLTP DB Tables

Social Media Customer Call AML: Churn Analytical (un/semi structured) Details Model Schemas

Azure Data Factory (PaaS) DEMONSTRATION: HANDS-ON ENVIRONMENT DEMONSTRATION: HANDS-ON ENVIRONMENT DEMONSTRATION: FHIR CLIENT DEMONSTRATION: FHIR CLIENT DEMONSTRATION: FHIR CLIENT DEMONSTRATION: FHIR CLIENT DEMONSTRATION: FHIR CLIENT DEMONSTRATION: FHIR CLIENT DEMONSTRATION: FHIR CLIENT DEMONSTRATION: AZURE DATA FACTORY DEMONSTRATION: AZURE DATA FACTORY DEMONSTRATION: POWERBI DEMONSTRATION: POWERBI https://github.com/Microsoft/fhir-server

[email protected]