Skip Headers
Oracle® Healthcare Precision Medicine Administrator's Guide
Release 1.0

E76044-01
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Index
Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
PDF · Mobi · ePub

1 EMR Configuration

This section describes EMR configuration. It contains the following topics:

1.1 Overview

You must configure OHPM to successfully integrate with EPIC EMR so that genomic reports can be published to EMR from OHPM. This section describes how to configure EMR.

Multiple EMR integration configurations can be created and maintained in OHPM. However, at any given point in time, only one configuration will remain in the active status. If not, the genomic report will not be published to EMR from OHPM.

1.2 Configuration

Perform the following steps to configure OHPM for EPIC EMR:

Note:

Steps 1 to 4 in the following list should be performed only if EMR configuration was not done during installation.
  1. Note down the host name and the TCP/IP or TLS port number where EPIC EMR listens for incoming lab result message.

    This TCP/IP or TLS port typically is the EPIC Interconnect HL7 V2 interface that can handle base64 encoded attachments. Although both TCP/IP and TLS are supported in this integration, Oracle strongly recommends that you use TLS since it is more secure.

  2. Get the Certificate Authority (CA) Certificate of the CA that signed the digital certificates used by EPIC TLS.

    CA certificates are generally from standard public CAs like Verisign. If EPIC was configured to use a self-signed certificate, then use the local CA certificate employed to sign the certificate request.

  3. Load the CA Certificate into OHPM WebLogic Server's Oracle Platform Security Services (OPSS) keystore. You can do this either:

  4. Grant permission to read the keystore.

  5. Use the EMR Integration Configuration REST service available as part of the OHPM application to configure details required to publish a report to the EMR using the TLS keystore created in the previous step.

    The service end point of the EMR Integration Configuration REST service and definition of its payload are as follows:

    Table 1-1 Service End Point

    HTTP Method URL Description

    GET/DELETE

    http://<host>:<port>/trc/opmemrintegration/resources/opm/api/v1.0/emrconfigservice/emrconfig/{emrId}

    Retrieve or Delete EMR integration configuration for a given EMR ID

    GET

    http://<host>:<port>/trc/opmemrintegration/resources/opm/api/v1.0/emrconfigservice/emrconfig/status/{status}

    Retrieve EMR integration configuration for a given status. Status is active A or Inactive I.

    POST/PUT

    http://<host>:<port>/trc/opmemrintegration/resources/opm/api/v1.0/emrconfigservice/emrconfig

    Create or Update using the EMRIntegrationConfig payload


    Table 1-2 Definition of Payload

    Field (XML/JSON) Description Valid Value Set Example

    emrIntegrationConfig

    Root Element

    -

    -

    createdById

    Created by user ID (automatically populated)

    -

    -

    createdOnDt

    Date when record was created (automatically populated)

    -

    -

    description

    Description of the EMR

    User defined

    EPIC EMR

    emrId

    A unique ID for the configuration. Used to update.

    User defined

    Epic_1

    emrType

    Type of the EMR

    EPIC

    EPIC

    integrationHost

    Host name or IP of the remote EMR system for TCP/TLS communication, otherwise NULL

    Remote host name/IP

    remotehost.com

    integrationPort

    Port number for TCP/TLS communication, otherwise NULL

    Valid remote host port number

    8088

    integrationUrl

    SOAP/REST URL for SOAP/REST end point, otherwise NULL

    Valid URL

    https://host:7002/epic/fhir/svc

    integrationAuthMethod

    Authentication method for calling remote service

    HTTP-BASIC, WS-SECURITY

    HTTP-BASIC

    integrationAuthUsername

    Username for HTTB-BASIC and WS-SECURITY. Credentials must be available in OPSS/JPS configuration

    User defined

    testuser

    integrationSslKeystore

    OPSS/JPS keystore name in stripe OPMApp. Mandatory when the integration URL starts with https.

    User defined

    castore

    messageFormat

    The format of the EMR message to be generated

    HL7V2

    HL7V2

    messageTemplateLoc

    Location of the template. The default location for EPIC is templates/EPIC_HL7V2.template

    Valid file location

    templates/EPIC_HL7V2.template

    receivingApplication

    The name of the application receiving the HL7V2 message.

    User defined

    EPIC

    receivingFacility

    The name of the facility receiving the HL7V2 message.

    User defined

    EPIC-LAB

    reportTestName

    Test name (code) to represent genomic test result, based on what EMR accepts

    User defined

    GENEîGENOMIC EXAM

    rowWid

    Internally generated surrogate primary key

    -

    -

    sendingApplication

    The name of the application sending the HL7V2 message.

    User defined

    ORACLE-MI

    sendingFacility

    The name of the facility sending the HL7V2 message.

    User defined

    GENETIC-LAB

    status

    Status of the configuration record

    A (active), I (inactive)

    A

    transportProtocol

    Transport protocol supported by this EMR

    TCP, TLS, SOAP1, SOAP2, REST

    TLS


    Following is a sample XML payload for the REST service to create a TLS connection configuration to EPIC:

    <?xml version="1.0" encoding="UTF-8"?>
    <emrIntegrationConfig>
       <description>EPIC EMR Configuration</description>
       <emrId>Epic_Id1</emrId>
       <emrType>EPIC</emrType>
       <integrationHost>localhost</integrationHost>
       <integrationPort>8081</integrationPort>
       <integrationSslKeystore>emrtruststore</integrationSslKeystore>
       <messageFormat>HL7V2</messageFormat>
       <messageTemplateLoc>templates/EPIC_HL7V2.template</messageTemplateLoc>
       <receivingApplication>EPIC</receivingApplication>
       <receivingFacility>EPC</receivingFacility>
       <reportTestName>GENOMICîREPORT</reportTestName>
       <sendingApplication>ORACLE-PM</sendingApplication>
       <sendingFacility>ORACLE-PM</sendingFacility>
       <status>A</status>
       <transportProtocol>TLS</transportProtocol>
    </emrIntegrationConfig>
    
  6. Enable publishing the report to EMR. For details, see Section 2.4, "Enabling or Disabling Features Related to External Systems".

1.3 Configuring the OPSS Keystore

You can configure the OPSS keystore using either of the following methods.

1.3.1 Using the Enterprise Manager

This involves the following steps:

  1. Log into WebLogic Enterprise Manager Fusion Middleware Control.

  2. Navigate to WebLogic Domain > Security > Keystore.

    Description of fig33.gif follows
    Description of the illustration fig33.gif

  3. Click Create Stripe to create a new stripe named OPMApp.

    Description of fig34.gif follows
    Description of the illustration fig34.gif

  4. Click OK.

  5. Click Create Keystore.

  6. Create a new keystore that will be used in the EMR integration configuration. For example, emrtruststore.

    Description of fig35.gif follows
    Description of the illustration fig35.gif

  7. Ensure that Policy is selected for Protection.

  8. Deselect Grant Permission.

  9. Click OK.

    For details on creating a keystore, see the section on Creating a Keystore with Fusion Middleware Control in the Oracle® Fusion Middleware Securing Applications with Oracle Platform Security Services available at the following location

    https://docs.oracle.com/middleware/1213/idm/app-security/kssadm.htm#CACHHHCH

  10. Select the keystore created in the previous step and click Manage.

    Description of fig36.gif follows
    Description of the illustration fig36.gif

  11. Click Import.

  12. Select the Certificate Type as Trusted Certificate.

  13. Enter an Alias.

  14. You can either browse and select the CA certificate file or copy the certificate content into the text field provided.

  15. Click OK. The CA trusted certificate is successfully added to the keystore.

    Description of fig37.gif follows
    Description of the illustration fig37.gif

For details on creating a keystore, see the section on Importing a Certificate or Trusted Certificate with Fusion Middleware Control in the Oracle® Fusion Middleware Securing Applications with Oracle Platform Security Services available at the following location

https://docs.oracle.com/middleware/1213/idm/app-security/kssadm.htm#CACDEAJH

1.3.2 Using the WebLogic Scripting Tool

Perform the following steps to configure the OPSS keystore using WLST.

  1. Load the CA Certificate into Oracle Platform Security Services (OPSS) using the WebLogic Scripting Tool (WLST). Use the following commands:

    $ cd $MIDDLEWARE_HOME/wlserver/common/bin
    $ ./wlst.sh
    wls:/offline> connect()
    Please enter your username: '<weblogic admin user>'
    Please enter your password:'<weblogic admin user password>'
    Please enter your server URL [t3://localhost:7001]: '<weblogic admin url>')
    wls:/ohpm_domain/serverConfig> svc = getOpssService(name='KeyStoreService')
    wls:/ohpm_domain/serverConfig> svc.createKeyStore(appStripe='OPMApp', name='emrtruststore', password='', permission=true)
    wls:/ohpm_domain/serverConfig> svc.importKeyStoreCertificate(appStripe='OPMApp', name='emrtruststore', password='', alias='EPIC_Trusted_Cert', keypassword='', type='TrustedCertificate', filepath='<full path to the CA certificate file>')
    

1.3.3 Granting Permission to Use the Keystore

Perform the following steps to grant permission to use the keystore created in OPSS using WLST.

  1. Connect to weblogic admin server using wlst. Refer above steps for example.

  2. Execute the following wlst command:

    grantPermission(appStripe="OPMApp", codeBaseURL='file:${oracle.deployed.app.dir}/OHF-Opm-App${oracle.deployed.app.ext}', permClass="oracle.security.jps.service.keystore.KeyStoreAccessPermission", permTarget="stripeName=OPMApp,keystoreName=emrtruststore,alias=*", permActions="read")