发布新帖

查找

公告
· 九月 27, 2024

[Webinar] Are you and your data AI ready?

#Artificial Intelligence (AI) #活动 #其他​​​

Hi Community,

Are you ready to transform your healthcare organization with the power of Artificial Intelligence? Join us for an enlightening webinar that will equip you with the knowledge and tools to harness AI effectively in your practice.

🌐 Are you and your data AI ready? 🌐

📅 Tuesday, 15th October, 1 pm ICT | 2 pm SGT| 4 pm AEST // 8 am CEST |  2 am EDT 

🗣 Presenter: @Kathleen Aller, Global Head of Healthcare Market Strategy, InterSystems

Edition #42 - Analytics Bites - Real Healthcare Providers' Channels to be Certified on Youtube

What you will learn:

  • Understanding AI Fundamentals: Gain insights into key AI concepts, including Narrow AI, Machine Learning, and Generative AI, and discover how they can revolutionize patient care.
  • Data Readiness Assessment: Learn how to evaluate your current data landscape and identify gaps that may hinder AI adoption.
  • Best Practices for Data Management: Discover strategies for collecting, normalizing, and securing data to ensure it is AI-ready.
  • Overcoming Bias in Data: Understand the importance of bias mitigation in data collection and analysis to ensure equitable healthcare solutions.
  • Real-World Use Cases: Explore successful AI implementations in healthcare and how they have improved patient outcomes and operational efficiency.

We hope to see you at the webinar!

>> Register here <<

讨论 (0)1
登录或注册以继续
文章
· 九月 25, 2024 阅读大约需 1 分钟

How to promote your idea on InterSystems Ideas

#InterSystems 想法门户

Hi Developers!

We're sure you want your ideas from the Ideas Portal to be implemented, so here are some steps you can take to attract attention to them.

 

To promote your idea, you can:

1. Create a post on the Developer Community about your idea, inviting users to vote for it on the Ideas Portal. For example, @Heloisa Paiva wrote an article "About the idea of Using Python Class Definition Syntax to create IRIS classes" mentioning "use Python Class Definition Syntax to create IRIS classes" by @Sylvain Guilbaud.

  

2. Request the creation of a poll on the Ideas Portal dedicated to the implementation of the idea. @Guillaume Rongier requested such a poll about his idea idea "Dark version of InterSystems Community". 

To request a poll, write a direct message to @Vadim Aniskin.

3. Respond to comments about your idea on the Ideas Portal and on the Developer Community. 

These three steps will attract attention to your idea and increase the odds of its implementation.

Good luck and keep your ideas coming! 

讨论 (0)1
登录或注册以继续
文章
· 九月 22, 2024 阅读大约需 1 分钟
Open Exchange

SMART on FHIR app - Sample with Hands-on Exercise/Workshop Instructions

#Angular #云 #FHIR #OAuth2 #InterSystems IRIS for Health

Based on a great sample and workshop built by @Luis Angel Pérez Ramos (see related articles and related Open Exchange app), which included a local InterSystems IRIS for Health container (and desired setup), this sample presented here, adapted the workshop for using the InterSystems Cloud FHIR Server, and it's related setup.

The related Open Exchange and GitHub repo included detailed instructions (and related screenshots) to create the desired project and flow.

See this series of short videos to accompany the steps to be performed.

Basically the steps include:

  • Setting up a Cloud FHIR Server [video]
  • Setting up an OAuth Server (auth0 by Okta) [video]
    • Creating an Application
    • Creating an API
    • Creating a User
  • Configuring the FHIR Server [video]
    • Creating an OAuth Server
    • Creating an Application
  • Adapting the app (Angular) to point to FHIR and OAuth Servers [video]
    • Adapting proxy.config.json
    • Adapting nginx.conf
    • Adapting app.module.ts
  • Testing running the app [video]
    • Examining the Login behind the scenes
    • Examining fetching and updating data behind the scenes

Enjoy!

3 Comments
讨论 (3)2
登录或注册以继续
问题
· 九月 19, 2024

Input Redirection

#ObjectScript #InterSystems IRIS

Hello, I try to develop a REST interface where I need to interact with legacy MUMPS routines. How can I pass in input to a Read without modifying the legacy code?

I think in linux I can execute command < inputfile to read from file, but how does it work in ObjectScript?

7 Comments
讨论 (7)5
登录或注册以继续
文章
· 九月 19, 2024 阅读大约需 6 分钟

eBPF - Cilium on FHIR® - A Star Wars Story

#FHIR #Kubernetes #安全 #InterSystems IRIS for Health

 

Anakin Skywalker challenged the high ground and has been terribly injured on Mustafar.  

 
He is a relatively new employee of the Galatic Empire, covered by a Large Group Planetary Plan and now has an active encounter in progress for emergent medical services in the Grand Medical Facility on Coruscant. The EMR deployed for the Galactic Health System is Powered by InterSystems FHIR Server running on Kubernetes protected by Cilium.

Let's recreate the technical landscape, to be performed in the style of Isovalent Labs...

Kind Cluster

Lets fire up a 3 node cluster, and disable the CNI so we can replace it with Cilium. 

cat <<EOF | kind create cluster --config=-
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
  - role: control-plane
  - role: worker
  - role: worker
  - role: worker
networking:
  disableDefaultCNI: true
EOF

This will provision the kind cluster, 3 nodes wide with a single control plane.


Cilium

Cilium is an open-source project that provides networking, security, and observability for containerized environments like Kubernetes clusters. It uses a Linux kernel technology called eBPF (extended Berkeley Packet Filter) to inject security, networking, and observability logic into the kernel.

In other words, wields the force.

cilium install --version v1.16.0
cilium status --wait


Hubble

Hubble is a clown suit for Cilium, providing ridiculous visibility to what powers Cilium are in play in real time.

cilium enable hubble

 

 

InterSystems FHIR Workload

InterSystems is the GOAT of interoperability, and transforms Healthcare Data like a protocol Droid.

kubectl apply -f https://raw.githubusercontent.com/sween/basenube/main/scenarios/ciliumfhir/deploy/cilium-fhir-starwars.yaml

The resulting workload has 4 deployments:

GrandMedicalFacility


Integrated Delivery Network based in Coruscant, with facilities as far as the Outer Rim, runs Epic and utilizes InterSystems I4H as a FHIR Server.

MedicalDroid FX-6


This 1.83-meter-tall droid supplied Vader with a blood transfusion and trained in cybernetic legs procedures.

MedicalDroid DD-13


Also known as the DD-13 tripedal medical droid, this droid has three legs for stability and was designed to install cybernetic implants. 

MedicalDroid 2-1B


2-1B droids have hypodermic injectors and precision-crafted servogrip pincers, and can be upgraded to specialize in areas like cybernetic limb replacement, neurosurgery, and alien biology.

Since we will need it anyway for upcoming interviews, lets tell the story in true STAR (Sithuation, Task, Action, Result) methodology.

Sith-uation

Palpatine accompanied the fallen jedi to the facility, and upon arrival helped registration admit him as Darth Vader.  

cat > vader.json << 'EOF'
{
  "name": [
    {
      "use": "official",
      "family": "Vader",
      "given": [
        "Darth"
      ]
    }
  ],
  "gender": "male",
  "id": "DarthVader",
  "birthDate": "1977-05-25",
  "resourceType": "Patient"
}
EOF
curl -v -X PUT \
  -H "Content-Type: application/fhir+json" \
  -d @vader.json \
  "http://coruscanthealth:52773/intersystems/fhir/r5/Patient/DarthVader"

Darth Vader is now registered, and can be seen throughout the Health System...  

Galactic IT Outage

There is a problem though!  

Shortly after registration, a Galactic IT Outage has occured, making the Identity Provider for the Health System unavailable. The InterSystems FHIR Resource Server is SMART enabled, and the IDP is casters up, making EMR launches impossible with the absence of the jwt token with the applicable scopes to protect the routes.



Sure as Bantha Fodder, we definitely have a problem... the care team cannot access the patient record, nothing but 401's and 403's and were not talking about your Galactic Retirement Plan.

Although the Hubble UI only provides a hint to what is going on, Inspecting the Hubble flows with Layer 7 information reveals the sithuation.





...and after adding some debugs bunny to the InterSystems FHIR endpoint, confirms it.

 
FHIR Debug
zw^FSLOG
...
^FSLOG(379555)="DispatchRequest^HS.FHIRServer.Service^944|Msg|Dispatch interaction read for Patient/DarthVader|09/19/2024 10:48:20.833339AM"
^FSLOG(379556)="DispatchRequest^HS.FHIRServer.Service^944|Msg|Request Completed in .000186 secs: Patient/DarthVader|09/19/2024 10:48:20.833450AM"
^FSLOG(379557)="processRequest^HS.FHIRServer.RestHandler^944|Msg|Response Status: 401, Json: Patient|09/19/2024 10:48:20.833454AM"
...


Task

What's a great line from Star Wars that doesn't get quoted enough? : r/StarWarsCantina

Action

With the route enforcement from SMART not applicable, lets do this our way and use Cilium to protect the endpoints while Vader gets immediate attention the Emperor demands.  We will go Rogue One here on the cluster and hand off the endpoint/route protection to Cilium while the Galaxy figures itself out from the outage.

Lets institute a deny all, from everywhere, with a CiliumClusterwideNetworkPolicy, and work backwards zero trust style.
 

cat <<EOF | kubectl apply -n galactic-fhir -f- 
apiVersion: cilium.io/v2
kind: CiliumClusterwideNetworkPolicy
metadata:
  name: "denyall-coruscanthealth"
spec:
  description: "Block all the traffic (except DNS) by default"
  egress:
  - toEndpoints:
    - matchLabels:
        io.kubernetes.pod.namespace: kube-system
        k8s-app: kube-dns
    toPorts:
    - ports:
      - port: '53'
        protocol: UDP
      rules:
        dns:
        - matchPattern: '*'
  endpointSelector:
    matchExpressions:
    - key: io.kubernetes.pod.namespace
      operator: NotIn
      values:
      - kube-system
EOF

Looking good, Cilium dropping it like its hot!



Now, lets open up the FHIR endpoint on the intersystems pod, disabling the oauth2 client.

set app = "/intersystems/fhir/r5"
Set strategy = ##class(HS.FHIRServer.API.InteractionsStrategy).GetStrategyForEndpoint(app)
// 7 = Mass Openness
Set configData.DebugMode = 7
Set configData = strategy.GetServiceConfigData()
Do strategy.SaveServiceConfigData(configData)

Lastly, lets create a CiliumNetworkPolicy to allow anybody from the org:empire, access to the route for DarthVaders record in the galactic-fhir namespace.

apiVersion: "cilium.io/v2"
kind: CiliumNetworkPolicy
metadata:
  name: "l7-visibility"
spec:
  endpointSelector:
    matchLabels:
      org: empire
  egress:
  - toPorts:
    - ports:
      - port: "53"
        protocol: ANY
      rules:
        dns:
        - matchPattern: "*"
  - toEndpoints:
    - matchLabels:
        "k8s:io.kubernetes.pod.namespace": galactic-fhir
    toPorts:
    - ports:
      - port: "52773"
        protocol: TCP
      rules:
        http:
          - method: "GET"
            path: "/intersystems/fhir/r5/Patient/DarthVader"
          - method: "HEAD"
            path: "/intersystems/fhir/r5/Patient/DarthVader"
EOF

Looks like we may be able to get back to iRacing, I think we are good.



...except

 

Yeah, looks like the payer is getting dropped...



Policy verdict = DROPPED



Let's add another policy, allowing org:payer access to Vaders route:

 

cat <<EOF | kubectl apply -n galactic-fhir -f- 
apiVersion: "cilium.io/v2"
kind: CiliumNetworkPolicy
metadata:
  name: "l7-visibility-payer"
spec:
  endpointSelector:
    matchLabels:
      org: payer
  egress:
  - toPorts:
    - ports:
      - port: "53"
        protocol: ANY
      rules:
        dns:
        - matchPattern: "*"
  - toEndpoints:
    - matchLabels:
        "k8s:io.kubernetes.pod.namespace": galactic-fhir
    toPorts:
    - ports:
      - port: "52773"
        protocol: TCP
      rules:
        http:
          - method: "GET"
            path: "/intersystems/fhir/r5/Patient/DarthVader"
          - method: "HEAD"
            path: "/intersystems/fhir/r5/Patient/DarthVader"
EOF

Welp, that did not quite cut it, and we can see why.



 

So we gave the payer a call and told them to access the "correct" patient record, and Anakin Vader gets his legs.

Rant time...




Result

1 Comment
讨论 (1)1
登录或注册以继续