COLOMAR HOME

    Building the Colomar Secure Document Server (SDS) Into Your Application


    Can You Serve Up Secure Documents?

    The simple answer is Yes. There are many ways to do this.

      Uploading to the Secure Server

    • Manually: Using a Web Browser
    • Automated: By placing your files in a given directory, and providing additional information about them.
    • Automated: Calling Java routines to initiate the transfer.

      Downloading from the Secure Server

    • Manually: Using a Web Browser
    • Automated: Using the stand-alone SDS Print Server (Java and Adobe Acrobat Reader).
    • Automated: Calling Java routines to initiate the transfer.

    The Colomar SDS can exist out in the wilds of the Internet, or safely behind your own Virtual Private Network (VPN) at your own facility. In either case, all communications to and from your applications are by SSL - all files are encrypted using a large set of unique keys utilizing RC4.

    Integrating Your Applications

    If you have an existing application that needs HIPAA compliance when sharing electronic format documents, it usually can be adapted to work with the SDS with minimal effort on your part. The SDS is a secure Storage Area Network (SAN) application that was designed to provide support for general data Objects.

    The SDS allows the end user to share data Objects a number of ways, without requiring the end users to run any specific application or Operating System - it make no difference if you are using Microsoft Windows, your end user is using a Mac or that your lab is using Linux - the data Objects remain sharable Objects. These Objects can be in multiple formats - Simple text, Word Processor Files, Spread Sheets, Images, PDF format files, etc. In fact, the SDS has the capability of creating a PDF format file for you to distribute, without requiring you to have any Adobe PDF file creation tools - this allows many different sources of information to provide un-alterable reports without having to license software that you normally wouldn't have.

      Supported Object Creation Tools

    • Microsoft Word and Excel - Can Convert to PDF

    • OpenOffice Word Processor and Spread Sheet - Can Convert to PDF

    • Any text editing program (NotePad, WordDoc, WordPerfect, etc) - Can Convert to PDF

    • Any Tool that creates or edits Images in GIF or JPEG (JPG) format.

    • Any Tool that can create a PostScript format file (Microsoft Windows, Mac OS, Linux, Solaris, HP-UX, etc.) Automatic Convert to PDF

    Who can use the SDS?

    Any computer system that has network access (LAN, WAN or Dialup) and supports a Web Browser that is a recent release of Internet Explorer, Netscape, Mozilla, Konquerer, Opera, or SSL enabled Safari will work with the SDS system. This allows end users to leverage their existing personal computer systems and not require costly upgrades that really have no business justification. It also allows existing, working configurations to remain as they are, without disrupting their normal use or requiring a Network Administrator to figure out how to adapt every system on their network.

    Automated functions at the end users Personal Computer or Lab will require Java 1.4 or later. All end users that want to see or Print PDF format files require Adobe Acrobat PDF reader. Both Java and Adobe Acrobat PDF reader are no cost software packages that run on Microsoft Windows, Macs, Linux, etc.

    Sending Objects to the SDS

    This can be done manually, or programmatically. Your choice will depend on what systems you have and how the resulting files/Objects are generated, as well as the volume of files/Objects processed.

    The Manual method involves using a Web Browser. Uploading files to the SDS uses standard Web Browser features found in recent releases.

    There are two different programmatic methods available.

    • The first allows you to use files that are currently generated, but you have little control or how the application writes them. This method allows existing applications to be used as they are and not require replacement of applications or hardware (you would write an application to capture the results and forward them on using any of: Java, Visual Basic, Perl, C, C++, Python, .NET, etc.).

    • The second method is preferred for applications that have greater control over the output, and can call Java classes to perform the uploads for them, completely automated. A .NET access path is planned in the near future to provide the same capabilities as currently supported for Java.

    The programmatic methods allow the applications to have the look and feel of how the current application users want to see them, and not force users to have to deal with 'Yet Another Interface'. This allows integration of applications that were never intended to work together. Colomar can provide consulting to build these programmatic upload applications.

    Retrieving Objects from the SDS

    This can be done manually, or programmatically. Your choice will depend on what systems you have and how the resulting files/Objects are to be used, how many users there will be, how the delegation of the results are handled, as well as the volume of files/Objects processed.

    The Manual method involves using a Web Browser. Downloading files from the SDS uses standard Web Browser features found in recent releases. If you are sharing Adobe PDF format files, the end user will need Adobe Acrobat PDF reader software installed.

    There are two different programmatic methods available.

    • The first uses the existing Java based SDS Print Server. This method uses a module that polls the SDS at selectable intervals and picks up any files/Objects that have been sent to the user. If these are PDF files, they can be automatically sent to the local printer. The added benefit is that these files/Objects could also be saved to a directory on the end users system for incorporation into another application (Hospital System, Multiple Insurance folders, etc.). The SDS Print Server allows you to choose printing, saving the file or both. Adobe Acrobat PDF reader software will need to be installed if printing PDF files.

    • The second method is preferred for applications that need greater control over the output, and can call Java classes to perform the downloads for them, completely automated. A .NET access path is planned in the near future to provide the same capabilities as currently supported for Java.

      You can build applications that now look like Microsoft Windows, Mac or Linux/Unix applications that your users would use, just like any other program on their system.

    Returned objects are no longer encrypted once delivered to the end user system.

    Your own application developers can use the SDS directly. Colomar Consulting is available for custom interfaces in this area as well.

    Open Internet Access SDS Versus Your Own SDS

    The SDS is a flexible solution, but every organizations needs are different. Some want more control of the environment, others want the simplest solution requiring the least investment. This is why the Colomar SDS is available in more than one form.

    • Open Internet Access
      System managed and operated by Colomar for you.
      Allows any doctor access anywhere there is INTERNET availability.
      End users that have INTERNET access don't need anything else to use it.

    • Your Own SDS
      You own and manage the hardware.
      Can Place behind your own VPN and Firewall. Complete control.
      Can limit access based on your business rules.
      Can Sync (all or partial) to the Open Internet Access server.
      End users will require a VPN software package to use if outside the LAN/WAN.

    If your only users are internal to your organization, having your own SDS may make the most sense. If your users are spread across the region and are operating as their own businesses, the accessibility of the Open Internet Access model may make more business sense. A hybrid of the two is also possible.


    Definitions:

  • SSL and TLS:
    The Secure Sockets Layer (SSL) is a commonly-used protocol for managing the security of a message transmission on the Internet. SSL has recently been succeeded by Transport Layer Security (TLS), which is based on SSL. SSL uses a program layer located between the Internet's Hypertext Transfer Protocol (HTTP) and Transport Control Protocol (TCP) layers. SSL is included as part of both the Microsoft and Netscape browsers and most Web server products. Developed by Netscape, SSL also gained the support of Microsoft and other Internet client/server developers as well and became the de facto standard until evolving into Transport Layer Security. The "sockets" part of the term refers to the sockets method of passing data back and forth between a client and a server program in a network or between program layers in the same computer. SSL uses the public-and-private key encryption system from RSA, which also includes the use of a digital certificate.

    TLS and SSL are an integral part of most Web browsers (clients) and Web servers. If a Web site is on a server that supports SSL, SSL can be enabled and specific Web pages can be identified as requiring SSL access.

  • Storage Area Network
    A storage area network (SAN) is a high-speed special-purpose network (or subnetwork) that interconnects different kinds of data storage devices with associated data servers on behalf of a larger network of users. Typically, a storage area network is part of the overall network of computing resources for an enterprise.

  • LAN
    Local Area Network - usually implemented using TCP/IP network cards and special cabling. It is comprised of a group of computers and other devices dispersed over a relatively limited area and connected by a communications link that enables any device to interact with any other on the network.

  • WAN
    Wide Area Network - usually implemented using TCP/IP network cards and special cabling. A computer network which spans great distances. Usually connects many LANs together.

  • Virtual Private Network
    A Virtual Private Network (VPN) is a way to use a public telecommunication infrastructure, such as the Internet, to provide remote offices or individual users with secure access to their organization's internal network. A virtual private network can be contrasted with an expensive system of owned or leased lines that can only be used by one organization. The goal of a VPN is to provide the organization with the same capabilities, but at a much lower cost.


    Please contact Jens if you have further questions.
  •