Introducing Ocean Cloud Connect

At CognisantMD, we've been working hard over the past year to build our next generation EMR integration platform. We call it "Ocean Cloud Connect", and it replaces the OceanConnect tablet app that's in widespread use today. Cloud Connect migrates the same EMR integration modules (currently available for TELUS and QHR Accuro) to a cloud-based server.

Benefits of Migrating to Cloud Connect

We built Cloud Connect to address a number of issues that made it difficult to manage the increasingly large number of OceanConnect tablets providing this data bridge between EMRs and Ocean, including:

Reliability: Previously, the data bridge could only be as reliable as the underlying tablet hardware with OceanConnect tablet. So, if the clinic Wi-Fi or power was interrupted, the entire data bridge would go down. Also, Cloud Connect is much easier to monitor with our automated monitoring tools and allows us to troubleshoot EMR connectivity without remote access to a clinic tablet.

Cost: Cloud Connect eliminates the need to have a dedicated tablet for EMR connectivity. This is not a huge deal if your clinic has 10 tablets, but some clinics want to use Ocean only for referrals or Ocean Online and wouldn't normally purchase any tablets.

Speed: Cloud Connect eliminates "round trip" data flows to the clinic so it's many times faster -- where it could take 30-60 seconds to mark a patient as arrived via OceanConnect tablet (due to network latency), it's usually less than a second via Cloud Connect.

Simple maintenance: Some tablet models blocked automated Google Play Store upgrades of the OceanConnect tablet app, which meant that clinics needed to upgrade OceanConnect manually. Cloud Connect is upgraded by CognisantMD system administrators so you don't need to worry about it and will always be on the latest EMR integration code for your EMR.

Functional Overview

From a functional perspective, there are more similarities than differences between OceanConnect and Cloud Connect:

  • Both hold EMR authentication tokens.
  • Both hold your clinic's encryption key so that PHI can be encrypted and decrypted, as needed, to bridge between Ocean and your EMR.
  • Both store EMR-specific preferences to allow you to tweak the way Ocean updates your EMR (e.g. combining progress notes from multiple Ocean eForms, selecting specific providers' appointments to sync, etc.).
  • Fundamentally, both play the role of a data bridge connection between Ocean and your EMR.

The main difference is the data flow changes:

  • Since the OceanConnect tablet app resided on your clinic's Wi-Fi network, it would live behind your firewall/router. As a result, OceanConnect would need to poll the Ocean server every 30 seconds for messages to be sent to your EMR (such as "add note to patient 123" or "mark patient 456 as arrived"), download those messages, handle them (e.g. download the update or mark the patient as arrived via the EMR API), and then acknowledge processing with Ocean.
  • Cloud Connect, in contrast, runs on a separate server maintained by CognisantMD. It receives these EMR-bound messages in real-time. This means that these messages are handled and processed as part of the initial action. We've also implemented a robust "message bus" in the Ocean server so that EMR actions can be retried in the event of an EMR connectivity issue.

Privacy/Security Impact

The Cloud Connect server is based in our Montreal data centre, but on a completely separate server from the main Ocean application. This separation ensures that clinic encryption keys are kept separate from the encrypted data itself. The communication between these two servers is done via SSL.

The authentication for Cloud Connect uses the Ocean Authentication Service, which validates user credentials during login to Cloud Connect. Access to Cloud Connect is limited to Site Admin users in Ocean.

We've also added the following additional safeguards to protect sensitive data:

  1. All access to Cloud Connect accounts are logged.
  2. Encryption keys are encrypted prior to being saved to the database.
  3. All access to a site's encryption key is captured in the Ocean audit log (via a shared Audit Service). Furthermore, any access to a site's encryption key generates an alert email to the clinic administrator.
  4. EMR access tokens are encrypted prior to being saved to the database.
  5. CognisantMD administrators and support personnel cannot access Cloud Connect accounts for Ocean sites and therefore, still do not have access to clinic encryption keys.

Next Steps

If you are currently running an OceanConnect tablet, you will be invited by the CognisantMD support team to migrate to Cloud Connect in the coming months. If you are interested in migrating to Cloud Connect earlier, please contact our support team directly, at ocean.tips/support.

We will continue to support OceanConnect tablet at least until Dec 31, 2018 (at which point, we hope to have all clinics migrated off of OceanConnect). However, new features, non-critical bug fixes and new EMR integration modules will generally be limited to Cloud Connect.

Have more questions? Submit a request