Using the 'Patient Connect' model in Java

Dec 28, 2011 at 11:41 AM

The idea is to have a back-end server that receives health data from a remote manager that can then write the data into HealthVault. Continua is an organization which has developed (and is continuing to develop) a standardized means of transferring Health data from agent devices (such as weigh scales, blood pressure meters, etc) to a 'manager' as well as a standardized means of transferring that data from the manager to a back end service. The back-end can receive data from multiple managers.

Using the 'Patient Connect' model this back end service could translate the data received from various managers to the HealthVault format and write the data to the patient's record. They key item in this model is that no web interface is needed and authorization can be provided out of band. The standardized transfer of data from the Manager to the back end does permit the inclusion of strings that can be used for codes, questions, passwords, etc., but not private keys that would be needed for the SODA model. The question I have is as follows: Does the Java API support the 'Patient Connect' model?

 

Even more so, is there a better way to accomplish this task (would require no web interface to the user or by the service).

 

Thanks, Brian

Coordinator
Dec 31, 2011 at 9:56 AM

Hi Brian,

The Patient Connect model works like this:

  1. Patient submits a secret question/secret answer to the application.
  2. The application calls CreateConnectRequest and receives an id
  3. The patient gets an email, is redirected, or otherwise gets a url to the pickup page in Shell.  The id can be included in the url and/or the user can enter it. 
  4. If the user successfully answers the question then their record-id and person-id are stamped in the connect request.
  5. Application polls GetAuthorizedConnectRequests and correlates the completed requests with its notion of user-id.
  6. Application stores the record-id and person-id in its database--the authorized connect requests will be deleted in 90 days or so.
  7. Application can now lookup the correct person-id/record-id for its users and call HealthVault methods on their behalf.

If you have a web application for registration, you can skip the Patient Connect flow and simply redirect the user to authorize your application.  You will be returned a user-token which you can use to obtain the user's person-id and record-id which you can store for future off-line access.

--Rob

Oct 22, 2012 at 7:26 PM

Hi,

I'm strongly interested by the Patient Connect model, but i'm new with HealthVault.

I'm trying to connect a "medical data manager" with no GUI to store health data (such as blood presure) directly into a HealthVault patient's account.

Where can i find a code example of the Patient Connect model ? Or somes pieces of code implementing this authentication method ?

 

Thanks, Matthieu

Coordinator
Oct 23, 2012 at 11:16 PM
Edited Oct 23, 2012 at 11:31 PM

Hi,

You can get some Patient Connect details here:  http://msdn.microsoft.com/en-us/library/jj551258.aspx

In this Java library, you can find implementations of CreateConnectRequest and GetAuthorizedConnectRequest necessary for the model.  The best code samples right now are the unit tests for those methods.  They test drive the method functionality and utilize "offline" access in the same way your application will.  Look for CreateConnectRequestTest.java and GetAuthorizedConnectRequestsTest.java.  I don't have an entire application implemented for Patient Connect.

--Rob

Oct 24, 2012 at 7:02 PM

Hi,

Thanks a lot Rob :)

 

Matthieu

Jan 2, 2013 at 5:33 PM

For some reason I never got an email message indicating the response a year ago. Must have messed up something. In any case Rob, is your suggestion what would be called the Linking model? And I all need to save is the user-token? I guess I could save the record-id and person-id too and save invoking a Request!

Coordinator
Jan 2, 2013 at 11:19 PM

If you use the patient connect model described here, you want to save the person-id and record-id.  Subsequent calls to HealthVault are in what's called "offline" mode.  What that means is that the request does not require a user token.  All of the unit-tests are coded to use the offline model.  The sample ui applications all use "online" mode with a user token.

Jan 3, 2013 at 2:57 PM

It is pretty clear that I want to use the Linking model; the user logs on via a web interface and gives the application permission to access their record. In the document Application Connection Recommendations there is no mention of a user token, so I am a little bit confused about the differences between these three items. But as I understand it, following Application Connection Recommendations, I would get the recordID and PersonId. Then I assumed that all I need to do is to instantiate your ApplicationConfig object (which loads the properties file with my app id, keystore info, and HV URL) and then make a request to send data using the PutThing method (making the Thing is the hard work!). Your Request class has a setRecordId() but no setPersonId(), but it does have a setUserAuthToken(). Am I missing something or do I need to add the capability to set a person id?

Thanks!

Coordinator
Jan 3, 2013 at 7:51 PM

The setPersonId() you are looking for is called setOfflinePersonId() on the Request object. 

Most of the heavy lifting is done in the ConnectionFactory.  Once you have a connection object, it should be good to go for your application.  You can use the same connection object (single threaded) for any person/record since those are set on each Request.

--Rob