Cloverleaf 6.x Best Practices

Infor Cloverleaf Services

Last Updated: Apr 30, 2014

This appendix covers Cloverleaf Best Practices as they relate to architecture and objects. It does not fully address other related areas such as Implementation Methodologies, User Access, Audit Logging, Testing Strategies, Network Topologies, Environments, or Change Management.

Cloverleaf Best Practices for implementation are continually evolving. Techniques and strategies that have been used in a previous year may be outdated when contrasted against new integration methods. New functionality added to Cloverleaf can also alter Best Practices.

The Cloverleaf team has always strived to ensure upgrades can be made without any disruptive change. However, Implementation Best Practices nonetheless evolve with the product,

Infor Healthcare Services works closely with a wide spectrum of health care organizations, enabling us to formulate a robust set of experiences and lessons that can be summarized in our Cloverleaf Best Practices.

The key advantages of using Cloverleaf Best Practices for both Architecture and Interface design are:

·  Leverage the most current methods and functionality available.

·  Keep the design simple in structure and utilize proven methods.

·  Create robust interfaces which consider potential challenges that might otherwise be overlooked.

·  Create interfaces enabling future resources to readily understand and modify as needed.

·  Avoid introduction of any events that can inadvertently cause performance bottlenecks.

·  Utilize all of the functionality and power of the Cloverleaf Integration Platform.

·  Prepare for future pending functionality and integration requirements.

·  Allow for scalability without any unexpected re-engineering.

·  Improve uptime availability, and requires less maintenance and support.

·  Maximize hardware technologies to allow Cloverleaf’s multi-threaded/multi-processing capacity.

·  Minimize risks that commonly are encountered based on the hardware framework that is used.

Note: This appendix outlines general Cloverleaf Best Practices which may not be applicable for every client situation. It is best to work closely with Infor Healthcare Services to understand deviations/modifications which may best serve your specific environment.

Standard Cloverleaf 6.x Guidelines Relative to Design and General Practices

Design Considerations
Purpose / Object / Event / Best Practice Guideline / Comment / Example
Performance / Site / Limit a site to approx. 50 processes.
Currently, it is becoming common to keep processes under 20.
It is anticipated that smaller, crisper sites will be leveraged even more in pending releases. / Based on volume
Performance / Processes / Limit a process to approx. 10-15 threads. / Based on volume
Naming
Convention / Objects / Limit the use of upper case letters
Limit special characters to numbers and _. / meditech_hl723_variant
Naming
Convention / Site, Process, and Threads / Always use lowercase letters for site, process and thread names. / Not required for other CL objects
Naming Conventions / TCL tps procs / Use 1 tcl proc per 1 tcl file, using the same name for each for most stand-alone tps procedures. / adt_filter.tcl
Limit the number of procs in a TPS.
Naming Conventions / TCL tps procs / Group multiple tcl procs into 1 tcl file, when the procs rely on each other for operability. / recover_56 procs
Naming Conventions / TCL xlt procs / Group all external xlt procs for a single Xlate into a single file, and name the file to associate with the Xlate. / xltTranslate1.tcl
Naming Conventions / TCL dir procs / Name all non-tps procs to stand-out in the list; such as xlt, dir, upoc. / dirParse_charge_files
Best Practice / TCL procs / Use TCL Namespaces for tcl procedures that are not simple in nature. / Use packages for most commonly used procs
Naming Conventions / Processes / Process names should be relatively short in length, and represent the group of threads. / adt, pharm, batch_charges, etc
Documentation / Xlate / Always use the COMMENT Action to comment through-out the Xlate.
Documentation / TCL procs / Always complete the top comment section of the TCL template; and comment the coding throughout the procedure.
Performance / SMAT / Place SMAT archiving on all inbound threads;
Place SMAT archiving on selective outbound threads. / Writing in and out for every interface is rarely required, and does impact I/O performance
Cloverleaf 5.8.4 allows a destination to be specified for SMAT.
Best Practice / TCP/IP / Use Multi-Server TCP/IP connections for Cloverleaf listening sockets, when the connection is via VPN, or WAN / Allows Cloverleaf to be continuously available.
Best Practice / Msg Filtering / Kill all messages as soon as readily available to avoid processing transactions through translation that may not be necessary. / Use an Inbound TPS filter proc where applicable.

Standard Cloverleaf 6.x Guidelines Relative to Hardware

Hardware Considerations
Purpose / Object / Event / Best Practice Guideline / Comment / Example
Performance / CPU / A minimum of 2 Physical CPU’s per Server. / Allows multi-processing and CPU redundancy
Performance / CPU/Core / A minimum of 4 Cores per Server. / Allows multi-processing and CPU redundancy
CPU / Performance / Cloverleaf multi-threaded processes configurations should be set to a threaded allocation less than the physical numbers of CPU/cores / Use multi-threading if additional throughput is required, aka ADT Source
CPU / Performance / Verify multi-threaded has been prepared for the o/s based on Cloverleaf install guide / Verify configuration
Performance / Memory / Smaller sites typically require only the Cloverleaf minimum requirements, but should allow for scalability as resources are required.
Performance / Memory / Confirm and increase Kernel settings to published installation specifications, especially Virtual memory and allocation of semaphores and processes. / A good rule of thumb is to have multiple the number of CPU’s by 2 for the amount of RAM
Best Practice / External calls / When calling any external process or command or binary, always place call within a TCL “Catch” to avoid unexpected external events to create Cloverleaf crashes. / catch {exec /bin/ps }
Avoid using the “system” command as its part of TclX, use exec instead.
Performance / Disk / Disk subsystems/SANS should be a dedicated system for Cloverleaf, and configured with high-speed fiber based components. / Disk Performance
Performance / Disk / SANS may be configured with more heads to increase io performance / Disk Performance
Performance / Disk / Cloverleaf performs many small io reads/writes, do not increase the io block size / Disk Performance
Best Practice / Disk / Placing SMAT files onto a separate file system, may improve performance / Disk Performance
Best Practice / Environment / All disparate environments should be implemented with dedicated hardware. / Dev, Test, Production should always reside on separate hardware

Standard Cloverleaf 6.x Guidelines Relative to Alerting/Monitoring

Alerting/Monitoring Considerations
Purpose / Object / Event / Best Practice Guideline / Comment / Example
Alerts / Alerts / Use the Cloverleaf alerts for the bulk of alert configurations.
Alerts / Alerts / Use standard Alerting method for all other alerting notifications, thereby using a common package. / Alert files written to Alerting thread
Monitoring / Notes / Leverage Notes in Cloverleaf to pass along information about triaging, support policies, and the basic info about an interface to Global Monitor users. / <Support> …. </Support>
<Purpose>….</Purpose>
<Technical>…</Technical>
Monitoring / Enterprise
Tools / Use Global Monitor to send any SNMP, or centralized set of Cloverleaf alerts to a client’s external enterprise monitoring system.
Monitoring / Support / Enable CL 6.0 Msg Tracing and leverage GM graphical Trace View for support/operations

Standard Cloverleaf 6.x Guidelines Relative to Performance

Performance Considerations
Purpose / Object / Event / Best Practice Guideline / Comment / Example
Performance / Site
Enterprise / Smaller, leaner Cloverleaf sites allow for best performance, fast availability, and limit risks. / Based on volume
May consider < 40 threads
Performance / Site
Enterprise / Smaller, leaner Cloverleaf sites allow for best performance, fast availability, and limit risks. / Based on volume
May consider < 12 processes
Best Practice / Master site / Use of the master site allows the sharing of object across multiple sites.

Miscellaneous Cloverleaf 6.x Guidelines

Miscellaneous
Considerations
Purpose / Object / Event / Best Practice Guideline / Comment / Example
TCL / Tps Procs / Caution should be used if the current working directory is changed during a tps proc. The Cloverleaf process will fail to shutdown properly, if the standard Cloverleaf current working directory is not set correctly / Current working directory
TCL / All TCL procs / It is best to use relative paths for all filesystem/directory references. Hard-coded paths should be avoided. / $::HciSiteDir/data
~ Not
/hci/cis5.8/integrator/test/data
Best Practice / Cloverleaf
GUI / Leverage the Cloverleaf GUI and all Cloverleaf configuration tools when building interfaces, to insure consistency and maintainability. / Use Variant Definitions for data definitions
Use Xlates for mapping
Use Schemas if available
Best Practice / Scheduled
Events / It is common for any Cloverleaf device to have regularly scheduled tasks. It is best to place all tasks within a Cloverleaf read_upoc, using the cron-like scheduler.
Best Practice / External
Tasks, Scripts / If possible, develop all External Tasks, and scripts using TCL or JAVA, versus shell scripts.
Avoid using operating specific calls or programs, to promote portability.
Best Practice / New Cloverleaf
Functionality / Always leverage new functionality in Cloverleaf where it is appropriate versus older and perhaps formerly useful “work-around” methods.
Best Practice / Legacy Work / Unless there are current or foreseen issues, it is not specifically recommended to re-engineer legacy efforts. / If it ain’t broke, don’t fix it.
Best Practice / New Work / Always consider leveraging new functionality when there is a requirement to develop new interfaces. / Stay Current on best practice methods, it will save time in the long run.

Standard Cloverleaf 6.x Guidelines Relative to HIPAA Compliance

Performance Considerations
Purpose / Object / Event / Best Practice Guideline / Comment / Example
Best Practice / Security Server / Deploy Cloverleaf using the Security Server, with advanced security and ACL per role / Compliance for HIPAA
Best Practice / Basic Security / If Advanced Security is not available, at minimum, ALWAYS configure for basic security / Near-compliance, but limits access and leverages authentication
Best Practice / Audit Services / Always enable Cloverleaf’s Audit Services / Needed to review user interaction with configuration objects and data messages
Best Practices / Logging / Never write patient data/messages in whole to a production log.
(As part of testing/debugging with non-production data this is normal and expected) / Only log footprints of information in production
Best Practices / Secure Connectivity / Never transport any data, to any connection resident outside from the current network unless a level of SSL or secure transport is included. / http/s, SSL, sFTP, etc.
Best Practices / Data Transfer / It should be rare that it is required to ship or transfer production data to any client device, or laptop.
-  Only perform at request from customer, and when necessary
-  Use a secure method of transfer
-  Destroy data after testing/review / HIPAA and Infor Policies
Best Practices / Secure Connectivity / Never open any direct connection from the public internet to a Cloverleaf Server / Always used an intermediate device, such as CSC, or even needed a 2nd Cloverleaf instance
Best Practices / Data Encryption / Never have non-encrypted data resident on a Cloverleaf Server that is open to the public internet. / This follows CSC rules.
Best Practices / Data Encryption / Consider encrypting the Cloverleaf database to allow for data at rest security / Balance performance with HITECH/ARRA considerations
Best Practices / Data Encryption / Always select high-security, if possible for the encryption algorithm, or for secure web services
Best Practices / Certificates / Use standard X.509 Certificates when they can be made available
-  Self-signed certificates should be created and managed on a distinct server from Cloverleaf
-  CA and root certificates should exist on a separate server from Cloverleaf
-  Never sent a key-pair for a certificate as part of the certificate, only transmit the public certificate
Best Practice / Data Encryption / Leverage CL 6.1 functionality for SMAT database encryption / For data at rest consideration