Security & Architecture

Organizations seek new and better ways to secure their information, more so in the healthcare industry, where the government requires organizations to implement comprehensive security policies and procedures to ensure client confidentiality and satisfaction. Knowing that IT Managers are devoting an increasing amount of time and resources to comply with HIPAA, we focus on ensuring that only the right people can access information, while making that access easier for the end users. We understand that compliance can save precious time and money for organizations.

Security Measures:

  • In addition to mirroring existing IT security parameters Pinpoint offers multi-level security. In that there are no cubes, each user’s access can be setup on a field-by-field basis, a very unique and thorough approach to controlling access; far exceeding HIPAA requirements.
  • HIPAA required data elements are recorded for each system access: date & time of access, username, IP address, module name, analysis object definition and report processing time.
  • Several mitigation strategies are in place for the common security threats. All the assets in the product suite are secured against the common application threats by authentication, authorization, configuration management, sensitive information, sessions’ management, cryptography, exception management, auditing and logging.

Security Architecture:

  • Network Security -The Pinpoint Application Server becomes a part of your network and inherits the pre-existing Network Security Design. We recommend the use of local IP for the server and limiting the access to the server within your network. Offsite users can access using VPN credentials. The Application Server needs only a set of Open Ports with these ports scanned by a central enterprise wide port-scan. Host Identification can be done if a set of IPs are to allowed access to the Server.
  • Host Based SecurityThe Pinpoint App Server encourages Central Authentication Service and supports the Shared Authentication Scheme. Centralized Logging is enabled for all the services and daemon processes using socket based communication run on the Pinpoint App Server.
  • Application SecurityThe Pinpoint App Server allows communication with the clients using the secured protocols such as SSH for desktop-based client and SSL for the web based client.
  • Data Security - In addition, all the data in the Data Warehouse can be encrypted using a completely secure Data Encryption Scheme.

Pinpoint’s modular multi-layer framework is completely flexible and scalable, as well as highly extensible and customizable.

Windows/Unix Platform

  • Client-Server Architecture – End-user Windows Client and a Server running on a UNIX platform.
  • Uses an RDBMS for Data Warehousing with fixed length records stored in flat *.DAT files.
  • Pinpoint RDBMS is driven by Data Dictionaries that store easily manipulated Data Definitions.
  • Pinpoint Data Warehouse can import data from CSV, SQL Database, HL7, IDX, Medent, McKesson, SMS, Siemens Host Systems  and other Legacy Systems.
  • Supports multi-tenant and multi-table architecture.
  • Completely scalable design, tested for efficiency on terra-bytes of data.
  • Data and index compression available for higher query throughput.
  • On demand development of implied paths possible.
  • Burst Mode processing for increased performance in a multi-user environment.

Web Platform

  • Pinpoint Web Client is developed using Java, HTML, and other Scripting Languages.
  • The Web Client also uses the most current technologies such as AJAX, SOAP, DHTML, and XML that facilitate report distribution as well as advanced site administration.
  • Pinpoint Web Client also offers state-of-the-art report drill-down capability in the web environment.
  • Often, the analyses of the business requirements make it imperative to develop a Web-Client that works in the browser environment. Since the Pinpoint Server program does not communicate with the client software through the “HTTP” tunnel the Pinpoint Server Program does not implement the HTTP and the TCP/IP protocol.  Hence we use a “web-server” that serves as a middleware between the Web-Client and the Pinpoint Server Program.
  • The Web-Client talks to the Web-Container through an HTTP connection and the Web-Container then talks to the Pinpoint Server (shown below). This type of product architecture and design also fulfills the requirements for the SOA clients.

Microsoft Office Integration/Mobile Device Use/Offline Connectivity

Even though Pinpoint was designed to be fully functional OLAP/BI tool handling all the major functional requirements of the client within Pinpoint, we also recognize the need for Pinpoint to integrate with other commercial systems/services to further enhance the client’s ability to be more productive.  From this point of view Pinpoint has smooth integration capability with many systems using industry standard communication protocols.  Microsoft reporting services is just one of those examples.  Pinpoint offers several different WEB2.0 standard RPC and RPI protocols like REST, JSON and SOAP. Pinpoint has a web 2.0 version for full functionality on any web browser or mobile devices such as iPad, Playbook or Smartphone; a SaaS deployment; and integration of both structured and unstructured data.  For example, we can intelligently parse email or social media and integrate this with your structured corporate data for full scope decision making.

End-users can fully work offline through a module which does not require continuous connection to the server and can be periodically synced. The electronic delivery of reports is normally done through an email that contains a password protected link to each report. Or the email contains a notification to see an updated report on the report’s portal. With Pinpoint’s comprehensive web 2.0 engine users can also access information/these reports over the web using the web-client over any web browser. The web-portals allow the information to be published in the form of web-dashboard.