System Architecture for Healthcare Information Systems


The system architecture is designed to support all HIS applications discussed earlier and achieve the following objectives:

  1. Allow data communications between all applications and users of the entire system.
  2. Ensure quick response to requests and completion of transactions (fast system performance)
  3. Ensure business continuity (almost 100% up-time through sufficient redundancy and system back-up)
  4. Fully recovery from a disaster (system may be re-built from back-up of data, system configuration and restoration of applications)
  5. Storage capacity capable of containing migrated previous data and new data for the next 5 years.
  6. Scalability server-storage system hardware that is vendor independent


The information system for a single hospital is best built around a Multi-tiered Client-Server Local Area Network (LAN) architecture. By this, it is meant that users enter and retrieve data using clients i.e. computers with display monitors and data input devices such as keyboard and mouse, obtain various applications software from the Application server and store the data via the Storage server into Storage devices (hard disks). All the tiers are linked through a network consisting of cables joined by switches and routers. Part of the network can also be wireless. A typical HIS System Architecture implementation is shown below:

Typical HIS System Architecture

  • A sufficiently fast processor
  • Sufficient ready access memory (RAM) to retain data temporarily while being viewed or entered
  • A display monitor for viewing both applications and data.
  • Data input tools such keyboard, bar-code reader and image scanners and pointing devices e.g. mouse
  • A front end Operating system (OS) that allow all the above hardware to function and to facilitate interaction with the server
  • Video/graphic cards for locations where complex images are used

Generally, for clients, Desktop and Laptop/Tablet PCs with high end CPUs and sizeable memory are preferred. These can be used either as thick and thin clients or a hybrid. They are attached to the network through suitable cables and wireless connections.
For a thick client installation, client computers with fast CPUs and sizeable RAM memory is required. They are loaded fully or partially with Applications software.
In a thin client approach, the client is loaded only with a browser. The Applications are retrieved from the Applications server as and when they are needed. Lower end CPUs may be used and less RAM memory is required. However, in a HIS set-up, the hardware usually used as thin clients (low end computer with little processing power and memory) is not suitable because of the need to present images and graphs. Instead PCs are more appropriate.Each client can be used for a multitude of clinical and managerial (office automation, e-mail) applications and also as Image viewers. The operating system (OS) for the front end (presentation logic) must cater for all these applications. It should also support user interfaces (GUIs) that satisfies user needs.
The system may adopt web technology within the local area network. A web client may be used to host the browser just like thin clients. If a care provider requires access to HIS via clients at locations outside of the hospital such as from home or another hospital / clinic, then it should be connected to the hospital’s LAN through a secure network such as Virtual Private Network (VPN).SERVERSIn a comprehensive integrated HIS, the server-storage system need to cater to both the managerial applications as well as the patient care applications. Because a hospital functions 24 hours a day, and everyday for 365 days a year, the system should not fail. Currently an uptime of 99.9% is the standard aimed for. To achieve this there should be duplication of the means to make applications available and to ensure that data can be saved and retrieved without interruption. This translates into the provision of more than one location where each application resides and where data is stored. The ability for the system to function if one part fails is termed as redundancy.In patient care, at any given time there are numerous users of the system causing heavy data traffic. Both the applications and database servers must have sufficient processing power and memory to deal with requests. The data required at anytime is usually great and a large amount of data accumulates over time. The storage device must have a large storage space and also able to accept and release data efficiently.Besides being used for day to day operations, a complete system need to cater for other functions. Therefore copies of applications and systems need to be provided for other important uses. The alternative versions of clinical applications and separate databases are  often called ‘domains’. These usually include:

  1. Production or Operations Domain
  2. Analytical Domain
  3. Build or Test Domain
  4. Train Domain

The Operations Domain cater for day to day use where the data is actual and in real-time. The Analytical Domain allow actual but not necessarily real-time data to be analyzed to produce reports. The Build/test Domain contains a version of the applications often different from that of the operations environment. It may contain fabricated data. The Train Domain contains the same software version as the Operations Domain but only fictitious/fabricated data. Despite the many domains and versions, these do not necessarily mean that separate server-storage hardware are required.


Servers cater for requests from users to:

  • use an application or a part of it
  • input or retrieve data

The Applications server(s) contains all Applications software and provides whatever applications the user wish to use. It integrates with the data storage function via the Storage (Database) server. Traditionally, the Managerial applications and the Clinical Applications use separate servers and storage systems. Together with the need for duplication, this may result in the provision of many physical servers and storage systems.The use of virtualization technology can reduce the number of physical servers. A cluster of physical servers (minimal two) may be used. Each physical server will house many virtual servers.
The Applications server hosts all the Applications software if the thin client approach is used. However, if PCs are used a portion may reside in the client computer.System Software / Operating System for the Server(yet to be written)


Database ServerDatabase/Storage servers control data input and output from storage devices such as Storage Area Network (SAN storage) or Network Area Storage (NAS). The software that defines the structure and content of the database is the Database Management System (DBMS). This can be of the relational, hierarchical or object-oriented types. The database server itself and the DBMS requires an appropriate system software (OS).Data Storage DeviceCurrently, the hardware that holds the data is a set of hard-disks (disk array). Magnetic tapes (tape library) are used mainly to archive data as back-up.NETWORK (Cables & Wireless)Hardware components of the various tiers of HIS are linked through a network (both cables and wireless). The network need to have the following features:

  • Sufficient bandwidth corresponding to volume of data that will traverse through two points to be connected.
  • Redundancy to ensure an alternative passage of data if one route is impassible
HIS Network

One way is to provide two single mode fibre optic cable as backbone, one on each side of the hospital.
The diameter (typically 9/125 micrometer) and structure of each cable determines the speed of data transmission (band-width) which is measured in quantity of data per unit time (e.g. bits/sec). Core cables capable of delivering at the speed of 10 Gigabits per second are standard. The backbone is extended at the access level, with multimode cables consisting of four-core (50/125 micrometer) cables capable of delivering at the speed of 10 / 100 / 1000 megabits per second.
The network architecture can be designed as depicted below:System Management Software
Domain ControllerIn the HIS system as described here, the domain controller (DC) enables the user to access the right ‘domain’ or version of the application or the database i.e.:a. Production or Operations Domain
b. Analytical Domain
c. Build or Test Domain
d. Train DomainThe right of access to a domain is determined by setting privileges. The controller authenticates the user (by username and password). If the MS Windows OS is used then the main part of the controller is the  Active Directory. Users are given access to the domain that corresponds to the nature of work to be performed. During training for example the system should be set so that users are directed to the Train Domain. When performing data analysis on historical data then the user uses the Analytical Domain.(this section yet to be edited)Active Directory is, at its heart, a database management system. This database can be replicated amongst an arbitrary number of server computers (called Domain Controllers) in a multi-master manner (meaning that changes can be made to each independent copy, and eventually they’ll be replicated to all the other copies).The Active Directory database in an enterprise can be broken up into units of replication called “Domains”. The system of replication between server computers can be configured in a very flexible manner to permit replication even in the face of failures of connectivity between domain controller computers, and to replicate efficiently between locations that might be connected with low-bandwidth WAN connectivity.Windows uses the Active Directory as a repository for configuration information. Chief amongst these uses is the storage of user logon credentials (usernames / password hashes) such that computers can be configured to refer to this database to provide a centralized single sign-on capability for large numbers of machines (called “members” of the “Domain”).Permissions to access resources hosted by servers that are members of an Active Directory domain can be controlled through explicit naming of user accounts from the Active Directory domain in permissions called Access Control Lists (ACLs), or by creating logical groupings of user accounts into Security Groups. The information about the names and membership of these security groups are stored in the Active Directory.The Domain controller may reside on a separate computer (stand-alone) or within the main server but it would be the intermediary between the front end and the server.

Domain Control
System Manager

(this section is to be edited)

A domain is created strictly for IT management purposes. No access is given to HIS patient data. Access to sensitive information such as configurations of different devices in (servers, applications, network devices, storage devices), access credentials, SNMP settings and Access control list will be strictly controlled using suite of Network Management System consisting of Network Configuration Manager, Storage Manager, Virtualization Manager etc. (e,g SolarWinds or ManageEngine)). Privilege will be segregated based on job category and individual person. System Administrator staff Roles, Permissions, and Activity Tracking available in the same application will be used to protect against unauthorized network configuration changes and ensures compliance with regulations, such as HIPAA and PCI with our change management software. Authentication of administrators and users will be collected from a domain which is strictly used for IT purposes.

This article is in complete and in the process being written

4 thoughts on “System Architecture for Healthcare Information Systems”

  1. Hello Dr. Salleh. Thank you for the comprehensive work. Can you please provide some information about connecting a typical HIS System to the cloud and explain the security measures that need to be taken into consideration? (Perhaps with a diagram). Thank you.


Leave a Comment

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: