An interopiO Environment acts as a grouping of components.  Each interopiO component (Data Adapters, Apps, Gateways, etc.) live inside an environment and may interact with components from that same environment, but not with components outside that environment. For example, a data adapter may be configured for use in any gateway created in the same environment, but cannot be used by a gateway outside of it.

Users may decide to create environments for various reasons:

• Separation of PHI components from non-PHI components
• Distinguish between development, testing, staging, production components
• Create temporary or permanent sandbox environments for training and prototyping

Indicating If an Environment Contains PHI

When creating an environment you will be asked to indicate if it will contain PHI or not. This is used to enforce various security practices and ensure the requirements of the HIPAA Security Rule are met.  Enforcing these security practices can be expensive and can also be inconvenient when testing, so we allow the creation of non PHI environments for convenience.

Once the environment is created, this setting cannot be changed.

Environment Permissions

Environment permissions are managed at the account level by a user with an Owner role.  Users wiht an Owner role can view all environments, while users without the Owner role may be assigned the environment permission 'None', 'Analytics' or 'Admin' for each environment individually.  By default, a user without an Owner role has an environment permission of 'None' for each environment.

• None - The user cannot view or interact with this environment
• Analytics - The user can view all settings on this environment, but cannot change them.  A user has aggregate-level view of usage and transactions but is not able to see the details of individual log statements or individual transactions.  It is the intention of the Analytics role to provide users access to an interopiO Environment without being exposed to PHI.  However it should be noted that interopiO does not de-identify PHI for the purposes of analytics but instead, removes detailed reports that often contain PHI from an Analytics user.
• Admin - The user can read and write all settings on this environment.  An Admin user can view all log statements, all usage reports, and all transaction reports (including request-response logging) including those reports that are likely to contain PHI.

Environment ID

The environment ID must meet the following requirements:

• must be at least one character in length

• must start with a letter and end with a letter or a number

• can only contain: lower case letters of the English alphabet, numbers (0-9), hyphen/minus sign (-)

• may not be any of the following: "app", "apps", "auth", "cdn", "cdr", "cdrs", "cds", "dstu2", "env", "etl", "fhir", "msg", "r4", "status", "stu3", "zipkin"