Robert Kowalke ~ Enterprise Architecture ~ robert.kowalke@vita.virginia.govRelationship Management & Governance (RM&G) @ Virginia Information Technologies Agency (VITA)

Commonwealth Enterprise Solutions Center (CESC) Architectural Artifacts/Graphs/Views/Matrices/etc. reference page: http://pubs.opengroup.org/architecture/togaf9-doc/arch/chap35.html

PURPOSE: This Fit-for-Purpose view is to identify the OPSS Accenture solution as derived from the 1,050+ pages of 35+ RFP 2016 response documents… whew!

Department of Medical Assistance Services (DMAS) – Medicaid Enterprise System

(MES) Environment OPSS Solution Stack – AWS Hosting Option

DRAFT DOCUMENTREV – 060917

VITA Discussion Document

External CustomersInternal Customers

Reference 1: RFP 2016-02 MCSS OPSS Eval Questions Accenture Response 1-18-2017 Reference 2: ASHS - MCSS Ops Serv RFP No. 2016-02 - Scope of Work Reference 3: APHP Architecture Blueprint_VA_OPSS (Model/View/Graphic document)

SOA Framework to allow interfacing with other systems in a modular, flexible,loosely coupled manner.

APHP – Pre-built Application Stack ProductComponent COTS products delivered on Vmware Virtual Appliances

Enterprise Level Hardening Solutions (Security)

Rules EngineWorkflow Automation and Management

Servers – Active-Active | Load Balancing Configuration

The main purpose of an active-active cluster is to achieve load balancing. Load balancing distributes workloads across all nodes in order to prevent any single node from getting overloaded. Because there are more nodes available to serve, there will also be a marked improvement in throughput and response times. In the event of a failed node, traffic intended for the failed node is either passed onto an existing node or load balanced across any other remaining nodes.

Database Servers – Active-Passive | Asynchronus Replication Primary-Failover

Provides a fully redundant instance of each node, which is only brought online when its associated primary node fails. This configuration typically requires the most extra hardware.

Administration

(Claims – Rules Engine)

Activity

(Enterprise Security – Rules Engine)

Process

(Process and Workflow – Rules Engine)

Enterprise-Wide Rules CategoriesThat Administer the Enterprise-Wide Rules in the APHP Benefit Administration Module

VMware Virtualization

Full HA for Web and App servers.

Active – Active Configuration

Operational Data StoreTintri Storage All Flash Arrays

Operational Data Store (ODS)Provides data to the EDWS/BI platform.

Virtual Appliance Model Infrastructure Solution Technologies for OPSS

Software Defined Networking (SDN) Overlay Technology

Integrated Security Information andEvent Management

Application Layer – Security Auditand Monitoring

Data Layer – Data Monitoring and Access

Infrastructure – Policy Compliance

AWS Network Control Access Lists

APHP Benefit Administration Audit Service

OS Stack

Business Continuity (BC) / Disaster Recovery (DR)Secondary DR Solution

Performs Security Information and Event Management (SIEM) function.

Security FrameworkAudit and Logging Control

Emergency DR Backup Approach

Cisco Unified Computing System (UCS) Compute Platform

Transport Security Layer (TLS) 1.2Encryption

OPSS includes the following business areas:A) Operations Management functionality: Processing payment requests, determining payable amounts, resolving suspended claims, applying mass adjustments and voids, and responding to inquiries for claim payment status. Also addresses the fiscal agent services required to support those processes, including receipt and entry of claims and attachments received via paper, direct data entry by providers, and by electronic transactions compliant with current 837 HIPAA standards. OPSS prepares provider payment information used by the Financial Management contractor to generate remittance advices and payments. OPSS provides a portal to DMAS employees and Contractors with access to needed information and system functionsOPSS includes providing a mailroom to process all applicable incoming and outgoing mail, which includes a comprehensive tracking system to monitor all processed appropriately mail and provide appropriate performance measures.B) Member Eligibility and Enrollment: DMAS maintains a centralized processing center under the Cover Virginia contract. OPSS shall accept, validate, and process real-time VaCMS transactions, including adding members to the MES database and assigning appropriate benefit information. OPSS also processes member disenrollment, record disenrollment reasons, and support inquiries regarding member eligibility. OPSS to provide MediCall, a automated voice response system (AVRS) currently available to DMAS providers as part of Member Eligibility and Enrollment Management even though it provides more than member eligibility information.C) Member Management: Supports the ability to capture, manage, and maintain demographic and eligibility information for individuals eligible for DMAS services. D) Financial Management: Limited to supporting the following business process actions: 1) Manage cost settlement; 2) Prepare Member premium invoice; 3) Manage Member financial participation; 4) Manage capitation payment. Support the Health Insurance Premium Payment (HIPP) program as described in the MITA 3.0 Framework. Support the generation of capitation payments for members enrolled in managed care organizations as part of the Medallion 3.0, Virginia Commonwealth Coordinated Care (CCC), or Managed Long-term Services and Supports (MLTSS) programs.

Tenable Nessus Policy Compliance data connector for the Symantec Control Compliance Suite.

http://static.tenable.com/documentation/Nessus_and_Antivirus.pdf

Additional VITA Hosted Solution Option

Accenture Alternative Hosting OptionDMAS Preferred Hosting Option

Isolated on-shore AWS region designed to host sensitive data and regulated workloads in the secured cloud for supporting Virginia compliance requirements.

Cloud.gov on AWS GovCloud (US) Now FedRAMP Authorized | 23 MAR 2017Cloud.gov, which runs on AWS GovCloud (US) and is built and maintained by GSA’s 18F, an office that helps other

government agencies build, buy, and share technology products, recently received a Provisional Authority to Operate (P-ATO) at the moderate impact level from the FedRAMP Joint Authorization Board (JAB). GovCloud is now the first fully open source FedRAMP solution. https://aws.amazon.com/blogs/publicsector/tag/govcloud/

Standby DR is replicated using SQL AlwaysOn asynchronous replication and can be prepared to take production load within RTO specified time. Web and App servers have full HA (behind the AWS Elastic Load Balancer) and run in Active/Active mode across the two GovCloud Availability Zones. Web and App servers have standby servers at the DR location

Full HA using SQL AlwaysOn availability groups within the two nodes in AWS GovCloud.

Active – Active Configuration

Palo Alto Networks

Virtualized Next-Generation Firewall

Robert Kowalke ~ Enterprise Architecture ~ robert.kowalke@vita.virginia.govRelationship Management & Governance (RM&G) @ Virginia Information Technologies Agency (VITA)

Commonwealth Enterprise Solutions Center (CESC) Architectural Artifacts/Graphs/Views/Matrices/etc. reference page: http://pubs.opengroup.org/architecture/togaf9-doc/arch/chap35.html

PURPOSE: This Fit-for-Purpose view is to identify the OPSS Accenture solution as derived from the 1,050+ pages of 35+ RFP 2016 response documents… whew!

Department of Medical Assistance Services (DMAS) – Medicaid Enterprise

System (MES) Environment OPSS Solution Stack

DRAFT DOCUMENTREV – 060817

VITA Discussion Document

External CustomersInternal Customers

Reference 1: RFP 2016-02 MCSS OPSS Eval Questions Accenture Response 1-18-2017 Reference 2: ASHS - MCSS Ops Serv RFP No. 2016-02 - Scope of Work Reference 3: APHP Architecture Blueprint_VA_OPSS (Model/View/Graphic document)

SOA Framework to allow interfacing with other systems in a modular, flexible,loosely coupled manner.

APHP – Pre-built Application Stack ProductComponent COTS products delivered on Vmware Virtual Appliances

Enterprise Level Hardening Solutions (Security)

Rules EngineWorkflow Automation and Management

Servers – Active-Active | Load Balancing Configuration

The main purpose of an active-active cluster is to achieve load balancing. Load balancing distributes workloads across all nodes in order to prevent any single node from getting overloaded. Because there are more nodes available to serve, there will also be a marked improvement in throughput and response times. In the event of a failed node, traffic intended for the failed node is either passed onto an existing node or load balanced across any other remaining nodes.

Database Servers – Active-Passive | Asynchronus Replication Primary-Failover

Provides a fully redundant instance of each node, which is only brought online when its associated primary node fails. This configuration typically requires the most extra hardware.

Administration

(Claims – Rules Engine)

Activity

(Enterprise Security – Rules Engine)

Process

(Process and Workflow – Rules Engine)

Enterprise-Wide Rules CategoriesThat Administer the Enterprise-Wide Rules in the APHP Benefit Administration Module

VMware Virtualization

Active – Active Configuration

Operational Data StoreTintri Storage All Flash Arrays

Operational Data Store (ODS)Provides data to the EDWS/BI platform.

Active – Passive Configuration

Virtual Appliance Model Infrastructure Solution Technologies for OPSS

Software Defined Networking (SDN) Overlay Technology

Integrated Security Information andEvent Management

Application Layer – Security Auditand Monitoring

Data Layer – Data Monitoring and Access Infrastructure – Policy Compliance

AWS Network Control Access ListsAPHP Benefit Administration Audit Service

OS Stack

Business Continuity (BC) / Disaster Recovery (DR)

Primary DR Solution Secondary DR SolutionSecond Option

Vendor (AWS) Hosted Solution Option

VITA Hosted Solution

Performs Security Information and Event Management (SIEM) function.

Security FrameworkAudit and Logging Control

Emergency DR Backup Approach

Cisco Unified Computing System (UCS) Compute Platform

Transport Security Layer (TLS) 1.2

OPSS includes the following business areas:A) Operations Management functionality: Processing payment requests, determining payable amounts, resolving suspended claims, applying mass adjustments and voids, and responding to inquiries for claim payment status. Also addresses the fiscal agent services required to support those processes, including receipt and entry of claims and attachments received via paper, direct data entry by providers, and by electronic transactions compliant with current 837 HIPAA standards. OPSS prepares provider payment information used by the Financial Management contractor to generate remittance advices and payments. OPSS provides a portal to DMAS employees and Contractors with access to needed information and system functionsOPSS includes providing a mailroom to process all applicable incoming and outgoing mail, which includes a comprehensive tracking system to monitor all processed appropriately mail and provide appropriate performance measures.B) Member Eligibility and Enrollment: DMAS maintains a centralized processing center under the Cover Virginia contract. OPSS shall accept, validate, and process real-time VaCMS transactions, including adding members to the MES database and assigning appropriate benefit information. OPSS also processes member disenrollment, record disenrollment reasons, and support inquiries regarding member eligibility. OPSS to provide MediCall, a automated voice response system (AVRS) currently available to DMAS providers as part of Member Eligibility and Enrollment Management even though it provides more than member eligibility information.C) Member Management: Supports the ability to capture, manage, and maintain demographic and eligibility information for individuals eligible for DMAS services. D) Financial Management: Limited to supporting the following business process actions: 1) Manage cost settlement; 2) Prepare Member premium invoice; 3) Manage Member financial participation; 4) Manage capitation payment. Support the Health Insurance Premium Payment (HIPP) program as described in the MITA 3.0 Framework. Support the generation of capitation payments for members enrolled in managed care organizations as part of the Medallion 3.0, Virginia Commonwealth Coordinated Care (CCC), or Managed Long-term Services and Supports (MLTSS) programs.

Tenable Nessus Policy Compliance data connector for the Symantec Control Compliance Suite.http://static.tenable.com/documentation/Nessus_and_Antivirus.pdf