Purpose
For the first release of the new FormularyComplete, regulation of access to the content is intended to mirror the access levels familiar from the legacy system as closely as possible — though the content will now sit on a website outside the customer's private network, instead of being installed on an internal web server.
The three levels of content access in both the legacy and new systems are:
(1) Summary view — list of medicines included in the local formulary and their status: free public access (if the formulary report is published)
(2) Basic use — full read access to all formulary content: login-free access from any computer terminal on the customer's internal network
(3) Admin use — access to amend the content and/or configure local settings: username plus password access from a desktop computer on the customer's internal network, with three roles (Editor, Publisher and Administrator)
The move to the cloud brings the challenge of distinguishing, from a location outside a customer's protected internal network, computer terminals that are inside it from all which are not. This is essential not only to ensure that authorized users alone can access the full content but also to bring up their own organization's formulary when they connect to the website.
IP address authentication option
The straightforward way of identifying the origin of internet connections is their public internet protocol (IP) address. Most large organizations have their own public IP address ranges, which are clearly assigned to them, and when a computer on their network connects to the public internet, it will use one of those addresses. However, exceptions to this scenario are proliferating. Private individuals and small businesses that do not publish on the internet have long relied on "dynamic" IP addresses that their service provider continually reallocates. Larger business organizations may choose nowadays to contract out maintenance of their IT systems to suppliers who are the actual owners of the IP addresses that they provide as part of their service.
Of specific importance here is that the National Health Service has its own national high-speed network, N3 (but in due course to be replaced by the HSCN). When a computer connects to the internet over N3, the router at the gateway from N3 to the public internet substitutes the computer's internal network address with a public address allotted for the connection. The public addresses in the available pool are not reserved for the use of any individual NHS trust or CCG in a way that would identify a FormularyComplete customer.
Deciding whether IP address authentication is suitable
The managers of your internal IT network will need to determine whether you can use the IP address option. For this, they need to take into account that the Royal Pharmaceutical Society is not a part of the NHS, and so FormularyComplete itself is not on the N3 network.
If all your connections to www.formularycomplete.com (on the public internet) can be routed out by your IT department via an IP address that you own, that would be ideal.
Alternatively, if all your connections to the public internet go out anyway via IP addresses that you own, for us to record those addresses is also likely to be a good solution.
However, while we can record more than one address or range for you, a single public IP address can front hundreds of PCs, and an IP range may comprise hundreds of IP addresses, and so the details of what they represent should be double-checked.
IP address authentication is not applicable:
- To private IP addresses (see https://en.wikipedia.org/wiki/Private_network)
Public IP addresses are not suitable:
- If they are subject to substitution by your internet services provider
- If some of the computers that may be routed through them belong to partner/sister/associate or unrelated organizations served by the same internet services provider but who are not FormularyComplete customers, or who are FormularyComplete customers but have a separate formulary
Public IP address ranges are not suitable:
- If parts of the range may be shared, so that some of the addresses it comprises may be usable by partner/sister/associate or unrelated organizations
IP address authentication is not likely to be suitable:
- If some of your internal users have no way of using the only suitable IP addresses you have
Referrer URL option
In this alternative access method (see https://en.wikipedia.org/wiki/HTTP_referer) you must have a web page in which you place a link to www.formularycomplete.com. In order to provide a measure of security, the page must be accessible only on your internal network.
This is the fallback option because it means that your FormularyComplete users must start from a web page on your intranet — i.e. will introduce an extra initial click into the access procedure.
Session preservation
Where IP authentication is used, basic user connections should not time out provided that the IP address of the connection does not change.
Where referrer URL authentication is used, the maintenance of basic user connections depends on the browser to retain the session cookie. Browsers generally keep session cookies for long enough that intermittent use of FormularyComplete during a day should not require reactivation of the referrer link.
Sessions for admin logins also depend on the browser for how long it will keep the cookie. Browsers might discard the cookie when the user closes the window or after a time period.
Comments
2 comments
We are looking to set up the referrer URL approach from our Intranet site to the new Formulary website. Hypothetically, could we edit the website on our internal server hosting the current Formulary to point to the remote site somehow, if our referrer solution takes time to set up please?
Thank you for the comment - several other customers have been asking this too.
We're fairly sure that our FormularyComplete customers have an intranet because the legacy product was built for deployment over an internal network, but admittedly we've rather assumed that they would, in that case, have an internal staff communications website too. A page on an internal website that's commonly visited by doctors, nurses and pharmacists - maybe the home page - would be the ideal location for placing the link to https://www.formularycomplete.com.
If you don't have such an internal web page readily available, or readily accessible to make a small edit, the legacy FC installation certainly fulfils the technical requirements for hosting the link, but there are some caveats!
- It could only be a temporary stopgap, because the legacy platform will be out of support and it would make no sense to retain an internal server running old software purely in order to connect to the cloud.
- While you're in the process of transferring your locally added information from old to new, you will probably want to be sure that your users don't consult drug records on the new, unfinished site because they might miss important guidance. You would need to make clear that the link was not to be used by prescribers in the meantime (except possibly to view the new interactions data).
When it comes to setting up a referrer link, points to bear in mind include:
- The link must be on a web page: unfortunately, activating a link contained in a file does not pass to us the address of the page you're on
- The address of the page that has the link on it enables your access to your full formulary data, and so it has to be on an internal staff website; it must not be on a publicly accessible site
- You need to tell us the precise address of your web page to enter at our end as your "referrer URL". If you make a second, temporary link on your chosen page to https://www.formularycomplete.com/myip, you can click it to check the exact referrer.
Please sign in to leave a comment.