The OMOP Research Laboratory is a secure, interactive computing environment available to OMOP researchers facilitating the programming and management of a large library of analytical methods, a robust database environment to query and transform very large data sets for analysis, and a computational environment to test and analyze the performance of these methods. The OMOP Research Lab includes all processes and mechanisms for collecting and visualization of method produced results.
Technology behind the OMOP Research Lab
The OMOP Cloud Research Lab is based on Amazon.com's Elastic Cloud Computing (EC2) technology. This technology allows users to create and use virtual computers (called instances) based on predefined configurations (called machine images) on which to run their own research applications. The images contain all necessary computing environments (SAS, R, C++, Perl etc.). Observational data that OMOP acquired for its research purposes is maintained in an encrypted form in the cloud storage. These datasets are attached to the instances during the initialization process. Using cloud computing allows reducing the time required to obtain and quickly scale capacity, both up and down, as the computing requirements of a researcher changes.
Depending on the need, the following virtual machines are available:
Within the instances, the observational data are available as SAS datasets. In addition, data are stored in an Oracle database for maintenance and access to non-SAS tools. Users interact with the system in two ways:
1. Provisioning of virtual machine RL instances using the RL Web Application. The RL Launcher (RL Web App) is an EC2-hosted web application developed by OMOP. User authentication and budget management is also handled through this website. The picture below shows user access to the Research Lab Instances.
2. Users logon to the RL instances provisioned to them. Storage is automatically attached to the instantiated instances containing the observational data and providing additional workspace for the research as required. Each user also has a permanent storage that is attached to each new instance belonging to this user. Only users with the appropriate security credentials get access to the instances, and no other staff (Amazon, OMOP) can be in possession of the keys.
OMOP is committed to effective protection of the sensitive health information from large-scale observational healthcare data obtained for OMOP research. Though these data do not contain direct Electronic Protected Health Information (ePHI), the RL was designed with the possibility to handle such data. In addition, OMOP needs to safeguard derivable Personal Identifiable Information (PII) which could lead to ePHI and privacy compliance issues unless proper protective measures are applied. OMOP has developed a comprehensive set of security policies and infrastructure to address these security issues.