technical_resources.md

Technical Resources

NHS Digital Services Integration

Authentication & Security

• JWT Implementation: Used for NHS API authentication
  • Algorithm: RS512
  • Key Storage: PEM format
  • Token Lifetime: 300 seconds
  • Headers Required:
    • typ: JWT
    • kid: Key ID

SOAP Services

• IHE ITI Profiles Implementation:
  • ITI-47: Patient Demographics Query
  • ITI-38: Cross Gateway Query
  • ITI-39: Cross Gateway Retrieve
• SOAP Headers:
  • Content-Type: application/soap+xml
• Namespaces:
  • SOAP Envelope: http://www.w3.org/2003/05/soap-envelope
  • Addressing: http://www.w3.org/2005/08/addressing
  • ebXML RegRep: urn:oasis:names:tc:ebxml-regrep:xsd:query:3.0
  • IHE XDS.b: urn:ihe:iti:xds-b:2007

GP Connect

• Service Description: GP Connect enables information sharing between different clinical systems
• Documentation: GP Connect Documentation
• Environment URLs:
  • Integration: https://orange.testlab.nhs.uk/
• Headers Required:
  • JWT Token
  • Content-Type
• Authentication: JWT-based

Patient Demographics Service (PDS)

• Service Description: National demographics service
• Documentation: PDS Documentation
• Implementation: FHIR-based REST API
• Authentication: JWT-based

Standards and Specifications

HL7 CCDA

• Standard: Consolidated Clinical Document Architecture
• Documentation: HL7 CCDA Documentation
• Implementation: Custom conversion from FHIR to CCDA

FHIR

• Version: STU3 (for GP Connect compatibility)
• Documentation: FHIR STU3
• Implementation: Used for GP Connect and PDS interactions

IHE ITI

• Profiles Implemented:
  • ITI-47: Patient Demographics Query
  • ITI-38: Cross Gateway Query
  • ITI-39: Cross Gateway Retrieve
• Documentation: IHE ITI Technical Framework

Development Stack

FastAPI

• Usage: Main web framework
• Documentation: FastAPI Documentation
• Key Features Used:
  • Custom routing for SOAP endpoints
  • Request/Response handling
  • Background tasks
  • Logging middleware

Redis

• Usage: Caching and temporary storage
• Documentation: Redis Documentation
• Key Features Used:
  • Key-value storage for documents
  • NHS number to CEID mapping
  • Session management

Python Libraries

• xmltodict: XML parsing and generation
• jwcrypto: JWT key management
• pydantic: Data validation
• fhirclient: FHIR data models

Monitoring & Observability

Prometheus

• Purpose: Metrics collection and storage
• Documentation: Prometheus Docs
• Key Metrics:
  • Request counts
  • Response times
  • Error rates
  • Cache hit/miss rates
  • Resource utilization

Grafana

• Purpose: Metrics visualization and alerting
• Documentation: Grafana Docs
• Features:
  • Custom dashboards
  • Alert management
  • Data exploration
  • Annotation support

ELK Stack

• Purpose: Log aggregation and analysis
• Components:
  • Elasticsearch: Log storage
  • Logstash: Log processing
  • Kibana: Log visualization
• Documentation: Elastic Docs

OpenTelemetry

• Purpose: Distributed tracing
• Documentation: OpenTelemetry Docs
• Features:
  • Request tracing
  • Performance monitoring
  • Error tracking
  • Service dependencies

Testing Tools

Unit Testing

• pytest: Primary testing framework
  • Documentation
  • Test discovery
  • Fixture support
  • Parameterized testing

Integration Testing

• pytest-asyncio: Async test support
• aiohttp: HTTP client testing
• testcontainers: Container-based testing
  • Redis integration tests
  • Service mocking

Performance Testing

• locust: Load testing
  • Documentation
  • Concurrent user simulation
  • Performance metrics
  • Real-time monitoring

Code Quality

• black: Code formatting
• flake8: Style guide enforcement
• mypy: Type checking
• bandit: Security linting

Deployment & Infrastructure

Docker

• Documentation: Docker Docs
• Components:
  • Multi-stage builds
  • Health checks
  • Volume management
  • Network configuration

Docker Compose

• Documentation: Compose Docs
• Features:
  • Service orchestration
  • Environment variables
  • Volume mapping
  • Network setup

Health Checks

• Endpoints:
  • /health/live: Liveness probe
  • /health/ready: Readiness probe
  • /metrics: Prometheus metrics
• Implementation: FastAPI endpoints

Security Tools

JWT Management

• python-jose: JWT implementation
• cryptography: Cryptographic operations
• Key rotation: Automated key management

API Security

• Rate limiting: FastAPI middleware
• Input validation: Pydantic models
• CORS: FastAPI CORS middleware
• Security headers: Custom middleware

Additional Resources

Documentation Tools

• mkdocs: Documentation generation
• OpenAPI: API documentation
• sphinx: Python documentation

Development Tools

• pre-commit: Git hooks
• dependabot: Dependency updates
• renovate: Package management
• git-flow: Version control workflow