CCOW

CCOW or Clinical Context Object Workgroup is a HL7 standard protocol designed to enable disparate applications to synchronize in real-time, and at the user-interface level. It is vendor independent and allows applications to present information at the desktop and/or portal level in a unified way.

CCOW is the primary standard protocol in healthcare to facilitate a process called "Context Management." Context Management is the process of using particular "subjects" of interest (e.g., user, patient, clinical encounter, charge item, etc.) to 'virtually' link disparate applications so that the end-user sees them operate in a unified, cohesive way.

Context Management can be utilized for both CCOW and non-CCOW compliant applications. The CCOW standard exists to facilitate a more robust, and near "plug-and-play" interoperability across disparate applications.

Context Management is often combined with Single Sign On applications in the healthcare environment, but the two are discrete functions. Single Sign On is the process that enables the secure access of disparate applications by a user through use of a single authenticated identifier and password. Context Management augments this by then enabling the user to identify subjects once (e.g., a patient) and have all disparate systems into which the user is granted access to "tune" to this patient simultaneously. As the user further identifies particular "subjects" of interest (e.g., a particular visit), those applications containing information about the selected subject will then automatically and seamlessly to the user "tune" to that information as well. The end result for the user is an aggregated view of all patient information across disparate applications.

Use of Context Management, facilitated by CCOW or non-CCOW compliant applications, is valuable for both client-server, and web-based applications. Furthermore, a fully robust Context Manager will enable use for both client-server and web-based applications on a single desktop / kiosk, allowing the user to utilize both types of applications in a "context aware" session.

CCOW works for both client-server and web-based applications. The acronym CCOW stands for "Clinical Context Object Workgroup", a reference to the standards committee within the HL7 group that developed the standard.

Purpose
The goal of CCOW is seemingly simple, but its implementation is rather complex. CCOW is designed to communicate the name of the active user between various programs on the same machine. The user should only need to log into one application, and the other applications running on the machine will “know” who is logged in. There are a great deal of exceptions and circumstances that make this scenario far more difficult than it appears.

In order to accomplish this task, every CCOW compliant application on the machine must login to a central CCOW server called a Vault. The application sends an encrypted application passcode to verify its identity. Once the application is verified, it may change the active user (also called the “context”) on the machine. Each CCOW application also has an application “name” for which there can only be one instance. There is no correct application name (the passcode identifies which application is logging in). There may be multiple instances of the CCOW application connected to the CCOW vault from the same computer, however they must have different names. One name might be “I like HHAM”, while the other might be “I like CCOW”. The names are completely arbitrary.

After the application authenticates itself with the CCOW vault, the applications are ready to communicate the context (a.k.a the active user). Here would be a step-by-step example of a CCOW exchange…

1.	The computer boots up and the medical applications load.

2.	Each application logs into CCOW using its secret passcode (and unique application name).

3.	The compliant application displays a login prompt, and the user logs in as “Mary Jane”.

4.	Mary Jane has a “CCOW ID”. Let us assume that her CCOW ID is “MJane”.

5.	The compliant application notifies the CCOW vault that “MJane” is now logged in.

6.	Once CCOW verifies that “MJane” is a valid CCOW user, the vault notifies all the other applications that “MJane” is logged in.

7.	All of the other applications realize that the CCOW ID “MJane” is referring to “Mary Jane” (because they have been configured as such). They login “Mary Jane” automatically.

8.	The transaction is complete. All of the applications running on the machine have been automatically logged in as “Mary Jane”.

The purpose of the application passcode is to verify that no unauthorized applications can “hack” into CCOW and change the active user (thereby allowing unauthorized access to medical records).