CCOW

In the context of health informatics, CCOW (pr /seacow/) or Clinical Context Object Workgroup is a Health Level Seven International standard protocol designed to enable disparate applications to synchronize in real time, and at the user-interface level. It is vendor independent and allows applications to present information at the desktop and portal level in a unified way.

CCOW is the primary standard protocol in healthcare to facilitate a process called "context management". Context management is the process of using particular "subjects" of interest (e.g., user, patient, clinical encounter, charge item, etc.) to virtually link disparate applications so that the end-user sees them operate in a unified, cohesive way.

Context management can be utilized for both CCOW and non-CCOW compliant applications. The CCOW standard exists to facilitate a more robust, and near "plug-and-play" interoperability across disparate applications.

Context management is often combined with single sign-on applications in the healthcare environment, but the two are discrete functions. Single sign-on is the process that enables the secure access of disparate applications by a user through use of a single authenticated identifier and password. Context management augments this by then enabling the user to identify subjects once (e.g., a patient) and have all disparate systems into which the user is granted access to "tune" to this patient simultaneously. As the user further identifies particular "subjects" of interest (e.g., a particular visit), those applications containing information about the selected subject will then automatically and seamlessly to the user "tune" to that information as well. The end result for the user is an aggregated view of all patient information across disparate applications.

Use of context management, facilitated by CCOW or non-CCOW compliant applications, is valuable for both client-server, and web-based applications. Furthermore, a fully robust context manager will enable use for both client-server and web-based applications on a single desktop / kiosk, allowing the user to utilize both types of applications in a "context aware" session.

Purpose
The goal of CCOW is seemingly simple, but its implementation is rather complex. CCOW is designed to communicate the name of the active user between various programs on the same machine. The user should only need to log into one application, and the other applications running on the machine will "know" who is logged in. There are a great deal of exceptions and circumstances that make this scenario far more difficult than it appears.

In order to accomplish this task, every CCOW compliant application on the machine must log into a central CCOW server called a Vault. The application sends an encrypted application passcode to verify its identity. Once the application is verified, it may change the active user (also called the "context") on the machine. Each CCOW application also has an application "name" for which there can only be one instance. There is no correct application name (the passcode identifies which application is logging in). There may be multiple instances of the CCOW application connected to the CCOW vault from the same computer. However, they must have different names. One name might be "I like HHAM", while the other might be "I like CCOW". The names are completely arbitrary.

After the application authenticates itself with the CCOW vault, the applications are ready to communicate the context (a.k.a. the active user). Here would be a step-by-step example of a CCOW exchange:


 * 1) The computer boots up and the medical applications load.
 * 2) Each application logs into CCOW using its secret passcode (and unique application name).
 * 3) The compliant application displays a login prompt, and the user logs in as "Mary Jane".
 * 4) Mary Jane has a "CCOW ID". Let us assume that her CCOW ID is "MJane".
 * 5) The compliant application notifies the CCOW vault that "MJane" is now logged in.
 * 6) Once CCOW verifies that "MJane" is a valid CCOW user, the vault notifies all the other applications that "MJane" is logged in.
 * 7) All of the other applications realize that the CCOW ID "MJane" is referring to "Mary Jane" (because they have been configured as such). They log in "Mary Jane" automatically.
 * 8) The transaction is complete.  All of the applications running on the machine have been automatically logged in as "Mary Jane".

The purpose of the application passcode is to verify that no unauthorized applications can "hack" into CCOW and change the active user (thereby allowing unauthorized access to medical records).

Status

 * The HL7 CCOW work group was merged into the Infrastructure and Messaging work group in 2010.
 * The most recent version of the HL7 Context Management (CcOW) Specification, Version 1.6 was balloted as a normative standard in October 2017.