Production Environment (Prod)
Purpose and Characteristics
The Production environment is the live operational system where actual patient care activities occur. For OpenMRS community infrastructure, the http://demo.openmrs.org server serves as a stable production demonstration environment, though implementers maintain their own production instances at healthcare facilities.
● Key Features:
○ Contains real patient data requiring strict regulatory compliance (HIPAA, GDPR)
○ Requires maximum stability, security, and availability
○ Changes follow strict change management protocols
○ Comprehensive backup procedures are mandatory
○ Must meet defined service level agreements (SLAs)
○ 24/7 monitoring for availability, performance, and security
○ Only thoroughly tested and approved code is deployed
Security and Compliance
According to the OpenMRS Comprehensive Security Implementation Guide, production environments face the broadest attack surface and require extensive security controls:
● Network Security:
○ Network segmentation and firewall protection
○ VPN for remote access
○ Vulnerability assessment and penetration testing (VAPT)
○ Continuous network and application monitoring
● Access Control:
○ Role-based access control (RBAC)
○ Multi-factor authentication where required
○ Comprehensive audit logging of all access
○ User device security monitoring
● Data Protection:
○ Encryption at rest and in transit
○ Regular automated backups with tested restore procedures
○ Data integrity monitoring
○ Disaster recovery planning
Operational Requirements
● High-availability configurations with redundancy
● Performance monitoring and optimization
● Capacity planning for system growth
● Incident response procedures
● Change management and approval workflows
● Scheduled maintenance windows with user notification
● Key Users:
○ All clinical and administrative staff providing patient care
○ Healthcare facility operations teams
○ Patients (in some implementations with patient portals)