E-PROCEEDING OF THE 9TH INTERNATIONAL
CONFERENCE ON SOCIAL SCIENCE RESEARCH 2020
E-PROCEEDING OF THE 9TH INTERNATIONAL CONFERENCE ON SOCIAL SCIENCE RESEARCH 2020
(ICSSR 2020). (e-ISBN 978-967-xxxxx-x-x). Malaysia. Organized by https://worldconferences.net Page 1
Mi-HealthCare: MULTI-TENANT HEALTH CARE SYSTEM
Muhammad Awis Jamaluddin Johari (awis.johari@mimos.my), Lee Chee Kiam (ck.lee@mimos.my)
, Muhammad Azlan Shahariman Ahmad, (azlan.ahmad@mimos.my), Muhammad Fuad Mustafa
(fuad.mustafa@mimos.my)
Healthcare and Education Solution, Corporate Technology Division, MIMOS Berhad
Abstract
Multi-tenant architecture, commonly referred to as multitenancy, is a software architecture in which
multiple single instances of software run on a single physical server. The server then serves the software
to multiple tenants. These tenants can be within an organization or different businesses. This
architecture is gaining popularity among software development houses due to its capability to save the
cost of deployment and resources. Besides that, this architecture will give better protection to the system
which means less interaction with the outside world and thus the exposure to malicious software is
reduced. Healthcare domain is chosen as the software as services (SaaS) by the authors since this
domain is infrequently used by other software development houses and also the challenging part is to
understand the model of business in healthcare. Thus, the objective of this paper is to present a system
that uses this architecture to make use of the current technology to healthcare system. This system, from
here and onward will be referred to as Mi-HealthCare.
Keywords: Multitenancy, Health Care System, SaaS Application, Cloud Computing.

E-PROCEEDING OF THE 9TH INTERNATIONAL
CONFERENCE ON SOCIAL SCIENCE RESEARCH 2020
E-PROCEEDING OF THE 9TH INTERNATIONAL CONFERENCE ON SOCIAL SCIENCE RESEARCH 2020
(ICSSR 2020). (e-ISBN 978-967-xxxxx-x-x). Malaysia. Organized by https://worldconferences.net Page 2
Introduction
Software architecture is the most important part during software development process. It serves as a
blueprint for a system. It also provides an abstraction to manage the system complexity and establish a
communication and coordination mechanism among components. The architecture of a system
describes it’s their relationships (structures), major components, and how it’s interacted with each other.
Furthermore, the architecture depends on several contributing factors such as business strategy, quality
attributes, human dynamics, design, and IT environment. For this paper, the authors decide to use multi-
tenant architecture. The business strategy and it’s IT environment will be elaborated on later.
Previously, the authors have produced project (Awis et al., 2019) that have same features as this paper
but using different architecture. From that paper, the authors use hybrid architecture due to the business
strategy, which is depends on stakeholder requirements and IT environment infrastructure defined by
the stakeholders. These include limited access to the internet and outreach visits. This challenged the
authors to come out with new ideas to make the system hybrid. After doing some study on architecture
and the evolution of architecture from the paper (Trilochan & Verma, 2017) they have mentioned that
nowadays evolution is cloud computing technology, becoming an adoptable technology for many of the
organizations with its dynamic scalability and usage of virtualized resources as a service through the
Internet. Before we to go deeper on the multitenant topic, let the authors give a brief on multitenant,
which is one of the options under cloud computing technology. The other subtopic is single tenant.
Figure 1, show the differentiate between single tenant and multitenant.
Single Tenant
Database Server
Customer A Customer B Customer C
Apps Server
Database Server
Multitenant
Customer A Customer B Customer C
Apps Server
Database Server Database Server
Database Server Database Server
Apps Server Apps Server
Figure 1: Single tenant vs Multitenant
Multi-tenancy is a popular option in cloud computing, offering shared tenancy on public cloud services
such as Microsoft Azure, Google Cloud Platform and Amazon Web Services. The advantages of using
multitenant is to align with the project that authors propose which authors listed that the system must
follow the characteristic as below:
1. Lower IT infrastructure
2. Lower costs for computer users
3. Improved performance
4. Increase data safety

E-PROCEEDING OF THE 9TH INTERNATIONAL
CONFERENCE ON SOCIAL SCIENCE RESEARCH 2020
E-PROCEEDING OF THE 9TH INTERNATIONAL CONFERENCE ON SOCIAL SCIENCE RESEARCH 2020
(ICSSR 2020). (e-ISBN 978-967-xxxxx-x-x). Malaysia. Organized by https://worldconferences.net Page 3
5. Backup and recovery
6. Fewer maintenance issue
7. Instant software updates
8. Improved compatibility between Operating systems
9. Performance and Scalability
Mi-HealthCare is SaaS (software-as-a-service) in cloud computing. SaaS is to use the web to deliver
applications that are managed by a third-party vendor and whose interface is accessed on the clients’
side. Most SaaS applications can be run directly from a web browser without any downloads or
installations required, although some require plugins. With SaaS, it’s easy for enterprises to streamline
their maintenance and support, because everything can be managed by vendors: applications, runtime,
data, middleware, OSes, virtualization, servers, storage and networking. Furthermore, the authors have
made decision to use multitenant option for Mi-HealthCare system because the feature that have been
implemented in this system will be used by all the users afterward will be called as tenants. Below is
the list of the features of this system which consists of:
1. Patient Management
2. Queue Management
3. Users and Role Management.
4. Clinical Documentation
5. Prescription
6. Administration
7. Dashboard
8. Integration with Internet of Thing (IoT) devices
9. Licensing at data centre
Figure 2: Patient Management
Figure 2 shows the screenshot of the system using Chrome web browser. The page is about patient
management, tenant able to knowing details about the patient on this page. Other than that, authors also
implement queue management in this system to enable tenant to call patient as shown in Figure 3 below.

E-PROCEEDING OF THE 9TH INTERNATIONAL
CONFERENCE ON SOCIAL SCIENCE RESEARCH 2020
E-PROCEEDING OF THE 9TH INTERNATIONAL CONFERENCE ON SOCIAL SCIENCE RESEARCH 2020
(ICSSR 2020). (e-ISBN 978-967-xxxxx-x-x). Malaysia. Organized by https://worldconferences.net Page 4
Figure 3: Queue Management
Figure 4: Clinical Documentation
Multitenancy Database Design
In a multi-tenant environment, multiple different customers will use the same application, on the same
hardware and with the same storage mechanism. However, the database is either logically or physically
isolated on per tenant or group basis. In general, there are 3 levels of separation:
1. A single, shared database schema
- This approach uses a single database to host data for all tenants. Logical separation is
achieved via storing tenant identifier for each data.
2. Single database, multiple schemas
- This approach divides tenants’ data without having to set up multiple databases. The
tenant identifier is the database schema itself. Each tenant is only granted access to its
own schema to achieve isolation and operates differently.

E-PROCEEDING OF THE 9TH INTERNATIONAL
CONFERENCE ON SOCIAL SCIENCE RESEARCH 2020
E-PROCEEDING OF THE 9TH INTERNATIONAL CONFERENCE ON SOCIAL SCIENCE RESEARCH 2020
(ICSSR 2020). (e-ISBN 978-967-xxxxx-x-x). Malaysia. Organized by https://worldconferences.net Page 5
3. Multiple databases
- A new database is provisioned for each new tenant. With database per tenant approach,
customization for individual tenant is straightforward to be achieved.
In the digital age, more and more personally identifiable information (PII) and personal health
information (PHI) of millions of users are stored outsides of users. A number of regulations and acts
have been introduced. This includes European Union General Data Protection Regulation (GDPR),
United States of America The Health Insurance Portability and Accountability Act (HIPAA) and
Malaysia Personal Data Protection Act (PDPA).
Pseudonymization is a process that allows the user to switch the original data set, for example data
subject’s e-mail or a patient’s National Registration Identity Card (NRIC) Number with an alias or
pseudonym. This pseudonym is often a numeric or alphanumeric identifier, which is usually generated
randomly. Pseudonymization is used in data security to conceal the identity of a person. Sensitive data
can then be stored with the pseudonym and the list of pseudonyms and related personal information is
stored separately. This makes it harder for an attacker to steal the data. Pseudonymization is a reversible
process that de-identifies data but allows the reidentification later on if necessary. This is a well-known
data management technique that is highly recommended by the GDPR as one of the data protection
methods.
On the other hand, anonymization is the irreversible removal of information that could lead to an
individual being identified, either on the basis of the removed information or in combination with other
information. This definition emphasizes that anonymized data must be stripped of any identifiable
information, making it impossible to derive insights on a discreet individual, even by the party that is
responsible for the anonymization. Anonymization is the permanent replacement of sensitive data with
unrelated characters, either using scrambling, generalization or masking techniques. A data once
anonymized, cannot be re-identified.
Pseudonymization makes it easier for data processors to process personal information without the fear
of exposing sensitive data to personnel and employees who should not have access to it. For example,
in Health Information System (HIS) or Clinical Information System (CIS) system, which is considered
as primary database usage, the user of the systems, e.g. health care provider (HCP) like nurse, doctor,
dentist, specialist shall be able to identify the patient to prevent wrong diagnosis which could cause
serious and critical impact to patient. For secondary database usage like data warehouse, statistical or
research purposes, anonymization techniques should be used to protect sensitive PHI and achieve data
privacy.
Virtualization vs Containerization
When using cloud computing, there are two options to improve scalability, reduce overhead costs, and
standardize software deployments across multiple machines and platforms, virtualization and
containerization. The goal of these two options is to host a maximize number of applications per
physical server. Furthermore, satisfying rate of performance, security performance and scalability of
the system need to highlight when using those option. In this section the authors will elaborate more on
which one that will be used for this project and why the authors choose that option for this project.
Virtualization is a technology that can enables a single personal computer (PC), workstation or server
to simultaneously run multiple operating systems or multiple sessions in a single operating system (OS).
In other words, this technology allows multiple OS’s and workloads to run on the same physical
hardware including computer hardware platform, storage device and computer network resources.
There are three type of virtualization which is full virtualization, paravirtualization and hardware
assisted virtualization.

E-PROCEEDING OF THE 9TH INTERNATIONAL
CONFERENCE ON SOCIAL SCIENCE RESEARCH 2020
E-PROCEEDING OF THE 9TH INTERNATIONAL CONFERENCE ON SOCIAL SCIENCE RESEARCH 2020
(ICSSR 2020). (e-ISBN 978-967-xxxxx-x-x). Malaysia. Organized by https://worldconferences.net Page 6
Full virtualization, one or more OSs and the applications they contain are run on top of virtual hardware.
Each instance of an OS and its applications runs in a separate VM called a guest operating system. The
guest OSs on a host are managed by the hypervisor, which controls the flow of instructions between the
guest OSs and the physical hardware, such as control processor unit (CPU), disk storage, memory, and
network interface cards. The hypervisor can partition the system’s resources and isolate the guest OSs
so that each has access to only its own resources, as well as possible access to shared resources such as
files on the host OS. Also, each guest OS can be completely encapsulated, making it portable. Some
hypervisors run on top of another OS, which is known as the host operating system (Scarfone et al.,
n.d.).
Paravirtualization refers to communication between the guest OS and the hypervisor to improve
performance and efficiency. This involves modifying the OS kernel to replace non-virtualizable
instructions with hypercalls that communicate directly with the virtualization layer hypervisor. The
hypervisor also provides hypercall interfaces for other critical kernel operations such as memory
management, interrupt handling and time keeping. Paravirtualization is different from full
virtualization, where the unmodified OS does not know it is virtualized and sensitive OS calls are
trapped using binary translation. The value proposition of paravirtualization is in lower virtualization
overhead, but the performance advantage of paravirtualization over full virtualization can vary greatly
depending on the workload (VMware, n.d.).
Hardware-assisted virtualization is also called native virtualization, accelerated virtualization, or
hardware VM, depending on the vendor. Hardware-assisted virtualization is a technology of
virtualization approach that enables efficient full virtualization using help from hardware capabilities,
primarily from the host processors. This type can reduce the maintenance overhead of paravirtualization
as it reduces (ideally, eliminates) the changes needed in the guest operating system. It is also
considerably easier to obtain better performance. The disadvantages of this type is requires explicit
support in the host CPU, which is not available on all x86/x86_64 processors. To identify the CPU that
use this technology like Intel Virtualization Technology (VT-x) and AMD-V.
From Docker website, container is a standard unit of software that packages up code and all its
dependencies so the application runs quickly and reliably from one computing environment to another.
Containerization is the process of engineering a software architecture using multiple containers.
Containers are becoming more common because they provide many of the isolation benefits of VMs
without as much overhead. Although containers are typically hosted on some version of Linux, they are
beginning to also be hosted on other OSs such as Windows. Containers are being heavily used in Cloud-
hosted applications. Containers are increasingly being used to support the continuous development and
integration (CD/CI) of containerized microservices.
Above is the elaboration and study on fundamental on virtualization and containerization. After doing
some research and study on both options, the author also found paper (Vestman, n.d.) that do the
comparison between containers and virtual machine. On that paper, he concludes that the virtual
machine is the better choice for application where privacy is a higher priority, due to the complete
isolation and abstraction from the rest of physical location. The authors agreed on that statement but the
authors have some characteristics that make containers more suitable for our solution as listed in Table
1.

E-PROCEEDING OF THE 9TH INTERNATIONAL
CONFERENCE ON SOCIAL SCIENCE RESEARCH 2020
E-PROCEEDING OF THE 9TH INTERNATIONAL CONFERENCE ON SOCIAL SCIENCE RESEARCH 2020
(ICSSR 2020). (e-ISBN 978-967-xxxxx-x-x). Malaysia. Organized by https://worldconferences.net Page 7
Characteristic Virtualization Containerization
Number of applications per server Lower Higher
Number of copies of single application One Many
Performance (throughput, not response time) Lower Higher
Readily share resources (devices, services) No Yes
Robustness via failover and restart Not supported Supported
Scalability & load balancing (dynamic deployment) Slower and Harder Faster and easier
Table 1: Mi-HealthCare Characteristics
https://www.armor.com/resources/containerization-the-need-to-know/
Figure 3: Virtualization vs Containerization
Container Orchestration
Container orchestration is all about managing the lifecycles of containers, especially in large, dynamic
environments. It also includes simplifies tasks of building, deploying, and maintaining containers across
servers. Below is the list of tasks that mostly software team use for container orchestration:
1. Provisioning and deployment of containers.
2. Redundancy and availability of containers.
3. Scaling up or removing containers to spread application load evenly across host infrastructure.
4. Movement of containers from one host to another if there is a shortage of resources in a host,
or if a host die.
5. Allocation of resources between containers.
6. External exposure of services running in a container with the outside world.
7. Load balancing of service discovery between containers.
8. Health monitoring of containers and hosts.
9. Configuration of an application in relation to the containers running it.
There are a lot of tools for container orchestration like Kubernetes, Docker Swarm, Mesos Marathon
and many more. But need to clearly understanding on the key features that they provide depending upon
the use case, it will be easier to opt for the best one. In our project the authors have decided after doing
some study on paper (Platform9, 2018) to use Docker Swarm as our orchestrator. The reason why we
chose Docker Swarm is due to the fact that we are using Docker as our containerization. To avoid
conflict during integration, we decide to use same vendor for orchestration. Furthermore, the features
that have in Docker Swarm which is the configuration to have multi-container by using YAML files

E-PROCEEDING OF THE 9TH INTERNATIONAL
CONFERENCE ON SOCIAL SCIENCE RESEARCH 2020
E-PROCEEDING OF THE 9TH INTERNATIONAL CONFERENCE ON SOCIAL SCIENCE RESEARCH 2020
(ICSSR 2020). (e-ISBN 978-967-xxxxx-x-x). Malaysia. Organized by https://worldconferences.net Page 8
only to configure. Then, using these vendors also we can embed health check functionality into their
Docker images using the HEALTHCHECK instruction. Figure 4 is a diagram that show the concept of
container orchestration.
https://devopedia.org/container-orchestration
Figure 4: Concept of Container Orchestration
Conclusion & Future Scope
Mi-HealthCare is a clinical web-based application that use full cloud-based system and use multitenant
architecture to make use of the current technology to healthcare domain. Not limited on that, Mi-
HealthCare has automated deployment and auto-scaling for applications depending on number of users,
number of 3rd
party integration and how much patients visit per day. Mi-HealthCare also has cloud-
based clinic queue management that is able to connect within branches or states using internet. It is fully
developed by open sources, using Java for backend, Angular for frontend and also the PostgreSQL
Server as the database. By using this system, the organization can reduce cost on maintaining hardware
within branches or states. Other than that, the organization can feel more secure that all data that has
been uploaded to cloud, only the authorized person can access and manage it.
This system is currently in development phase using the required features cross the various modules.
For future enhancements which can be carried out include adding dental functionalities to the system,
data exchange between public clinic and private clinic on patient history. Mobile support for patient
related modules will also be an added advantage to support integration with medical devices through
the Internet of Things (IOT)
Pseudonymization and anonymization are two of the pioneering and core techniques to be used on the
forefront of the health data privacy protection. It is relevant and valid for both GDPR and HIPAA.
Although the PDPA states that a data subject has the right to anonymize their personal data, unlike the
GDPR, it does not specifically define anonymized or pseudonymized data. This paper also suggests that
the Malaysian government improves on the coverage of PDPA by introducing pseudonymization and
anonymization.

E-PROCEEDING OF THE 9TH INTERNATIONAL
CONFERENCE ON SOCIAL SCIENCE RESEARCH 2020
E-PROCEEDING OF THE 9TH INTERNATIONAL CONFERENCE ON SOCIAL SCIENCE RESEARCH 2020
(ICSSR 2020). (e-ISBN 978-967-xxxxx-x-x). Malaysia. Organized by https://worldconferences.net Page 9
References
1. Awis, M., Johari, J., Shahariman, M. A., Izyan, N., Faizulnizam, N., & Kiam, L. C. (2019). HYBRID
DENTAL CHARTING SYSTEM (HyDeCS). E-Proceeding Of The 8th International Conference On
Social Science Research 2019 Conference On Social Science Research 2019, 2019(November), 1–
9.
2. Platform9. (2018). Container Management : Kubernetes vs Docker Swarm , Mesos + Marathon ,
Amazon ECS. https://platform9.com/wp-content/uploads/2018/08/kubernetes-comparison-
ebook.pdf
3. Scarfone, K., Hoffman, P., & Hoffman, P. (n.d.). Guide to Security for Full Virtualization
Technologies Recommendations of the National Institute of Standards and Technology.
4. Trilochan, & Verma, A. (2017). Cloud Computing: Evolution and Challenges. International Journal
of Engineering Science and Computing, 7(4), 10197–10200. http://ijesc.org/
5. Vestman, S. (n.d.). Cloud application platform-Virtualization vs Containerization A comparison
between application containers and virtual machines. http://www.diva-
portal.org/smash/get/diva2:1112069/FULLTEXT01.pdf
6. VMware. (n.d.). Understanding Full Virtualization, Paravirtualization, and Hardware Assist. 1–11.
https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/techpaper/VMware_
paravirtualization.pdf