Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


PHP/MySQL for Enterprise Healthcare Software?

Posted on 2013-06-28
Medium Priority
Last Modified: 2013-10-11
I'm in the process of planning a new Software application for the Healthcare Insurance company industry.

I'm leaning towards PHP/MySQL since there are a lot of php/ajax software scripts that I can easily integrate with.

I know that when dealing with Health Insurance companies, secure patient info is extremely important to them.  Many of their apps are Java and either Oracle or MS SQL.

I'm comfortable with the decision to use PHP/MySQL, but I know that I'll likely have a hard sell, especially in this industry.

I was reading a few older posts about thoughts on php/MySQL as an enterprise software application.


These are a few years old so I'm really curious to what everyone thinks.


Question by:dsg138
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +3
LVL 84

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 400 total points
ID: 39286211
Here's a fairly good discussion.  stackoverflow.com/questions/130869/can-php-handle-enterprise-level-sites-as-well-as-java  It even notes that PHP can have precision problems with artithmetic.

Securing patient info is the law and is almost more important than anything else.  http://www.hhs.gov/ocr/privacy/hipaa/administrative/securityrule/securityruleguidance.html
LVL 49

Assisted Solution

PortletPaul earned 400 total points
ID: 39286227
>>since there are a lot of php/ajax software scripts
mmmm, please read this
many of those things you want to leverage may be out-of-date

>>when dealing with Health ... secure patient info is extremely important to them
literally paranoid would be a closer description (for good reason!)
consider this in the context of "selling your solution" (see next)

>>Many of their apps are Java and either Oracle or MS SQL
your market has declared its preference
introducing a new platform has substantial costs to an enterprise
(not just he 'purchase price' but the skills to maintain, the cost to support and so on)
In my experience, enterprises are seeking to reduce vendors to an absolute minimum - this always favours the 'big and established players'

if you are offering against these, the 'objection will be strong'
if the 'objection is strong' you will have a harder time selling
(and your cost of sale will be higher too)

>>MySQL itself
mmm, hard one, who knows where this will head, but there are already branches and of course extensions - but to an Enterprise this is confusing, confusion makes them nervous - if they are nervous they see risk - if it's an Insurance company they are experts at risk.

Look for:
MariaDB (branch)
Percona (Percona Server, support services)

(you may want to visit Percona btw, there's a calculator there that compares their support services to those of Oracle - this gives you some (small) insight into the enterprise's cost of a different platform)

And, I know I will get flamed for this, but there is still an impression out there that PHP isn't for serious applications (i.e. seen as 'low end'). Add that to some some possible confusion over MySQL.

I am the voice of dissent I guess, but I think I would be looking at J2EE + Oracle/Mssql
LVL 84

Expert Comment

by:Dave Baldwin
ID: 39286244
I forgot to mention that PHP is really intended for use from a web server.  It would be a real stretch to get it running as a desktop app.
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

LVL 80

Expert Comment

ID: 39286247
The front end you are designing can be independent of the backend storage.
There are ways to integrate PHP with MS SQL, Oracle, Mysql, And IBM DBMS.

The main issue that was pointed out earlier deals with HIPAA.
Access to data, logs/record keeping of which user accessed what record, changes.
For an insurance company there are record/claim/etc. which access security/privileges.  
handling claim/eligibility, etc.

If you are creating an actuarial/statistical/expense type of an application that tries using existing data to project future rates/age group.
LVL 111

Assisted Solution

by:Ray Paseur
Ray Paseur earned 400 total points
ID: 39286589
Since this is just a blue-sky discussion and doesn't really require a technical answer, I'll throw out a couple of ideas.  All of Digg, parts of Yahoo and Google, nearly 100% of Facebook are PHP machines.  PHP + MySQL powers literally millions of web sites (all of the WordPress blogs).  If your application is built on a RESTful design, nobody will much care what the underlying technology is made of.  At least, not at first, and by the time they start to care, you will be able to hire an auditing firm to write security audits for them.
LVL 53

Assisted Solution

COBOLdinosaur earned 400 total points
ID: 39286751
Before you start down the road on this I suggest that you first understand the primary protocols for information interchange in healthcare which includes issues around HIPPA.

The widly used and supported standards in Healthcare are dictated by HL7.  See:
For a general description.

Having worked on a number of projects where messaging required HL7 protocols I can assure you it is not an easy implementation even in languages with object packages to support HL7. I have dealt with it in COBOL, c, C++, and JAVA, but I have never seen a PHP implementation and I doubt there is a valid framework for HL7 in PHP.

There is a PEAR alpha version of an API for HL7 messaging but it has not been maintained for 4 years (I don't know if the work stop because there was no demand for the product, or if the task was not doable in PHP).

PHP should be up to the task of parsing H7 messages, but beyond that I am not sure you can meet security requirements.

LVL 80

Expert Comment

ID: 39287005
The interchange is more of a back end operation.  From my reading of the question, the asker is envisioning a front end.  While the data exchange is more of an inter facility consideration.

It should be built from the inside out. database, internal user access/interaction external client/acccess/interaction both require auditing/as well as some proactive access violations.

Author Comment

ID: 39290416
Hi all, thanks for the great feedback.  
You are really helping me to make a good decision.

After reading over HIPPA and PHI, I'm making certain I don't store any of those fields in my DB.  

I'm very happy to hear that large companies like Facebook, Digg, Yahoo and Google are run with PHP.
LVL 80

Accepted Solution

arnold earned 400 total points
ID: 39292026
The issue is not wether you store them in your DB which is required for an insurance firm, the issue is given you have to store it, what are the steps you are taking to mitigate/avoid exposing the data I.e. store the data using DB encryption in columns. Encrypt the data using encryption within php?
The other issue deals with if you use DB level encryption, is the communication channel between the web server and the database server is encrypted thus preventing data observation using snooping.

PHP is a versatile and free/open source in displaying/providing access to information as well as available to run on any platform.

The flexibility it provides deals with access to various databases.
IMHO, database design, architecture, structure is the more important part.
The access to data and the presentation is handled within the PHP code.
Starting from the presentation side, I.e. PHP means that you would try to design/architect a database to much your presentation which may make the DB structure complex and possibly duplicative in some data it stores.

The database starting point has a tendency to make requirements for repetitive/sequential queries.

This is where you need to balance the design/functionality.

Author Closing Comment

ID: 39294908
Thanks everyone.  This was a great discussion.  I greatly appreciate everyone's feedback and giving me the info to make an intelligent decision.

Featured Post

 [eBook] Windows Nano Server

Download this FREE eBook and learn all you need to get started with Windows Nano Server, including deployment options, remote management
and troubleshooting tips and tricks

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . In business circles, we sometimes hear that today is the “age of the customer.” And so it is. Thanks to the enormous advances over the past few years in consumer techno…
In this article, I’ll talk about multi-threaded slave statistics printed in MySQL error log file.
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to dynamically set the form action using jQuery.
Suggested Courses

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question