openevidence-deploy-integration

OpenEvidence Deploy Integration

Overview

Deploy a containerized OpenEvidence clinical evidence integration service with Docker. This skill covers building a HIPAA-conscious production image that connects to the OpenEvidence API for querying clinical evidence, retrieving medical literature summaries, and validating treatment recommendations. Includes environment configuration with audit logging and data-at-rest encryption flags, health checks that verify API connectivity without exposing PHI, and rolling update strategies that maintain service availability during critical clinical query periods.

Docker Configuration

FROM node:20-slim AS builder
WORKDIR /app
COPY package*.json ./
RUN npm ci
COPY tsconfig.json ./
COPY src/ ./src/
RUN npm run build

FROM node:20-slim
RUN addgroup --system app && adduser --system --ingroup app app
WORKDIR /app
COPY --from=builder /app/dist ./dist
COPY --from=builder /app/node_modules ./node_modules
COPY package*.json ./
RUN mkdir -p /app/audit-logs && chown app:app /app/audit-logs
USER app
EXPOSE 3000
HEALTHCHECK --interval=30s --timeout=5s --retries=3 \
  CMD curl -f http://localhost:3000/health || exit 1
CMD ["node", "dist/index.js"]

Environment Variables

export OPENEVIDENCE_API_KEY="oe_live_xxxxxxxxxxxx"
export OPENEVIDENCE_BASE_URL="https://api.openevidence.com/v1"
export OPENEVIDENCE_ORG_ID="org_xxxxxxxxxxxx"
export HIPAA_AUDIT_LOG="true"
export HIPAA_ENCRYPT_AT_REST="true"
export LOG_LEVEL="info"
export PORT="3000"
export NODE_ENV="production"

Health Check Endpoint

import express from 'express';

const app = express();

app.get('/health', async (req, res) => {
  try {
    const response = await fetch(`${process.env.OPENEVIDENCE_BASE_URL}/status`, {
      headers: { 'Authorization': `Bearer ${process.env.OPENEVIDENCE_API_KEY}` },
    });
    if (!response.ok) throw new Error(`OpenEvidence API returned ${response.status}`);
    // Health response must not contain PHI or query content
    res.json({ status: 'healthy', service: 'openevidence-integration', audit: process.env.HIPAA_AUDIT_LOG === 'true', timestamp: new Date().toISOString() });
  } catch (error) {
    res.status(503).json({ status: 'unhealthy', error: (error as Error).message });
  }
});

Deployment Steps

Step 1: Build

docker build -t openevidence-integration:latest .

Step 2: Run

docker run -d --name openevidence-integration \
  -p 3000:3000 \
  -v /var/log/openevidence:/app/audit-logs \
  -e OPENEVIDENCE_API_KEY -e OPENEVIDENCE_BASE_URL -e OPENEVIDENCE_ORG_ID \
  -e HIPAA_AUDIT_LOG=true -e HIPAA_ENCRYPT_AT_REST=true \
  openevidence-integration:latest

Step 3: Verify

curl -s http://localhost:3000/health | jq .

Step 4: Rolling Update

docker build -t openevidence-integration:v2 . && \
docker stop openevidence-integration && \
docker rm openevidence-integration && \
docker run -d --name openevidence-integration -p 3000:3000 \
  -v /var/log/openevidence:/app/audit-logs \
  -e OPENEVIDENCE_API_KEY -e OPENEVIDENCE_BASE_URL -e OPENEVIDENCE_ORG_ID \
  -e HIPAA_AUDIT_LOG=true -e HIPAA_ENCRYPT_AT_REST=true \
  openevidence-integration:v2

Error Handling

Issue	Cause	Fix
401 Unauthorized	Invalid or expired API key	Regenerate key in OpenEvidence admin portal
403 Forbidden	Organization access denied	Verify OPENEVIDENCE_ORG_ID matches API key scope
404 Not Found	Evidence query endpoint unavailable	Check API version and endpoint path
429 Rate Limited	Exceeding clinical query rate limits	Implement backoff; cache evidence responses
Audit log not writing	Volume mount missing or permissions	Verify /var/log/openevidence exists and is writable

Resources

• OpenEvidence Platform

Next Steps

See openevidence-webhooks-events.