Community Source Software: If You Build It, They Will Join
The Utah Department of Health has enlisted the Collaborative Software Initiative to develop a system for meeting CDC requirements for infectious disease tracking and reporting. The system is being built using the community sourcing model, a model that mixes both open source and commercial interest elements.
Jun 18, 2008 4:00 AM PT
A partnership with the Collaborative Software Initiative (CSI) and the Utah Department of Health is cementing an emerging community sourcing software model that could thrust open source development deeper into vertical markets.
CSI and the state of Utah on May 19 announced the availability of a software system that resulted from a first-of-its-kind agreement to build a Web-based, open source infectious disease management system. The system will help Utah meet the CDC (Centers for Disease Control and Prevention) requirements for infectious disease tracking and reporting.
Perhaps the most interesting part of the partnership is the potential for expanding the adoption of an emerging software model that could be used to address some of the nation's biggest IT issues. These IT issues can affect everyday people through their experiences with government, health providers and their banks, to provide just a few examples.
"Two years ago, some Wall Street firms approached me about setting up a Linux OS-style community to develop a similar targeted software project for a vertical market," Stuart Cohen, founder and CEO of CSI, told LinuxInsider. "One of our strategic partners met with the governor of Utah about budget constraints and what to do about the health department's needs."
The result, he said, was a decision for CSI to create a software solution with the right kind of commercial support. Cohen is the former CEO of Open Source Development Labs, now known as "The Linux Foundation."
CSI brings like-minded organizations together to work on collaborative software at a fraction of the cost of commercial development. It's focused on CDC-issued compliance mandates for the reporting and notification of infectious disease incidents.
"These compliance issues didn't work well on a regional and county or local basis. That led to our involvement," said Cohen.
At that point, Cohen's company was about a quarter of the way through a planned two-year collaborative software project. The request from Utah was a good time for him to start publicity on it, he said.
"We have a pretty good pipeline of opportunities to collect data for a lower cost," he said.
What It Does
The system CSI designed under its partnership with Utah's health department meets the requirements for the CDC's National Electronic Disease Surveillance System (NEDSS). NEDSS is an infrastructure cornerstone for the nation's Public Health Information Network (PHIN).
The disease reporting and management system, which is being piloted in Utah, will be adaptable in all 50 states and available under an open source license later this year. It is designed to support local health departments in the early detection and investigation of individual cases and local clusters of communicable diseases. It simultaneously meets the state and federal needs of outbreak control, disease surveillance and epidemiological research.
"This is not proprietary software. We are a for-profit company. We will offer the operating system with paid support like a Red Hat Linux model," said Cohen.
The product will be available as a Software as a Service (SaaS) application and in a stand-alone form, he said.
Why This Approach?
Utah officials wanted a less expensive software product to meet compliance issues. The solution was to work with a company to build a software product that works for them locally at a fraction of the cost, said Cohen.
"There are some companies that offer expensive proprietary software, but these do not meet all of the requirements of the CDC or the state," he said.
Many existing NEDSS solutions are either too expensive or outdated or don't meet the states' needs. CSI's open source infectious disease reporting and management system, developed with the collaborative software development model, is significantly less expensive and meets all local, state and federal requirements, according to the December 2007 report from Trust for America's Health.
Research firm Gartner recently pointed to CSI as the first provider of what it calls "community sourcing." The term, as Gartner coined it, refers to a software development and deployment model that aims to coordinate the work of different user IT organizations sharing the same purpose and a set of common requirements.
"Participating organizations leverage internal application and development resources, with the expectations that others will do the same, to contribute to an outcome rather than take responsibility for it," Brian Prentice told LinuxInsider. Prentice is research vice president for emerging trends and technologies at Gartner's Sydney, Australia, office.
Community sourcing is about user-centric -- not vendor-centric -- outcomes, he explained. The focus is not on building commercial IT offerings (proprietary products, open source distributions or commercial open source offerings) but rather creating operational systems that support the business objectives of its participants or embedded components of non-IT products.
Different From Crowdsourcing
This approach differs considerably from the crowdsourcing model. Crowdsourcing is the process of catalyzing and leveraging communities to supplement specific business processes or redesign a business model, according to Prentice.
"It is an example of Web 2.0. Examples include the U.S. Patent and Trademark Office's peer-to-patent review process and Lego Mindstorms (business process augmentation) and Prosper/Zopa in financial services and Philica in academic review/publishing (business model redesign)," he explained.
Community sourcing, on the other hand, is about organizations sharing bespoken development work. This can either be through explicit upfront agreements, open source licensing models, or a combination of both. The Web doesn't have the same critical dimension to community sourcing as it does with crowdsourcing, said Prentice.
"The major issues are the cost of custom/bespoke development efforts and vendor dependency and lock-in. When an organization is faced with a software requirement that is both necessary and essentially non-differentiating, they have traditionally sought either a custom development effort or to buy it from a vendor," said Prentice.
The focus in a community source model is for an organization to build something for itself but share the development work. That means that the costs of a custom development effort are reduced, he said. Furthermore, since there is no vendor involved, there is no chance of lock-in.
"This gets really interesting where open source licensing is used. That not only eliminates any chance of one party taking advantage over another through restrictive EULA terms and conditions, but then opens up the development effort to a broader community than was originally involved," he said.
Perhaps the best example of community sourcing's applications to big IT issues is found in the Sakai Project, Prentice suggested. This is a learning management system originally developed by four universities in the U.S. and put under an open source agreement.
It is now being used by more than 100 universities around the world. Other examples include Programverket in Sweden or CommunesPlone in Belgium, according to Prentice.
"Additionally, CSI has done another community source engagement with a number of financial services organizations in the U.S.," he said.
Utah officials chose the collaborative software development model because it's based on a unique combination of industry standards, open source business practices and lean software development techniques. The process brings together multiple stakeholders with a common need.
"We are excited by the promise that this collaborative approach offers to our state," said Robert Rolfs, an epidemiologist for the Utah's Department of Health. "This system meets our needs by making it easy for our doctors and nurses across a variety of counties to better protect people's health by detecting and preventing disease."
The project is a perfect example of how collaboration in software can have an impact on society, noted Cohen. In this case, it helps prevent the spread of disease and improve quality of care for patients by developing a system that works for everyone. CSI plans to discuss deploying the software project in other states, he said.
"Disease surveillance is a critical component of public health -- it serves to protect all of the citizens of our state on a daily basis. Through this unique partnership and approach to developing a solid detection management system, we believe we're serving our citizens' very best interests," said Jon Huntsman, Utah's Governor. "We're looking forward to partnering with our neighboring states to enable the same level of public health service across state lines."
The collaborative project has more than 100 contributors with a core team of 15 members. Participants include doctors, nurses, epidemiologists (subject matter experts) and IT managers from across the state. CSI program managers and other developers were also involved.
The software is built with an open source software stack that includes Novell Suse Linux Enterprise Server, PostgreSQL, Apache HTTP Server, Apache Tomcat, Java and JRuby. The system and database reside and are maintained on servers managed by the Utah Department of Technology Services on its secure network, accessible by users in health departments across the state.
"This project draws from the culture of collaboration that Linux and Firefox share to benefit each other," Mike Herrick, program manager and project leader at CSI, told LinuxInsider.
It's a fairly large program, so releases will be made incrementally every few months to add more components. The software runs on Unix, Linux and Windows platforms. Development for Utah is based on Linux.
The combination of lean and open source allows the developers to provide high quality software releases early and often and to involve all the major stakeholders in the process, he said.