Oracle Health EHR (formerly Cerner Millenium) integration is implemented using an Agent-based connection type. This means that a direct connection is not available, so an indirect connection is made between Oracle Health EHR (formerly Cerner Millenium) and the required Cerner Millennium instance using the Access Governance Agent.

The Oracle Health EHR (formerly Cerner Millenium) application communicates with the Cerner API using the HTTP protocol. The Cerner API provides programmatic access to Cerner through the endpoint. Oracle Health EHR (formerly Cerner Millenium) applications uses the endpoints to perform create, read, and update, operations on directory data and directory objects, such as users, personnel groups, Organization, Organization Groups and Personal alias.

Configure Oracle Health EHR (formerly Cerner Millenium) Orchestrated System

Load Data

After setting up and verifying your Orchestrated System, you can ingest identity and account details from Oracle Health EHR (formerly Cerner Millenium), using the configuration mode - Managed System.

User data loaded in Managed System mode comprises of account data and roles of Oracle Health EHR (formerly Cerner Millenium). If the account is new, then a new account is created in Oracle Access Governance together with the associated roles, These roles will be created in Oracle Access Governance as permissions. Accounts and permissions loaded from Oracle Health EHR (formerly Cerner Millenium) can be managed by Oracle Access Governance. You can update the permissions associated with a managed system account. If the account only has one permission assigned then remediation of this permission will also result in the revoking of the account. If the user details such as identities exists in , then the updates initiated using system is applied.

Create Account

As an Oracle Access Governance user you can request access to resources and roles provided in Request Access .

Assign Permissions

You can assign permissions to a Oracle Health EHR (formerly Cerner Millenium) account using the Request a new access functionality of Oracle Access Governance. This allows you to request an access bundle containing permissions which equate to roles on the Oracle Health EHR (formerly Cerner Millenium) system. When you request an access bundle, either directly or through an Oracle Access Governance role or policy, a provisioning operation is initiated which updates the roles in your Oracle Health EHR (formerly Cerner Millenium) instance with the permissions included in the referenced access bundle.

For further details about permission assignment, refer to Request Access. To learn more about roles and policies, refer to Manage Roles, and Manage Policies.

Remove Permissions

You can remove permissions from an account by revoking the permissions from the role, policy or access bundle to which it is assigned. In this case, the permission assignment is revoked from all users to whom the role, policy or access bundle is applied. Another way to remove a permission would be by revoking role, policy or access bundle assignment from a specific account. This would be done using the revoke operation in access reviews.

For further details about permission assignment, refer to Delete a Role, Delete a Policy, or Manage Access Bundles -> Delete an Access Bundle.

Change Password

The ability to change an account password is provided by the My Access functionality in Oracle Access Governance Console. If you change the account password in this page, the details will be sent to the Oracle Health EHR (formerly Cerner Millenium) instance in the next provisioning operation.

For more details, refer to Change Account Password.