Introduction
This section provides an in-depth background of:
- The technical architecture of OpenCRVS.
- The installation process required to set up a development environment.
- The technical configuration process required to set up OpenCRVS for your country.
- Information on how to make OpenCRVS interoperate with external systems such as National ID, Health etc.
- The process and methodologies required to deploy OpenCRVS in production.
#
ArchitectureThe technical architecture of OpenCRVS was designed to conform to the OpenHIE architectural standard and FHIR.

The Open Health Information Exchange (OpenHIE) initiative is a global, mission-driven community of practice. Dedicated to improving the health of the underserved through open and collaborative development & interoperable data standards.
The OpenHIE framework supports interoperability by creating a reusable architectural framework that introduces a service oriented approach, maximally leveraging health information standards, enabling flexible implementation by country partners, and supporting interchangeability of individual components.
OpenCRVS architecture follows the OpenHIE framework by:
- Utilising the OpenHIE reference interoperability middleware: OpenHIM.
- Being constructed using modular, interchangeable, event-driven microservices for business functions and by utilising FHIR in a NoSQL MongoDB datastore: Hearth.
- Providing scalablility via a one Docker container per microservice model and Docker Swarm.
- Being fully configurable using simple text files.
OpenCRVS builds on these sound principles by additionally providing:
- A market-leading, powerful search and de-duplication engine powered by ElasticSearch.
- Real time performance analytics powered by the time-series database: Influx.
- Increased performance via vastly reduced HTTP requests between client and server through the use of GraphQL
- A Travis continuous integration and delivery suite containing 80%+ coverage of Jest unit tests, Cypress end-to-end tests and integration tests.
- A full-stack designed for the lowest possible TCO, "total cost of ownership" - built in TypeScript / JavaScript (NodeJS - HapiJS & React) - using Progressive Web Application technology for offline and low-connectivity access via mobile.
- External server and application health monitoring with Netdata, Papertrail, Pingdom, LogRocket and Sentry configurations.
- Automatic LetsEncrypt SSL configuration and microservice cloud router using Traefik
- Peace of mind, with the understanding that both the OpenCRVS application and OpenCRVS infrastructure has been security tested by an independent 3rd party to UK government standards.
#
Interoperability via OpenHIM and FHIRYou can read more about the functional interoperability requirements and the technical interoperability process here.
#
ScalabilityOpenCRVS is vertically scalable from the smallest to the largest nation. Our pilot is live in Bangladesh a country with a huge population. It can be deployed on public or private cloud servers across multiple nodes, or installed in a small data centre on a single node and easily managed and maintained by a very small team.
Read more about the deployment process.
#
ConfigurationIt is easy to configure and localise using a number of config text files in a resources package. A companion example configuration; the OpenCRVS resources package for Zambia, can be found on GitHub.
You can read more about the functional configuration requirements and the technical configuration process here.
#
Security & BackupOur mobile application and microservices are secure, protected by 2-Factor Authentication utilising OAuth JWT best practices. You can read about this process here
User types and access controls are managed in order to segregate personally identifiable data to only to the users who need it. These configurations can be managed in the admin system, thus protecting citizen rights.
All OpenCRVS data is encrypted in transit and at rest. OpenCRVS includes daily, automated, external back up as a configurable option in our Ansible script. Our system has been security tested to UK government standards by an independent, CREST and CyberEssentials certified organisation.