Configurations

Purpose

The System Configuration module lets Clinical Managers review and adjust how the local IIS behaves. It controls synchronization, facility assignment, security, and network performance — especially important in Fiji, Solomon Islands, and Kiribati, where internet can be slow or intermittent.

⚠️ Changing settings without understanding them can stop data synchronization or prevent login.

Navigation

From the sidebar, select System → Configuration. Each section expands or collapses using the arrow ▶ on the right side.

Panel
Key Defaults for Fiji / Solomon Islands / Kiribati
Why

Role

unicef.ims.sln, Automatically update applets = On

Receives new forms & schedules.

Integration

Synchronize

Enables two-way sync with national IIS.

Subscription

Poll = 15–30 min, Selectively Replicate = Places, Your Facility selected

Balanced traffic & correct scope.

Database

Do not change

Preconfigured; changing can lose data.

Logging

Log Detail = Informational, MauiPublicRolloverTraceWriter = Informational/Verbose

Enough detail without filling storage.

Security

Allow offline login = On, AR Store = 1 month, Assigned Facility = your clinic

Works during outages; saves space.

Services

Leave enabled by default

Keeps sync, backups, alerts working.

Network

GZIP (most sites), LZMA (very slow links), No client certificate, No proxy unless MoH says so

Reliable uploads on island bandwidth.

Other Settings

Keep national defaults, input.address = select

Clean, standardized data entry.

Configuration Panels

Each section affects how your clinic’s device operates. Below is a detailed explanation of what each setting does, when to change it, and what to avoid.

Before you change anything Take a screenshot of the current setting. Note the exact path (e.g., System → Configuration → Network). Make one change at a time, then Save ✅. Verify under System → Status → Synchronization that no new errors appear. If anything breaks, revert to the screenshot values and contact support.

🛡️ SanteGuard

Purpose

SanteGuard manages system security logging — for example, when users log in or make changes.

If you see this message:

“There was no configuration or service to send/receive SYSLOG messages,” that is normal for clinic tablets. It means the device does not send system logs to a central server.

The SanteGuard section does not affect daily operations or patient data. This panel can safely be ignored on clinic devices.

🧩 Role

Purpose

Determines which national configuration profile your device uses and whether forms (applets) update automatically.

Setting
What It Does
If Changed Incorrectly
Recommended Setting

Role

Identifies which configuration the device uses (e.g., Solomon Islands vs Fiji setup).

Changing this can disconnect your device from the correct national data source.

unicef.ims.sln

Automatically update applets

Downloads updated forms and workflows when internet is available.

If disabled, new vaccine schedules or form updates won’t appear.

✅ Enabled

Even with poor internet, keep Automatically update applets on. The system will automatically check for updates when connected — no user action required.

🔗 Integration

Purpose

This section defines how the local tablet communicates with the national Immunization Information System (IIS). In production sites (Fiji, Solomon Islands, Kiribati), this setting is automatically configured during installation.

In Demoland, this field is blank because the demo environment is not connected to a national IIS, so no upstream service is available.

If you see this section blank while using Demoland, that is normal — it only means this device is running in offline demo mode. In real clinic deployments, this section would show Integration Mode = Synchronize.

Setting
Description
Guidance

Integration Mode

Determines how data is sent to and received from the national IIS.

Keep Synchronize (default). Never change to Manual or other modes.

Changing this setting in a production environment can stop synchronization or disconnect your clinic from the national server. Only trained administrators should adjust Integration Mode.

🌍 Subscription

Purpose

Defines how often your tablet synchronizes with the national system and which facility it belongs to.

Setting
Description
What Happens if Changed Incorrectly
Recommended for Island Clinics

Poll Interval

How often the tablet checks for updates.

Too short (1 minute) wastes bandwidth. Too long (1 hour) delays uploads.

Every 15 or 30 minutes(default).

Selectively Replicate

Which type of data to sync (Places, Facilities, etc.).

Selecting the wrong one means your clinic will not see patient records.

Places (Villages, Cities, Towns)

Places (Villages, Cities, Towns)

The facility assigned to this device.

Removing your clinic stops synchronization entirely.

Must always list your site (e.g., Fuji Community Hospital).

Auto-resolve conflicts

Forces local changes to overwrite national data.

Can delete records entered by others.

Leave unchecked unless support instructs.

Send partial updates (PATCH)

Sends only the changes instead of full records.

May cause partial uploads if the signal drops.

Safe to enable for slow networks.

Open SubscriptionGo to System → Configuration → Subscription.Confirm FacilityEnsure your assigned clinic (e.g., Fuji Community Hospital) is listed. If missing, synchronization will fail.Set Poll IntervalUse Every 15 minutes for stable networks, or Every 30 minutes for low-bandwidth environments.SaveClick Save ✅ to apply the settings.

If internet cuts out during a vaccination session, continue working offline. When connectivity returns, the system will sync automatically using your poll interval settings.

🗄️ Database

Purpose

SanteDB’s disconnected client needs to store data locally on the tablet so it can keep working when there is no internet. The database section defines where and how this data is saved.

Every clinic tablet already comes pre-configured. You should never change database settings unless instructed by technical support.

Basic Database Configuration

This section defines the main data storage engine that SanteDB uses on your tablet.

Field
Description
What It Does

Database

Selects which database engine (e.g., SQLite, Firebird).

Manages how information is stored locally on your device.

In all production tablets for Fiji, Solomon Islands, and Kiribati, the system uses a built-in database type that is automatically configured during installation. There is no need to manually select or change this.

Changing the database type or engine may erase all local data or stop the system from loading. Only a national administrator or SanteSuite engineer should modify this section.

Advanced Database Configuration

The advanced configuration lists several specialized databases used by SanteDB. These operate in the background to store audit logs, synchronization data, and metadata.

Section
Description
What It Stores

Synchronization Database

Handles data waiting to upload or download.

Temporary storage for sync operations.

Audit Database

Records user logins, actions, and device activities.

System and security audit logs.

Primary CDR Database

The main database where patient and vaccination records are stored.

Core clinical data.

Publish/Subscribe Metadata Database

Stores system subscription and publication settings.

Facility and replication information.

BouncyCastle Configuration Section

Used for encryption and security certificates.

Technical configuration only.

If any of these databases become corrupted or inaccessible, the system will show a synchronization error. Contact national IT support — do not delete or replace databases.

Avoid editing or renaming any database. Doing so will cause data loss or break communication with the national server.

Field Scenario Example

A clinic tablet in Kiribati loses power during synchronization. When restarted, it resumes automatically because SanteDB stores temporary data in the Synchronization Database until it confirms upload. No manual recovery or reconfiguration is needed.

Summary

Best Practice
Description

✅ Leave all database fields as installed.

Configuration is handled centrally.

✅ Restart the tablet if database errors appear.

Often resolves temporary locks.

⚠️ Never select a different database or clear data manually.

Could permanently erase records.

📞 Contact national IT support if unsure.

They can safely diagnose using logs.

🧾 Logging

Purpose

SanteDB keeps activity logs that record what the application does in the background — such as synchronization, backups, or internal processes. These logs are not patient or security logs; they are used for technical troubleshooting only.

While detailed logging helps diagnose issues, it can also slow down tablets or fill up local storage, especially in remote clinics with limited memory.

Log Detail

This option controls how much detail SanteDB records. Higher levels capture more information but take up more space and can affect performance.

Level
Description
Recommended Use

Log Everything (Debug Logging)

Records every system event, including background functions.

Only use when asked by technical support.

Verbose

Captures detailed operational logs, including routine tasks.

Troubleshooting only; not for daily use.

Informational

Logs standard events such as sync completion, backups, or warnings.

✅ Recommended for daily use in all clinics.

Errors & Warnings

Logs when something goes wrong or may cause issues.

Suitable for small sites with limited storage.

Errors Only

Logs critical failures only.

For low-memory or slow tablets.

Fatal Events Only

Logs only events that crash or prevent the app from running.

Used during testing or recovery.

Most clinics in Fiji, Solomon Islands, and Kiribati should use Informational logging. It provides enough data for troubleshooting without using much space.

Log Writers

These define where the log information is saved. Each “writer” handles a specific type of output. You can enable or disable them based on local needs.

Log Writer
Description
Recommendation

MauiPublicRolloverTraceWriter

Saves logs to internal app storage and automatically rolls over old files.

✅ Enabled – set to Verbose or Informational.

ConsoleTraceWriter

Sends logs to the console for developers (not visible to users).

Leave Disabled.

DebugDiagnosticsTraceWriter

Used only by developers for debugging.

Leave Disabled.

RolloverTextWriterTraceWriter

Writes plain text log files that reset daily.

Optional – Informational if troubleshooting.

SystemDiagnosticsTraceWriter

Advanced diagnostic tool for engineers.

Leave Disabled.

Enabling multiple verbose log writers can slow performance and use large amounts of storage. Always keep at least one writer (MauiPublicRolloverTraceWriter) active and set others to Disabled unless requested by support.

Field Example

A clinic in Kiribati reports that synchronization stopped overnight. Technical support may request that you change Log Detail to Verbose and leave MauiPublicRolloverTraceWriter enabled. This will capture detailed data for diagnosis. After the issue is fixed, switch back to Informational to save space.

Storage Impact Table

Setting
Performance Impact
Storage Usage
Recommended for

Verbose / Log Everything

High CPU use

Large (hundreds of MB)

Tech support troubleshooting

Informational

Low impact

Moderate (tens of MB)

Everyday clinic use

Errors Only / Fatal Events

Minimal

Very small

Low-storage or old tablets

If your tablet is running out of space, reduce Log Detail to Errors Only. You can increase it again when troubleshooting.

Summary

Best Practice
Description

✅ Use Informational for daily operations.

Balanced detail and performance.

⚠️ Avoid Verbose unless asked by technical staff.

Creates large files.

✅ Keep at least one log writer active.

Ensures events are captured.

🧹 Periodically clear older logs if storage is low.

Improves performance on older tablets.

🔐 Security

![](/Assets/Clinical-Portal_System_Configuration_Security.jpg)

Purpose

The Security section defines how the tablet manages login permissions, facility ownership, and local audit retention. This ensures that only authorized users access clinic data — even when the device is offline.

In Fiji, Solomon Islands, and Kiribati, clinics often operate with intermittent internet, so these settings are essential for allowing continued operation while maintaining data security.

AR Store

Setting
Description
Recommended Value

AR Store (Audit Retention)

Determines how long the device stores audit logs — such as user logins, updates, and data submissions.

Retain for 1 month

💡 Audit logs track activity for accountability. They can grow large if kept for long periods, which can slow down older tablets.

If your Ministry of Health requests longer retention (e.g., 3 months), ensure the device has adequate storage before changing this.

Assigned Facility

This identifies which clinic the device belongs to. It ensures data entered on this tablet syncs only with that facility’s records.

Field
Description
Example

Assigned Facility

Defines the health centre or hospital that this tablet represents.

Fuji Community Hospital

⚠️ If this field is blank or changed to the wrong facility, synchronization will fail, and data may not appear in the national system.

This field is pre-configured during deployment. Only change it if the device is permanently reassigned to another health facility (for example, from Gala Health Centre to Apple Islands Clinic).

Maintainer

Field
Description
Example

Maintainer

Lists the local staff or administrator responsible for the device.

Bailey Admin Beitz

The Maintainer is the point of contact for system checks, troubleshooting, or scheduled maintenance.

If a device is shared between clinics, list the clinical manager or regional IT officer who can coordinate technical support.

Login Settings

Setting
Description
Recommendation

Allow users to login when the central authentication server is unavailable

Enables offline login if internet or network access is down.

✅ Must always be checked in all island clinics.

Only allow users from assigned facility to login

Restricts login to users officially assigned to that facility.

Optional — enable only if devices are permanently fixed to one site.

🩵 Example: If the internet is down for a week, nurses can still log in using their local accounts because the device verifies them offline. When internet returns, activity and sync logs will automatically upload to the national IIS.

If both login boxes are unchecked, users may be locked out during outages. Always confirm Allow users to login offline is enabled before deployment.

Digital Signatures

These settings define how the system signs local transactions (such as patient updates or vaccinations) to ensure authenticity. You do not need to edit or view the actual keys — they are securely stored.

Field
Description

Key Name

Identifies the signing key used by the system.

Signature Type

Algorithm used for signing data. (HMAC + SHA256 is the standard.)

Key

Hidden cryptographic value automatically generated by SanteDB.

Digital signatures ensure that data entered on this tablet cannot be modified by unauthorized users before reaching the national IIS.

Never change or share digital keys. They are automatically created during setup and linked to your facility identity.

Summary

Best Practice
Description

✅ Keep “Allow offline login” checked.

Ensures continued access during outages.

✅ Confirm the Assigned Facility matches your clinic name.

Prevents sync errors.

⚙️ Set Audit Retention to “1 month.”

Saves space on low-storage tablets.

🔑 Do not modify digital signature fields.

They are system-managed and secure.

⚙️ Services

Purpose

In SanteDB, a service is a built-in background process that helps the system run important tasks automatically — even when users aren’t doing anything on screen. Examples include:

  • Synchronizing patient data and stock records

  • Managing background uploads when internet returns

  • Sending alerts or notifications

  • Handling data encryption and backups

Without these services, the IIS may appear to “freeze,” fail to sync, or stop recording activity properly.

⚠️ Do not disable any service unless instructed by national system administrators or SanteSuite technical staff.

Enabled Services

The Enabled Services box lists all system processes running in the background on your device. Each one has a different responsibility that ensures smooth and reliable operation.

Common Service Name
What It Does
Why It Matters in Fiji / Solomon Islands / Kiribati

SynchronizationService

Uploads new records when internet is available.

Keeps offline data from being lost when the network reconnects.

BackupService

Automatically creates local data backups.

Protects clinic data during power outages or device resets.

SessionManagementService

Handles user sessions and visit timing.

Prevents overlapping visits and ensures accuracy of “active sessions.”

AlertService

Delivers reminders or system alerts (e.g., sync failed, backup complete).

Notifies clinic staff when data didn’t upload.

AuditService

Logs system events for accountability.

Helps track who changed what when.

AppUpdateService

Checks for new form and workflow updates.

Ensures vaccines, forms, and indicators stay current with MoH updates.

In most national deployments, all essential services are enabled by default. If you don’t see them listed or a box appears empty, it does not mean they are inactive — it simply means they’re controlled by your national configuration profile.

What Happens If a Service Is Disabled

If This Happens
Possible Cause
Result

Data stops syncing after internet returns

SynchronizationService disabled

Records stay stored locally and never upload.

No backups created

BackupService disabled

Device data may be lost during resets.

Users don’t see system warnings

AlertService disabled

Important system messages are missed.

Updates don’t apply

AppUpdateService disabled

New forms or vaccines won’t appear.

If a clinic experiences sync or update issues, do not enable or disable services yourself. Instead, report the problem to your Ministry of Health’s ICT or SanteSuite support team. They can safely verify the configuration remotely.

Example Scenario

The internet in Gala Health Centre drops for two days. The SynchronizationService continues saving all vaccination data locally. When the connection returns, it automatically uploads everything — no staff action required. If this service were disabled, all those records would stay offline and never reach the national IIS.

Summary

Best Practice
Description

✅ Keep all default services enabled.

Ensures automatic sync, backup, and updates.

⚠️ Do not modify service lists without technical guidance.

Could stop data uploads or erase logs.

🧠 Understand what each service does before changing anything.

Prevents accidental disruptions to national data flow.

📞 Contact national IT or SanteSuite support for issues.

They can safely check service status remotely.

🌐 Network

Purpose

The Network panel controls how your device sends and receives data with the central IIS. It allows configuration of data compression, encryption certificates, and proxy settings to help optimize performance — especially when connections are slow or intermittent.

These settings are vital in areas with limited 4G coverage or satellite links, such as rural health posts or island clinics.

Easy Configuration

Setting
Description
Recommendation

Optimization

Determines how strongly data is compressed before being sent to the central server. Compression reduces data size and upload time.

Choose the compression type that matches your internet speed (see table below).

Client Certificate

Used only when the national IIS requires certificate-based authentication.

Always set to “Do not present a client certificate.”

Compression improves upload reliability but may take a little longer to process on slower tablets. The goal is to balance speed, stability, and data size.

Compression Mode Reference

Network Type
Recommended Compression
What It Does
Best For

2G / Satellite

LZMA

Very high compression for slow connections. Slower processing, but reduces upload size.

Remote outer islands with poor connectivity.

3G / ISDN / DSL

BZ2

Medium-high compression, good balance for moderate connections.

Clinics with stable but not fast 3G or DSL.

4G / LTE

GZIP

Standard compression that balances speed and reliability.

Most regional hospitals and urban clinics.

5G / Broadband Wi-Fi

Deflate

Light compression for fast, modern networks.

Large hospitals or MoH offices.

LAN (Local Network)

None

No compression — fastest when the server is nearby.

Local testing or training servers.

Selecting “None” or an unsuitable compression method in a low-bandwidth environment can cause data uploads to fail or time out.

Advanced Configuration

This section lets you fine-tune compression for each specific SanteDB component. Each service handles a different type of data transfer.

Service Name
Function
Recommended Setting

AuthenticationService

Handles user login and session validation.

None + Compress Data (local processing).

HI7FhirInterface

Exchanges patient and vaccination data with the national IIS.

GZIP + Compress Data

HealthDataService

Manages bulk uploads (sessions, vaccines, stock).

GZIP + Compress Data

AdministrationIntegrationService

Synchronizes user, facility, and configuration data.

GZIP + Compress Data

BusinessIntelligenceService

Uploads reports and analytics.

GZIP + Compress Data

If your clinic has very slow internet, switching the above services to LZMA may make uploads slower but more reliable (fewer failed transfers). Only change these settings if advised by your MoH IT support.

Proxy Configuration

Some networks, particularly in government or hospital systems, route internet traffic through a proxy server.

Field
Description
Example

Address

The proxy address that allows secure access to the national IIS.

http://proxy.moh.gov.xx

When to Set

Only if your Ministry of Health IT team confirms your clinic’s internet passes through a proxy.

Leave blank if unsure.

💡 If you’re connecting directly through mobile data or standard Wi-Fi, leave the Proxy field empty.

Summary

Best Practice
Why It Matters

✅ Use GZIP compression for most 3G/4G clinics.

Balances upload speed and reliability.

✅ Keep “Do not present client certificate” selected.

Certificates are managed nationally.

⚙️ Use LZMA if uploads often fail on poor connections.

Helps ensure data eventually syncs.

🧠 Avoid changing Advanced settings unless trained.

Incorrect compression can interrupt synchronization.

📞 Contact MoH IT if a proxy is required.

They will provide the correct address.

For Fiji, Solomon Islands, and Kiribati, GZIP remains the national standard compression type. However, rural or maritime facilities may benefit from switching to LZMA if uploads fail repeatedly.

🧰 Other Settings

Purpose

The Other Settings panel controls how the registration and patient profile screens appear in the Clinical Portal and Mobile App. These settings determine which fields are visible, mandatory, or hidden when staff register patients.

Each country’s Ministry of Health defines these values according to national reporting standards (e.g., ethnicity, marital status, education). In the Demoland version, these fields are shown for demonstration only — the actual production settings for Fiji, Solomon Islands, and Kiribati are managed centrally.

⚠️ Do not modify any values in this section unless instructed by your national system administrator. Incorrect settings may cause registration forms to appear incomplete or break synchronization.

Field Overview

Field Name
Description
Example Value
What It Does

aa.preferred

Defines the system’s preferred identifier authority (used for linking records).

DL_MHMS_HIS_IIS_ID

Ensures that all patient records use the correct ID format.

allow.patient.ethnicity

Enables collection of ethnicity during registration.

true

Shows the _Ethnicity_field in registration forms.

allow.patient.religion

Enables collection of religion.

true

Displays _Religion_during patient registration.

allow.patient.livingArrangement

Tracks whether a patient lives alone or with family.

false

Hidden by default (not used nationally).

allow.patient.maritalStatus

Enables marital status collection.

true

Adds Marital Status dropdown.

allow.patient.educationLevel

Tracks education level.

true

Adds Education Level field.

These “allow” settings make fields visible and usable. If set to false, the field is hidden during registration.

Address and Name Fields

Field
Meaning
Current Setting
Display Behaviour

forbid.patient.address.city

Hides city field when true.

false

City field is shown.

forbid.patient.address.postalcode

Hides postal code when true.

true

Postal code is hidden.

forbid.patient.name.family / given

Hides family (surname) or given (first) name fields.

false

Both name fields shown.

forbid.patient.name.prefix / suffix

Hides name titles (e.g., Mr., Ms.) and suffixes.

true

Titles are hidden.

Forbid = Hide, Allow = Show. These options prevent unnecessary fields from appearing on small-screen tablets or where data isn’t used nationally.

Person and Occupation Fields

Field
Description
Value

forbid.patient.occupation

If true, hides occupation field.

false

forbid.person.gender

If true, hides gender field (never used).

false

forbid.person.nationality / citizenship

Controls whether nationality or citizenship appear.

false

forbid.person.vipStatus

Hides VIP flag (not applicable in most clinics).

false

💡 For all island deployments, these remain false, meaning all relevant demographic fields appear during registration.

Input Modes

Setting
Description
Example
Guidance

input.address

Defines how addresses are entered.

select

Displays dropdown lists of registered villages/towns instead of free text.

input.name

Defines name entry style.

simple

Simplifies registration on tablets by showing first and last name only.

In national systems, using select for addresses ensures consistency across facilities (avoiding typos in village or island names).

Optional Fields

Field
Meaning
Example
Behaviour

optional.patient.address.city / county / state

Marks these address levels as optional.

true / false

Allows registration without filling every level.

optional.patient.name.family / given

Defines if a name part is optional.

false

Keeps both name fields mandatory.

Integration Mode

Setting
Description
Recommended Value

integration-mode

Controls how the tablet interacts with the national IIS.

synchronize

This ensures patient data is automatically uploaded when internet is available. Changing it may cause data to stop syncing.

Example Scenario

A clinic in Kiribati wants to record education level for patients. Because allow.patient.educationLevel = true, that field is already available. If it were set to false, staff would not see it on the registration screen.

Summary

Best Practice
Why It Matters

✅ Keep all national defaults.

These align with MoH data standards.

✅ Use “select” for address input.

Ensures standardized village/town names.

⚙️ Never modify “aa.preferred” or “integration-mode.”

Changing these can break record matching.

🧠 Understand “allow” vs “forbid.”

Allow = Show / Forbid = Hide.

🩵 Contact support if fields are missing or misaligned.

They can safely adjust configuration centrally.

In production environments, these settings are automatically applied based on each country’s MoH data policy. Do not attempt to “fix” missing fields locally — contact your national administrator instead.

Field Guidance for Remote Clinics

Situation
What You Should Do

Internet is offline for days

Continue normal operations — all data is stored locally. It will upload automatically when internet returns.

Clinic relocated or renamed

Update “Assigned Facility” under Security, then Save.

Tablet too slow or storage full

Check Logging → Log Detail → Set to Informational.

Slow uploads

Change Network Optimization to LZMA.

New form missing

Ensure “Automatically update applets” is enabled in Role.

Can’t log in offline

Verify “Allow users to login when central authentication is unavailable” is checked.

🛠️ Troubleshooting: “My data isn’t syncing”

Open System → Status → Synchronization and check for Conflicts or Errors. Confirm Security → Assigned Facility still shows your clinic. Check Network → Optimization: On slow/spotty links, switch GZIP → LZMA and Save ✅. In Subscription, ensure Places includes your site and Poll Interval is 15–30 min. If errors persist: set Logging → Log Detail = Verbose (temporarily), retry sync, then send logs to support. Return Logging to Informational after resolution.

Summary

The Configuration screen is your clinic’s technical control panel. Used properly, it helps the system run efficiently even without consistent internet.

If you must make a change:

  1. Write down the original value before editing.

  2. Save after confirming the new setting.

  3. Test synchronization after reconnecting to the internet.

By understanding what each option does, Clinical Managers in Fiji, Solomon Islands, and Kiribati can safely maintain their local IIS — even in remote, offline environments.

PreviousSynchronization CenterNextBackground Jobs

Last updated