EMS Standards
Responsible Use of the EMS
Regulatory Risk
When you import a full EMS record, you may be importing a great deal of PII your company doesn’t need or want. You may be creating a regulatory risk for your company by holding data on your servers that you have no business need for and in the event of a data breach could create a significant exposure. State and federal governments are adding more and more regulation concerning PII.
Security Risks
The EMS is a data base record and was not intended to be used in a webservice or API. Adding security and/or encryption to the data export requires additional steps and therefore, it is therefore recommended that you export data using a method that includes security and encryption.
Risk Mitigation
Before building a data integration that relies on the native EMS record, we strongly recommend you consider an alternative approach that leverages more contemporary methods for data exchange.
EMS to CAPIS Export
CIECA always recommends using the BMS or CAPIS data standards for exchanging data with your business partners. If, however, you must rely on the EMS as a data source, there is a responsible way to build a modern JSON based CAPIS data export from the EMS that:
- Leverages the EMS as a data source.
- Exports just the data you need in a modern JSON message.
- Minimizes risk for you and your trading partners.
- Leverages the security and authentication methods built into XML or JSON
- Enables you to build future CAPIS based integrations without a “rip & rebuild.”
The EMS to CAPIS model allows companies to get the data they need from the EMS Export Folder, but rather than taking the entire EMS, simply select the specific data fields necessary and then transmit them in a secure, encrypted method using the JSON based CAPIS standard.
How it Works
The process is initiated on a shop-side Data Export Engine that extracts the data from the EMS, transforms it into the CAPIS format and loads the data into a CAPIS based message. The message is then ready to send to the designated recipient.
EMS Data Source
- All three estimating systems produce an EMS file for each estimate written. The EMS export file functions as the data source for the process.
- The EMS file is a zipped folder containing 16 EMS sub-files. It is necessary to programmatically unzip the EMS Zip file to leverage the EMS data.
- The data is contained in an export folder. The file is written using the CIECA EMS format. The EMS specification (data dictionary and code list) is available at: https://www.cieca.com/Messages/standards-release.
EMS to CAPIS Export Application
The core of the process is a small software application that resides on the body shop machine and monitors the data export folder of the estimating system.
Extract / Transform / Load
The first step in the process is to create an application that will run on the shop machine to extract the data from the EMS, convert it into the CAPIS format and load the data into a CAPIS formatted message.
Extract: Open the EMS folder, unzip the file and extract the data needed to support your business process.
Transform: Convert the data from EMS to CAPIS
- Locate the data you need in the EMS record. The EMS data dictionary may be useful in identifying the definition of the fields you are looking for.
- Identify the corresponding data field in the CAPIS data dictionary.
- Locate the appropriate code lists that are necessary for the data you need.
Load: Create a CAPIS based JSON message by using the appropriate schema for the message you wish to send. If additional fields are required for your business need, you can use the CAPIS data dictionary and code list to add the additional fields.
Endpoints, Security & Encryption: Identify the appropriate endpoints, credentials for authentication and encryption keys necessary to transmit the data to the recipient.
BEST PRACTICES
- Filter Data to Select Only the Data You Need: Estimating applications produce an EMS record for every estimate written. If you are exporting data for a specific workflow, manufacture or process, records should be filtered to ensure you are taking only the appropriate files.
- Select Only the Data Elements You Need: The EMS file consists of a significant amount of data that may not be necessary for your workflow or process. Personally Identifiable Information and other data creates an exposure for your company if there is not a clear business reason for you to have it.
- Mitigate Your Risks…. Be Responsible.