DPHHS Home       About Us       Contact Us       News & Events       Programs & Services       Health Data & Statistics

A - Z Index

Technology Services Division

Development and Configuration Standards

The following programming and configuration standards are to be followed by any group that is developing applications or interfacing with applications that are run within the DPHHS State Network. Please direct questions or requests for further information to: HHS Application Development@mt.gov


Application Environments

DPHHS has the following application environments available.


  • Oracle 10g is fully supported.
  • MySQL is available on a limited and unsupported basis (you are responsible for all data stored, We cannot help with backups, data recovery, etc.) MySQL cannot be used for systems working with sensitive data.

Application Servers

  • Tomcat Java Application Server
    • Tomcat 6 is available. We have separate QA/test and production servers.
  • Apache Web Server
    • PHP with Oracle and MySQL connectivity is available. We have one server, but can provide test, QA and production environments.
  • Oracle Application Server
    • Oracle Application Server 10g is supported. We have one server with production, test and QA environments. Due to the end-of-life status of Oracle Application Server 10g, we have limited support from Oracle. An upgrade to Weblogic Server 12c is under consideration.
Security Requirements
  • Passwords must follow State of Montana standards.
    • Currently, this is eight characters or more, with at least two digits and an uppercase alpha.
  • Applications must be protected against SQL Injection.
    • User input must be sanitized. PHP applications must use binding.
  • Database access must be limited.
    • Tables and views containing sensitive information must not be readable to all users - even in test/QA environments.
File Storage
  • Applications must periodically clean out old or unneeded files. This includes documents, temporary files and logs. We can assist with scripts to do this.
  • Permanent file storage must be discussed with us before development. NOTE: At some point, applications will be required to use the DMS for permanent document storage. DMS is a document management system currently under development.
Tomcat Requirements
Oracle Password Protected Roles
  • Password Protected Roles
Using E-Pass
Web Services
Page last updated: 08/01/2013