Are any Health Information Exchanges' APIs documented?

StackOverflow https://stackoverflow.com/questions/14810647

  •  09-03-2022
  •  | 
  •  

Question

I was uncertain of the correct site in StackExchange to ask this but since it's about APIs I just went with Stack Overflow.

In the US currently more and more States and companies are setting up Health Information Exchanges to electronically exchange records between different hospitals, practices, etc. What I'm wondering is: are any of these protocols, APIs, etc documented anywhere? Off and on over the last few weeks I've tried to find anything, from any state, detailing how these work specifically, but I cannot find anything. I do find vague references to "documentation" and "standards," with no detail on the protocols, encoding, etc.

It may be a case of just not searching with the correct terminology, though part of me is beginning to suspect that none are documented anywhere.

Was it helpful?

Solution

Time for an acronym stew.

I'm not aware of any specific products/platforms provided by specific HIE vendors that expose public APIs. But, there are a variety of standards in the HIT community that are commonly used by HIEs:

The HL7 standards define a large number of data exchange and message formats for all sorts of patient health information. HL7 v2 is a custom delimited format. HL7 v3 is an XML format. Both have similar semantics. This is commonly used to exchange health information with an HIE. Note that this is a very broad standard and HL7 messages are highly subject to interpretation or customization in terms of which individual elements are required or utilized by each vendor.

CCD and CCR are also commonly used for exchange of health data, especially in conjunction with PHR (Personal Health Record) systems such as HealthVault.

LOINC and SNOMED are sets of standard names and identifiers used, among other places, in HL7 messages.

I've often seen SAML used in SOAP messages to provide additional security.

OTHER TIPS

SAML only provides authentication/authorization support. HL7 is not encrypted so for HIPAA compliance when communicating between enterprises you either need to encrypt the connection via SSL or a VPN or use an application layer encryption solution such as CloudPrime

Disclosure: I am an advisor to CloudPrime.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top