How APIs Will Solve Many of the Interoperability Challenges in Healthcare Data Exchange

By Jeff Solis, Senior Product Marketing Manager, J2 Global; a HIMSS Interoperability Showcase Collaborator

Last year saw several major developments in the healthcare industry’s continuing push toward improved patient data exchange—in particular, increasing the interoperability of health IT systems.

From a regulatory standpoint, two agencies within the U.S. Department of Health and Human Services (HHS)—the Centers for Medicare and Medicaid Services (CMS), and the Office of the National Coordinator for Health Information Technology (ONC)—jointly released a set of proposed rules to promote the seamless exchange of electronic protected health information (ePHI).

From a technology standpoint, the healthcare standards organization HL7 published Release 4 of its FHIR® specification. This standard is designed both to encourage patient data portability and accessibility, as well as to leverage universally structured and standardized data to help with automated clinical decision support and machine-based processing—with the ultimate goal of improving patient care.

Healthcare entities should be paying close attention to HL7’s emerging FHIR R4 specification, if for no other reason than that this standard is clearly going to play a role in federal regulators’ definition of “compliant” data exchange. For example, one of the HHS’s new interoperability rules is that any health plans sold on the government’s Affordable Care Act exchanges will have to implement FHIR-based application programming interfaces (APIs) to open up data access to third-party healthcare apps.

What Does This Mean to the Typical Healthcare Organization?

These developments strongly suggest two important courses of action for all healthcare entities. First, if they haven’t already done so, 2020 should be the year that every covered entity and business associate begins to prioritize data-exchange interoperability, security and compliance for their business.

Second, to make their move to more seamless data exchange as quick and simple as possible—without sacrificing the security or integrity of their systems—healthcare organizations should look to implement healthcare APIs.

APIs: A Faster Path to Healthcare Data Interoperability

If you’re new to the term, an API is a communication protocol that can connect different systems—two software platforms, for example—and let them exchange information without each having to learn the technical details of how the other one operates.

Think of your organization: Your staff likely exchanges data throughout the day with many partners, providers, plans and patients. All of these parties might be using different proprietary digital solutions to communicate with your office. This could include practice-management systems for billing and scheduling, EHR solutions, and of course fax machines to transmit health records, referrals, prescriptions and other patient data. How many of these solutions speak the same digital “language” as your practice’s EHR platform, or your customer relationship management (CRM) system? If they don’t, then your staff likely spends a great deal of time manually entering data into your systems.

The reason for healthcare regulators’ increasing pressure to advance interoperability stems from the inefficiency, confusion and, ultimately, a poorer patient experience that results from all of these organizations trying to exchange patient data using incompatible tools.

But with healthcare APIs acting as bridges to allow more seamless communication among these tools, we can help improve healthcare organizations’ efficiency and productivity, which can help you deliver better patient care.

One healthcare API that helps to speed, simplify and improve the accuracy of patient data exchange is HL7’s FHIR API. To cite one example of how this API works, rather than trying to force a digital tool such as an EHR system to read and understand an entire document, this API peers into individual elements of documentation—such as patients, medications and medical conditions—enabling users to more easily retrieve and process key details from virtually any system.

Another example of a healthcare API that is helping improve interoperability is the fax API—such as the eFax Enterprise API—which allows healthcare organizations to send and receive standardized fax data from directly within their enterprise resource planning, CRM, or EHR applications.

A Word of Caution Before Implementing an API

For any business in any industry today, securing corporate data needs to be a top priority and those security concerns should extend to any APIs you deploy to make data exchange with third parties more efficient.

But for healthcare organizations in particular—given that your industry is among the most heavily regulated and aggressively targeted by cybercriminals—you need to make sure any API you implement meets the highest security and regulatory standards.

With that in mind, here are a few recommended questions to ask any API market supplier about their solution before taking the security and regulatory risks that their API isn’t built for the unique challenges of healthcare data exchange:

  • Is your API HIPAA compliant?
  • Will you sign a business associate agreement to further demonstrate your confidence in the regulatory compliance of your product?
  • Will your API transmit our data using the most advanced encryption protocol, TLS 1.2? If not, why not, and how will you protect our data in-flight?
  • Has your API earned HITRUST CSF certification? If not, when do you expect to complete this “gold standard” in healthcare compliance certification?

Sponsored content. The views and opinions expressed in this blog or by commenters are those of the author and do not necessarily reflect the official policy or position of HIMSS or its affiliates.

Calling All Changemakers

No matter where you are in the world, you can be part of what’s next for health. View digital resources, a content showcase and social media highlights on the HIMSS Global Health Conference Digital Experience page.

Be Part of the Change