Healthcare APIs: looking beyond compliance — The key enabler for interoperability


API: Application Programming Interface


WSO2
Dunith Dhanushka and Amanda Kothalawala
2022


Edited by


Joaquim Cardoso MSc.
Health Transformation . Institute

Research Institute for Continuous Health Transformation,
for Better Health for All
June 14, 2022


Abstract


Healthcare regulations help to keep the healthcare industry up to standard and ensure quality of care. 

In a modern patient-centric healthcare ecosystem, these regulations have led payers and providers to implement innovative business solutions. 

Recent regulations have adopted Fast Healthcare Interoperability Resources (FHIR) as the technology standard and enforced use to expose healthcare data as FHIR APIs (Application Programming Interface)


This paper looks at how the regulation-driven healthcare industry and patient-centric ecosystems work and how these regulations have paved the path towards greater interoperability. 

Next, it explains how APIs have become the key enabler for interoperability, and, as a payer, provider, or an independent software provider, how you can look beyond the regulation and unleash innovation.


Key Takeaways

  • The healthcare industry is highly regulated. Do not consider the regulations as a burden. If you look beyond them, you can see great opportunities
  • Regulations pave the way for interoperability by enabling every participant in the healthcare ecosystem to speak the same language. APIs make it possible.
  • Apart from using it for being regulatory compliant, organizations can leverage API management practices to expose business capabilities to the outside world and build API-centric marketplaces.
  • Interoperability with FHIR APIs can make your life easier. FHIR APIs can help expose business and healthcare delivery opportunities by aligning different applications across any healthcare enterprise and provide a multitude of innovative opportunities to utilize health data in ways previously unavailable.
  • Interoperability is not only applicable for payers. If you are a provider or a software vendor, this is for you too. Free and secure data exchange will benefit you to make better-coordinated care in the future, and software vendors now get a platform to enter the market with innovations.

Table of Contents

  • Abstract 
  • Key Takeaways 
  • The regulation-driven healthcare industry 
  • The patient-centric healthcare ecosystem 
  • Regulations pave the way towards interoperability 
  • APIs: The key enabler for interoperability 
  • Benefits beyond regulations
  • Conclusion 
  • References 

Conclusion

Regulations are in place to ensure that the healthcare industry is up to par. 

Even if you are a payer, a provider, or a software vendor, bringing in a technology partner to speed innovation and future-proof your business will add significant value to your compliance solution. 

We hope this paper gives you a signal to rethink and look at your interoperability journey strategically, while also addressing regulatory requirements. 

We discussed several market opportunities that you can adopt as well as the benefits you can achieve. 

These opportunities can be altered depending on your organizational goals, long-term strategy, and most importantly, your investment.




ORIGINAL PUBLICATION (full version)


The regulation-driven healthcare industry


The global healthcare sector is one of the most strictly regulated as it has a direct impact on people’s lives and plays a significant role in a country’s economy. Hence, governments, regulatory bodies, relevant departments, and authorities across the globe are keen on implementing the appropriate regulations, rules, and practices. Most often, these regulations aim to bridge gaps in healthcare systems, deliver improved care to patients, and reduce the inflated price of care services.


Some recent regulations include the Interoperability and Patient Access final rule (CMS-9115-F)[1] issued by the Centers for Medicare & Medicaid Services (CMS) and the 21st Century Cures Act[2] enforced by the Office of the National Coordinator for Health Information Technology (ONC), United States. These regulations aim to put patients first and empower them to work with their doctors and make healthcare decisions that are best for them. The rules also aim to rectify the lack of seamless data integration and data transparency, poor care coordination, and steep fees for medical services owing to a lack of competitive pricing options.


The patient-centric healthcare ecosystem


The modern healthcare ecosystem is patient-centric in nature. The other stakeholders (i.e., the government, payers, providers, and independent software vendors) are on the borders, working toward a value-based healthcare system that empower patients in an IT economy.


Figure 1: Patient-centric Healthcare Ecosystem


As shown in Figure 1, each stakeholder has a set of objectives to achieve from this system, and they have to perform a set of executions to accomplish them. Some of these objectives, which are common to every stakeholder, include compliance with government regulations and standards as well as improving interoperability and data security. The ultimate goal is to provide high-quality healthcare services at a reasonable cost and to enhance the overall experience for both patients and healthcare workers


Government and other regulatory bodies play a vital role as they are responsible for initiating the necessary regulations and governing the compliances and standards in the healthcare industry. As stated previously, these regulations will directly impact keeping the healthcare industry up to par across the globe. Most often, payers and providers have to implement these regulatory requirements as they engage with patients first-hand.


At this stage, independent software vendors (ISV) come into the picture. ISVs can assist in addressing the regulatory requirements, thinking beyond compliance, and innovating to cater to other trending market needs. Introducing new solutions creates a healthy competition between different payers and providers. This also allows patients to select the best health plan, medical solution, or even the best hospital according to their budget.


Regulations pave the way towards interoperability


One benefit of a regulated environment is that regulations mandate everyone in the business ecosystem to do things in a uniform manner. 

For example, sharing data in a universally agreed format and exposing standard-compliant interfaces to the outside.


This promotes a great deal of interoperability among healthcare providers, payers, and technology providers to participate in a closely-knitted business ecosystem. An example would be a provider using an application to submit claims to multiple payers. This is made possible because the application is interoperable with multiple payer interfaces that are standard compliant. If not, a provider would have to build individual applications to collaborate with each payer.



APIs: The key enabler for interoperability


Typically, interoperability is made possible by APIs. They provide platform-independent interfaces for organizations to describe business capabilities and allow interested parties to consume business data in a regulated manner.

APIs have been in the healthcare industry for a long time. As we can see today, almost all EHR/EMR systems expose APIs and enable integration with ecosystem services

Payers expose APIs so that the providers are able to submit claims, also to allow the health plan members to view their claim statuses, explanation of benefits, and so on.


Regulations drive the unification of APIs


If APIs are already established in the industry, why bring in more regulations?


It is about the shape of data being exchanged in the ecosystems we described above. As of today, many healthcare organizations own proprietary APIs, shared among only the partners of their interest. These APIs are diverse in format. On the other hand, small-scale organizations like clinics, labs, and payers are still taking the first steps towards adopting APIs.


Regulations, such as CMS-9115-F and the 21st Century Cures Act, mandate that the entire healthcare industry speak the same language by adhering to a standard set of APIs. For example, the ONC has identified FHIR Release 4.0.1 as the foundational standard to implement the 21st Century Cures Act. Similarly, the CMS has also adopted FHIR-based APIs for the CMS-9115-F rule to share patient data securely and seamlessly.


The ultimate goal of regulations is to liberate patient data, which has been scattered across multiple locations, and structure it into a meaningful format so that it benefits all parties.

Taking healthcare APIs to the next level


When regulations start to roll out gradually, there’s an increasing demand for healthcare organizations to adopt API management solutions. Apart from providing standard-compliant APIs, a typical API management solution enables an organization to do the following.


  1. Create APIs to expose existing business systems to the outside — such as EMRs, practice management systems, and medical billing systems.
  2. Describe and document APIs to drive the self-adoption by external developers.
  3. Provide runtime governance to published APIs — such as security, rate limiting, and threat protection.
  4. Enable the participation of developers and technology decision-makers by building API marketplaces.

Organizations can leverage API management to achieve much more than regulatory compliance. If done right, it can be a key enabler of digital transformation and a key component of business success. 

The next sections discuss these additional benefits for healthcare organizations.


Organizations can leverage API management to achieve much more than regulatory compliance. If done right, it can be a key enabler of digital transformation and a key component of business success.



Benefits beyond regulations


By adopting a regulation-driven API management practice, a healthcare ecosystem gains the following benefits to patients, providers, payers, and other third parties.


Improved patient experiences


First- and third-party developers can build applications by consuming the FHIR APIs exposed by payers and providers in the modern healthcare ecosystem. These can be web or mobile applications and mainly target patients. The most effective and innovative platform to build these applications is the SMART on FHIR[3]. This platform is a standards-based, interoperable apps platform for electronic health records. SMART on FHIR enables application developers to build a proper method to connect to EHR systems, with appropriate security measurements using OAuth[4] and OpenID Connect.


The SMART platform includes a pre-defined set of FHIR profiles that allows creating EHR-specific logic to transform internal data structures to corresponding FHIR resources during the implementation phase. This platform comes with developer-friendly interfaces to provide a straightforward app development experience. Also, it helps to create user-facing applications that support native apps on iOS, Android, and desktop operating systems. These applications enable patients and doctors to easily access medical data. One successful implementation is the new iPhone Health app[5]. The key feature of these applications is that, as a patient, you are in charge of your medical data, and you have complete control over what you share with your application.

Figure 2: The Health app — Apple

Streamlined payer-provider collaboration


Figure 3: Payer-provider collaboration

Payers and providers collaborate on medical billing activities. This includes providers transferring patient medical claims to payers, and then payers responding back to claims adjudications. A follow-up is required if there are any erroneous records.


In the early days, these activities were performed manually. Various EDI standards enabled automating the process by integrating different systems at payers and providers, including EHRs and billing systems. However, what was lacking was the interoperability among payers and providers. Most often, payers and providers did not communicate using the same protocol.


The FHIR standard enables providers to collaborate over well-known data formats. This allows developers from a provider organization to build applications to exchange data with one or more payers. For example, a provider can build an application to transfer medical claims to multiple payers, as opposed to the early days where they had to maintain dedicated applications for certain payers.


This also opens another opportunity for independent software vendors (ISV) by enabling them to build software platforms for payer-provider collaboration. In an instance where both parties find it difficult to own and maintain an IT department, such collaborations make more sense. ISVs onboard multiple payers that are FHIR compliant to their platform, enabling providers to integrate with them in a seamless manner. Most of the time, the ISV absorbs the burden of integration.

Improved experiences for practitioners and providers


Figure 4: Expose business operations externally


An API management solution allows providers to securely expose their business operations externally. 

For example, external partners and patients are granted access to operations related to patient scheduling, practice management, lab orders, and claims management.


Applications built on top of provider APIs allow patients to schedule appointments with the provider of their choice, have conversations with their practitioners, and share sensitive information, such as lab results via secure messaging. 

This saves a significant amount of time for both providers and patients.


Providers will also be able to deliver applications to practitioners to make the collaborations easier. Practitioners will be able to access patient profiles, record observations, and past history through a single interface.


Integrating partners, such as medical labs and payers, will be streamlined with APIs. Ordering labs and sharing claim information can be done over standard interfaces.


Sharing medical data for clinical research and life sciences


Figure 5: Data, Analytics, Insights 

Interactions among patients, providers, and payers generate a large amount of medical records on an annual basis. These records are stored primarily for regulatory reasons; however, with the help of modern technologies, this wealth of information can be used to understand patient behavior.


Example data includes patient encounters, observations, and medications. Most of the time, this data is kept with providers and payers.


When API-enabled, this data can be utilized by third-party organizations, such as clinical research institutions and life science organizations, to derive meaningful information about population health and to train machine learning models used in drug discovery. 

This data can also be used to feed an array of machine learning algorithms to perform tasks such as automated drug discovery and clinical data analysis.


All this is made possible by providers and payers sharing health information over APIs that support role-based access control and anonymization of personal health information (PHI).



Conclusion


Regulations are in place to ensure that the healthcare industry is up to par. Even if you are a payer, a provider, or a software vendor, bringing in a technology partner to speed innovation and future-proof your business will add significant value to your compliance solution. 

We hope this paper gives you a signal to rethink and look at your interoperability journey strategically, while also addressing regulatory requirements. 

We discussed several market opportunities that you can adopt as well as the benefits you can achieve. 

These opportunities can be altered depending on your organizational goals, long-term strategy, and most importantly, your investment.


References

See the original publication.



About the authors


Dunith Dhanushka,
Lead Solutions Engineer, WSO2

Amanda Kothalawala, Associate Lead — Business Analyst, WSO2

Total
0
Shares
Deixe um comentário

O seu endereço de e-mail não será publicado. Campos obrigatórios são marcados com *

Related Posts

Subscribe

PortugueseSpanishEnglish
Total
0
Share