Digital Health 101January 16, 2022

Overview of FHIR APIs

Capable Health Team


As remote and digital communications only become more commonplace today, how data is protected is more important than ever. This is especially true in the healthcare industry where patient medical records and information must be kept private and secure. Yet for the best healthcare experience, patient records must be shared among providers across healthcare ecosystems. The challenge of securing data while maintaining interoperability is reconciled by the FHIR standard.

What is FHIR?

The Fast Healthcare Interoperability Resources (FHIR) is the standard for the electronic sharing of healthcare information and records, set by the Health Level Seven International (HL7) organization. With the increased push to digitize health records in the last few years, much of the data was sadly siloed on proprietary systems without the ability to exchange that data. FHIR allows patients the ability to access their electronic health records (EHRs) between various providers. 

FHIR was created to establish a framework and structure for the exchange of electronic health information for clinical practice and management. FHIR sets expectations for how patient data is protected and makes clear to developers how to set up protective software. 

FHIR is set up via building blocks called “resources” that make it easy for developers to incorporate the needed code in order to comply with the HL7 FHIR standard. These resources are free so that all developers in the healthcare space can implement them to comply with FHIR.

What Are FHIR APIs?

Part of FHIR is a common set of application program interfaces (APIs) that enable a clear way to implement the FHIR standard. APIs are pieces of code that simplify software development and enable the exchange of data between different third-party developers. FHIR APIs make it easy for developers to follow the healthcare standards for the exchange of electronic data by sharing code with developers for common use cases.

FHIR APIs make it easier for healthcare software developers to meet the protection standards for the industry as well as enable collaboration across data systems. Third-party applications can implement FHIR APIs into their EHR systems and allow for the exchange of information directly into daily medical workflows. FHIR APIs allow for broader adoption of the standard across the industry, increased interoperability, and easier implementation by developers.

FHIR also features bulk access implementation allowing organizations to export large segments of data to aid in reporting and analysis.

An important push in the wide-spread adoption of FHIR was the Office of National Coordination for Health Informationpublished rules requiring EHR vendors to adopt FHIR. Rather than allowing EHRs to create proprietary methods that would have siloed health data, a common standard was adopted. 

The power of FHIR APIs is that this functionality allows servers to connect with any other system using the API and communicate securely in minutes. The healthcare industry is using FHIR APIs to read, write, search, and collaborate across systems on clinical data and EMR systems like never before.

Capable CTA1

How FHIR APIs are RESTful

FHIR APIs are categorized as a RESTful specification by HL7, referring to the REpresentational State Transfer (REST) architecture style that makes it easier for different computer systems on the web to communicate with each other. FHIR uses RESTful principles to create, read, and update records and anyone making a request to a patient’s record will receive a JSON response with the relevant information rather than the entire record. The FHIR RESTful API framework uses the same set of interactions to manage resources and data on a granular level.

FHIR APIs are HTTP-based, running on the web with URLs used for the RESTful structure. Transactions are performed on a server using an HTTP request and response model and FHIR RESTful resources function using a specific endpoint, making it easier to access more precise data with a clearly defined structure for exchanges.  

“By using the REST architectural style, FHIR takes the best of existing health information technology and common internet standards to create a modern method of interoperability,” says The Office for Health Information Technology. “This allows health care systems to implement FHIR without steep learning curves and leading to faster application design.” FHIR as RESTful APIs is enabling the advancement of technology in the healthcare industry, allowing ease of use for the secure exchange of medical data.

While FHIR does not have a security protocol or is opinionated on how to store data, it does define an “Audit resource,”a which tracks the origins, history, status, and access of resources and user/client authentication to identify people, devices, locations, and organizations that access the data.

How Do FHIR APIs Use the Common Data Model?

Part of what FHIR looks to resolve is the challenge of working with data across systems and coding languages. FHIR APIs use the Common Data Model (CDM), which makes it easier to standardize communications with a shared data language. CDM helps achieve interoperability across channels, which is why it’s helpful for FHIR. CDM crafts schema for common areas of business that are then able to work across applications through a common language for easier exchange. 

CDM is also important for FHIR because it helps with combining data on patient medical research, according to HL7. CDM mappings in FHIR APIs allow for access and collaboration on research data across many research networks. This is helping push medical breakthroughs and innovations not only today but also into the future.

Why are FHIR APIs Important to Healthcare?

FHIR APIs are making it easier than ever before to digitally connect different healthcare systems and medical providers while also keeping patient data secure. The patient should always be the top priority in healthcare and FHIR APIs help ensure patients are protected and can have a more seamless medical experience across medical systems. This offers a more holistic healthcare experience to patients and makes collaborating on patient records more straightforward for medical providers, increasing quality of care and decreasing inefficiencies around data management.

Because they are web-based, these APIs make it easier and instantaneous to exchange specific information between providers, such as exchanging a medication list or lab results, rather than sharing paper medical documents. 

How to Build FHIR APIs

Because FHIR is meant to be easily accessible, API resource building blocks are available through HL7. Part of what’s appealing about FHIR APIs is that they include standard resources for common use cases but are also flexible and can be modified to fit a specific or individual functionality. These resources can contain data about a patient, device, observation, encounter, and more. Developers can use most major coding languages, including Java and Python, to build the resources foundational to FHIR. 

The FHIR resources include a URL, common metadata, a human-readable XHTML summary, a set of defined data elements, and an extensibility framework to support different areas of healthcare. There are currently 145 resource types available in the FHIR specification. FHIR includes data representation that uses JSON, XML, and RDF. Much FHIR coding is also supported by open source collaboration available online. 

HL7 outlines five levels for launching FHIR APIs. 

Level 1

In Level 1, the developer builds the foundation of the programming with the basic framework on which specifications will be built. 

Level 2

Then level 2 begins to implement and bind those specifications, such as security, privacy, terminology, support, and exchange.

Level 3

Level 3 is administrative, linking real-world concepts in the healthcare industry to the system, such as setup for patients, practitioners, care teams, devices, and organizations. 

Level 4

Level 4 enables record keeping and data exchange for healthcare, such as clinical, diagnostic, prescription, workflow, and financial processes. 

Level 5

The final level, level 5 is building the ability to reason into the system, such as implementing guidance response and report measures.

FHIR is intended for a wide variety of users, but is specifically designed to provide developers and engineers an interface using technologies and standards that are largely familiar. FHIR helps developers to build healthcare related apps.

Working with developers who specialize in FHIR is the best way to ensure interoperability.

Capable Health is a purpose-built developer platform to build best-in-class consumer health apps, the first API-driven platform dedicated to powering patient onboarding and engagement. Capable takes care of signup, onboarding, care plans, goal tracking, content delivery, secure messaging—the API middleware powering modern patient-facing healthcare experiences.

Capable CTA2