FHIR®, or Fast Healthcare Interoperability Resources, is one of the next generation HL7® standards in healthcare data integration.
It focuses on decreasing interoperability costs, and unlocking technical innovation in healthcare by supporting an open ecosystem of information providers and consumers via open APIs. But with any API and particularly one that exposes Personal Health Information (PHI) there will be security issues to consider.
So now there is a new acronym SMART (standing for Substitutable Medical Applications and Reusable Technologies) that is also generating excitement within the community. SMART adds a layer of security in front of FHIR interfaces to support safe access to data held within an EHR – or any other repository.
Focused on implementers, FHIR reuses many of the concepts already familiar to developers from other domains. These include Resources to represent common healthcare concepts such as Allergies, Medications and Problems. This enables customisation of these resources for specific uses (Profiling) and a simple REST based API made popular by some of the major internet players such as Google, Twitter and Facebook, which support both XML and JSON.
FHIR has the support of many of the large healthcare organisations and vendors, as well as national bodies such as ONC in the United States, the NHI in the United Kingdom and NEHTA in Australia.
SMART is not yet as well-known as FHIR, but healthcare organisations and national bodies are taking an active interest in its development, through projects such as Argonaut. SMART leverages the existing standards OAuth2 for Authentication and Authorisation, OpenID Connect for user Identity and standardises the process of negotiating access to information and operations between app and server. It also describes a process by which an EHR application can launch an external app preserving context (patient and user), and providing safe access to the data within the EHR or, indeed, any other repository of healthcare data.
This paper reviews SMART, and considers how an organisation can support and benefit from this new healthcare standard.
To read the full White Paper click the button below.