Axway: An API-shot in the arm for healthcare data
The is a guest piece written for Computer Weekly Open Source Insider by Ruby Raley in her position as VP of healthcare at Axway, a company known for its ‘full lifecycle’ API management technologies.
Raley suggests that opening up real-time access to quality healthcare data (via APIs) leads to better patient experiences.
Her firm is an API management specialist, so a suggestion that APIs are central to better healthcare data might sound like a loaded self-serving statement… so is there any real value to be gleaned from this suggestion?
Raley’s position stems from her location on the US East Coast, although her argument is presented in terms of a global audience with reference to the US, UK and elsewhere.
Raley writes as follows
The move to Open Healthcare (disclosure: this is an initiative that my own company is involved in) has been underway for a while, but this year has underscored the urgency for interoperability and truly digital healthcare.
Fast Healthcare Interoperability Resources (FHIR) implementation is poised to support rapid adoption of APIs, allowing outside apps to connect with electronic health record systems, and these can help solve massive healthcare challenges.
But as admirable as these initiatives might be… in the real world, it is API-first thinking, not just compliance with government FHIR mandates, that can truly unlock the potential for solutions that are secure AND patient-centered.
Healthcare organisations have historically connected with other healthcare organisations – but these connection points were typically point-to-point and comparatively purpose-built.
A more holistically connected future
Looking to a more holistically connected future as governments move to build citizen-centric applications and healthcare opens up their data to patients, healthcare organisations need to look at APIs as an engagement method, thinking about APIs as a product and of course keeping API security, management and monitoring as first-order priorities.
More than ever, people need real-time tools. Citizens want access to their data. An API-first approach supports low-code solutions, which is of value to healthcare facilities right now. It is lightweight and can be delivered to a device carried by a clinician throughout a hospital, enabling them to care for patients faster and more efficiently.
Using APIs doesn’t just enable faster delivery of services; it also means better performance and a better patient experience. Providing a set of standardised interfaces that meet the needs of consumers reduces test time, production breakage and upgrade complexity, but it also puts the patient at the center of the experience.
From raw datasets… into consumable APIs
We can wrap FHIR APIs, which are a relatively raw data set, into experience APIs and make them more consumable.
When hospitals open up their data via APIs, IT teams can quickly build a low-code solution that instantly pulls from patients’ existing Electronic Health Records (EHRs).
Healthcare partners have massive amounts of information, but we tend to make it too hard for teams to share data – somewhat understandably, given the current cyber-security climate.
That’s why robust security, supported by real-time monitoring, is imperative to truly unlock the power of APIs. Moving that amount of data around so freely in real-time generates a lot of traffic, and UK and US cybercrime authorities recently warned of an increased threat to hospitals and healthcare providers.
An open platform needs analytics that can look for anomalous traffic – potentially flagging expired or oddly-sequenced user or administrative credentials, focusing on authorisation and authentication on the front end, using OAuth as the building block for scalable, secure authentication.
After all, APIs must be protected by the latest security protocols and standards.
How API are you feeling?
But everyone tends to forget user experience in healthcare. There’s so much potential for improvement with APIs and developer portals that help citizens get access to their data more effectively.
By actually wrapping FHIR APIs into consumer APIs, experience APIs, we can start to enable nimble, low-code work inside organisations. Now we start arming ourselves to live in a real-time world by delivering unplanned, critical work in a matter of days or weeks – all while putting the patient back at the center of their care.
So then, clearly, Raley suggests that – working for an API management company – that API management is a key route to enabling better, more connected, more controllable healthcare data and, ultimately, a route to enabling Electronic Patient Healthcare (EPH) records and more. Well, we didn’t think she’d be suggesting over-baked bananas were the answer now did we? Let’s talk more about feeding raw data into experience APIs as we go forwards and look more closely at the internal mechanics of these systems.