Provider Directories – part 2

In the previous post, we set up the environment for our provider registry and imported some test data (Practitioner only at this stage) from an existing reference server. Now let’s think about how we can go about exposing that information through an API. We’ll work with 2 use cases – which can then act as a pattern for future APIs.

Read more of this post

Provider Directories – part 1

So I’ve been sort of following the Validated Directory track at the Connectathon in San Antonio. I say ‘sort of’ because I’m interested in the idea of using the VerificationResult resource to track the provenance of individual entries in a registry (though I’m not entirely clear about the relationship between VerificationResult and Provenance).

Update: After a chat with those who know these things, the Provenance resource indicates who actually created the resource, while the VerificationResult is who said the information was correct. So I might create a Practitioner resource with my qualifications (so the Provenance points to me) while my Medical School confirms that I do, indeed, have a medical degree – which would be the VerificationResult. And there could be multiple VerificationResults if, say, the check needed to be repeated.

Read more of this post

FHIR Prototyping with Node-RED – part 2

In part one of this series, we looked at using node-RED to manage notifications using the FHIR Subscription resource for a Use Case where relatives (or other care givers) could be notified when a person is admitted to hospital. We looked at the overall flow – now let’s look a bit deeper into some of the details.

Read more of this post

FHIR Prototyping with Node-RED – part 1

As FHIR continues to mature, one of the things we’re seeing is a move away from ‘simple’ data representation Implementation Guides to more complex ones that describe a workflow of some sort. Compare, for example the Argonaut data query Implementation Guide with the Argonaut scheduling guide currently in development. The scheduling guide has got a lot of workflow components to it.

As you will know, a large part of the FHIR ethos is the practical testing of these guides before they are finalized to ensure that they are fit for purpose – often at a Connectathon. But to implement guides like this often requires a significant amount of coding – especially for the server. Is there a simpler way that these guides can be tested?

In this post, I’ll talk about one possibility – using the Node-RED application to develop a prototype server which can quickly be altered as testing occurs.

Read more of this post

An update to the SMART client

Just a quick note the say that I’ve made a couple of changes to the SMART client we discussed in a previous post.

There’s now an option to start the login process in a separate tab. This is needed because a number of sites I’ve been testing won’t let the login page open in an iFrame (it’s a security thing). When you configure the server, select the ‘separate tab’ option under ‘Where to open Browser’ at the bottom of the first page. Read more of this post

Delving into SMART

While FHIR is not a security standard ‘per se’, there are numerous references in the spec to security related matters – including a specific module in the specification. One of the recommendations made is about SMART – a defined way to use the OAuth2 Authorization framework in FHIR. I recently gave a webinar on SMART, and part of the feedback was that it wasn’t enough detail for a developer to implement a solution – while this wasn’t really the focus of the presentation, it did make me realize that there will be a lot of interest in this from developers, so thought it might be useful to develop a SMART application – and call out the significant parts as we go.

Read more of this post

What’s an API?

I was asked recently by a clinical colleague what an API is, and why it’s important.

Let’s start with the technical answer. ‘API’ stands for ‘Application Programming Interface’ – it’s a way that one application (or a component of an application) exposes its services (which could be just data, or some operation against data) in a way that allows another application (often called the client) to use it. By using an API, it’s possible to develop re-usable libraries – components that can be used by other applications to develop functionality.

Read more of this post