Uncle Sam to Healthcare IT: Voluntary Guidelines for Open APIs Not Quite So Voluntary

Continued from page 1. 

Already, four winners of user experience challenges have been awarded with financial support to help build their business. These apps include:

  • A family health dashboard that draws in a patient’s healthcare records along with data from wearables and other sources
  • A health assistant app that uses a family’s health records to make personalized health and wellness recommendations
  • An aggregator app that can take a patient’s healthcare records from multiple sources and display them in the one interface, like a social media feed
  • An aggregator app that draws in all of a patient’s healthcare records in a mobile app along with features like setting new appointments and reminders. 

Letting Citizens Own Their Health Data

At the core of the moves towards mandating APIs for health care is a belief that citizens have the right to manage their own health data. Lucia Savage, Chief Privacy Officer in the Office of the National Coordinator told ProgrammableWeb that “Under U.S. federal law, patients have an extremely strong right to get their health data and transmit it directly to any third party they prefer.” Savage says that the U.S. Department of Health and Human Services does not regulate how citizen’s can use their own data, and that citizen’s rights to access their health records has ramped up since 2009 legislation. In 2014, Electronic Health Records software introduced a “View, Transmit, Download” functionality so that patients could access their data at any time. Savage says the API requirements are an extension of that functionality, and will be essential in new funding approaches for personal health care. 

“We talk about this a lot,” said Savage. “It is a really active component of the policy. We are heading towards a world of advanced payment models, where you have a team approach in which patients and physicians collaborate over their data.”

Savage said that further patient education will be needed, not only to alert people to their rights under health data legislation, but to explain how to keep their health data safe and secure when authorizing third party access. 

Industry Responses: AlayaCare and MuleSoft

At present, there are 11 certified health providers who have already achieved 2015 Edition accreditation status, with Posnack saying others are working towards that process now. One healthcare software provider who work in both U.S. and international markets is AlayaCare. 

“We do have full APIs in our software,” said AlayaCare CEO, Adrian Schauer, our CEO US and international market. “We have a presence in the U.S., Canada, the Middle East and Australia.”

Schauer said that APIs are central to their software products, especially in Canadian and Australian markets that have already moved to some of the collaborative funding models mentioned by Savage. “In the home care space in Ontario, we have client directed care where patients get a bundle of services paid for publicly and multiple agencies might be contracted, so they need to be able to collaborate and share health data. Health records need to have interoperability given that this systematic change is happening. “Globally, there is absolutely a trend towards more integration,” Schauer said. “In Australia, for example, the patient themselves is the hub” for being able to choose their team of care providers, whereas in Canada this is organized by a case manager.

For now, Schauer says the AlayaCare model is based more on partner APIs: “We are a modern web-based software built on a microservices software architecture and only a subset of our APIs are available publicly for integration, which tends to be done with an individual provider, so it is not like an open API.”

But he sees open APIs for electronic health records as very much a part of the future for their software in the U.S. and globally. “I am very much in favor of it for two reasons, he said. ”For patient-care, the sharing of information is a net positive so anything that can be done for that, I am in favor of. And from a business point of view, APIs is one of our key competitor differentiators in the market.”

David Chao, Head of Industry Marketing at MuleSoft (the parent company of ProgrammableWeb) says that among the healthcare agencies he speaks with. there is general agreement around the idea of opening up health systems via API, but some concern “with the timing and with the difficulties that a lot of Electronic Medical Records companies feel about how they expose the data to third parties,” he said.

To address this, his team have recently worked on Catalyst for Healthcare. “What is of most concern to most organizations is not whether they should build APIs, but how,” Chao said. The Catalyst products aim to help healthcare software and clinical providers to accelerate their uptake of APIs by providing a set of predefined APIs and implementation resources for business processes, like client onboarding. 

How Business Will Take Up Government Mandating of APIs

The 2018 target date of mandatory requirements for open APIs in healthcare mirror similar international initiatives across other industry sectors. In Europe in 2018, the Payment Services Directive 2 comes into effect, requiring banks to have created an open and standardized way to make it possible for third parties to access payments and account information with authorized access. Whereas in the U.S. healthcare context, the Government is stipulating APIs as the way to enable access to citizen-authorized data, in Europe, banks are free to choose their own technology option, with many thinking APIs make the best business sense.

It now appears that moves in Europe may be faltering slightly, as industry must first come together and define some open standards if individual banks are going to make progress on building interoperable APIs. The U.S. health context is a little clearer, as there is already significant work done on the international Fast Interoperability Health Resource, working towards a common health care API standard, and U.S. mandates for the use of APIs and clear requirements via the Meaningful Use Stage 3 provisions that stipulate what data items must be available through interoperability.

But both policies demonstrate that this new digital industrial landscape will require a lot more co-opetition amongst industry players: working collaboratively at times to agree on standards and data schemas and competitively at other times to differentiate how they build relationships with third parties and create their platforms. That’s the new cultural mindset that will be required in a digital era, and API-focused sectors, like health, banking and the Internet of Things, will all be test grounds for how well industry can play nicely together and still compete effectively.

Be sure to read the next Health article: ProgrammableWeb's Most Interesting APIs in 2016: Health and Environment


Comments (0)