While the Centers for Medicare & Medicaid Services (CMS) Interoperability and Patient Access Final Rule (IR) is a major step for interoperability in the United States, it’s just one piece of the puzzle. Point-to-point connections between providers and payers may be nothing new, but opening up private member data via “experience” APIs to third-party app developers — and doing it securely — can be an unfamiliar, and sometimes daunting, prospect for health plans, especially for those responsible for security and compliance.
This resource is intended to answer your questions, uncover issues you may not have anticipated, and help you move forward confidently. Enter your email to download the eBook.
Open healthcare APIs create unprecedented challenges
Consumer-facing FHIR® APIs don’t have security built into the FHIR® server, and publishing the APIs for use by a third party (someone with no business relationship or regulatory responsibility to secure patient records) is like leaving the door open to data theft. The solution to the problem of exposing FHIR® resources to the public internet is to create experience APIs and secure the APIs with a policy engine.
Best-of-breed consumer API products live on top of the base FHIR®APIs and offer this advanced functionality. They deliver an improved experience for developers and users — making it both easier to consume and better suited to the requestor’s need.
Download the eBook to learn more about the unprecedented challenges and what you need to do to overcome them.