Traditional RESTful APIs Will Not Solve Healthcare’s Biggest Interoperability Problems

Traditional RESTful APIs Will Not Solve Healthcare's Biggest Interoperability Problems
Brian Platz, Co-CEO and Co-Chairman of Fluree

Interoperability is a big discussion in health care, with
new regulations requiring interoperability for patient data. Most approaches
follow the typical RESTful API approach that has become the standard method for
data exchange. Yet Health Level Seven (HL7), with its new Fast Healthcare Interoperability
Resources (FHIR) standard for the electronic transfer of health data, is
leading to a rash of implementations that, to date, are not solving core interoperability
issues. 

Data is still insecure, users can’t govern their own health
records, and the need for multiple APIs for different participants with
different rights (human and machine) in the network is adding unneeded
expenditures to an already burdened healthcare system. The way out is not to
add more middleware, but to upgrade the basic tools of interoperability in a
way that finally brings healthcare
technology
into the 21st century.  

A Timely Policy 

Doctors, hospitals, pharmacists, insurance providers,
outpatient treatment centers, labs and billing companies are just a few of the
parties that comprise the overcomplicated U.S. healthcare system. 

In digitizing medical files, as required by the 2009 Health
Information Technology for Economic and Clinical Health (HITECH) Act, providers
have adopted whatever solution was most convenient. This has led to the mess of
interoperability
issues that HL7 seeks to remedy with FHIR. 

Existing Electronic Medical Records
(EMR)
systems do not easily share data. Best case, patients have to sign
off to share data with two incompatible systems. Worst case, information must
be turned into a physical CD or document to follow the patient between
providers. Data security is also notoriously poor. Hackers prioritized the healthcare sector as their main target in 2019; breach
costs exceeded $17.7 billion.

The New Infrastructure Rush

When common formats, by way of FHIR and HL7, provided
standards and solutions to empower global health data interoperability, the
industry erupted into a flurry of activity. Thousands of healthcare databases
are now being draped in virtual construction tarps and surrounded by digital
scaffolding. 

Building a new, interoperable data ontology for the entire
healthcare system is a massive undertaking. For one, 80% of hospital data is
managed using the cryptic, machine-language HL7 Version 2. Most of the rest
uses the inefficient, dated XML data format. HL7 FHIR promotes the use of more
modern data syntaxes, like JSON and RDF (Turtle). 

Secondly, databases have no notion of the new FHIR schema.
Armies of developers must build frameworks and middleware to facilitate interoperability.
This is why Big Tech incumbents including Google Cloud Healthcare, Amazon AWS
and Microsoft for Healthcare are jumping into the fray with their own
solutions. 

The outcome, once HL7’s 22 resources are fully normative, will
be seamless information sharing, electronic notifications, and collaboration
between every player in the giant web of patients, providers, labs, and
middlemen. But it will come at a steep cost in the current traditionally RESTful
API-based manner that is being broadly pursued. 

The Problem with APIs

The new scaffolding is expensive, takes data control away
from patients, and is not inherently secure. The number of unique APIs required
to support the access, rights and disparate user base in the healthcare network
are the reason. 

Interoperability requires a common syntax and “language” to
enable databases to talk to each other. The average traditional API costs up to
$30,000 to build, plus half that cost to manage annually. That is not to
mention the cost to integrate and secure each API. A small healthcare
organization with only 10 APIs faces costs of $450,000 annually for basic API
services. 

When you consider that most big healthcare organizations will
need to connect thousands of APIs, HL7’s interoperability schema really is the
best way forward. The traditional API tooling to manage the interoperability of
the well-framed data structures, however, is the problem. 

Moreover, the patient, the rightful owner of their own
health record, still doesn’t have the ability to govern their own data. Because
change only happens in the database itself, the manager of the database, not
the patient, controls the data within. 

In the best case, this puts an additional burden on patients
to give explicit permission every time health records move between providers.
In the worst case, a provider sees an entire medical history without a
patient’s consent–your podiatrist seeing your psychiatric records, for
example.

Finally, each API enables one data store to talk to the
next, opening opportunities for bad actors to make changes to databases from
the outside. The firewalls that protect databases and networks are penetrable,
and user profiles are sometimes created outside of the database itself, making
it possible to expose, steal and change data from outside the database. 

In that light, HL7 is paving the wrong road with good
intentions. But there is another way. 

Semantic Standards and Blockchain to the Rescue

If you eliminate data APIs, secure interoperability, with
data governance fully in the hands of the patient, becomes possible. Healthcare
data silos will be replaced with a dynamic, trusted and shared data network
with privacy and security directly baked in. The solution involves adding
semantic standards for full interoperability, blockchain for data governance
and data-centric security. 

Semantic standards, such as RDF formatting and SPARQL
queries, let users quickly and easily gain answers from multiple databases and
other data stores at once. Relational databases, the ones currently in use in healthcare,
are all formatted differently, and need API middleware to talk to one another.
Accurate answers are not guaranteed. Semantic standards, on the other hand,
create a common language between all databases. Instead of untangling the
mismatched definitions and formatting inevitable with relational databases,
doctors’ offices, for example, could easily pull in pertinent patient records,
insurance coverage, and the latest research on diseases.

Patients, for their part, would use blockchain to regain control
of their data. Patients would be able to turn on aspects of their data to
specific caregivers, instead of relinquishing control to database business
managers, as is currently the case. Your podiatrist, in other words, will not
be able to see your psychiatric records unless you choose to share them. 

The data ledger, which lives on the blockchain, will contain
instructions as to who can update (writer new records on) the ledger, who can
read it, and who can make changes. All changes are controlled by private-key
encryption that is in the hands of the patient; only those with authorization
can see select histories of health data (or, as in the case of an ER doctor,
entire histories, with permission). 

Data security is controlled in the data layer itself,
instead of through middleware such as a firewall. Data can be shared without
API, thanks to those semantic standards, and data are natively embedded with
security in the blockchain. Compliance, governance, security and data
management all become easier. Data cannot be stolen or manipulated by an
outside party, the way it commonly is by healthcare hackers today. 

The interoperability conundrum, in other words, is solved.
Fewer APIs means fewer security vulnerabilities; a common, semantic standard
eliminates confusion and minimizes mistakes. Blockchain puts patients in
control of who sees what parts of their health records. Eliminating the need
for API middleware also saves tens of thousands of dollars, at a minimum.


About Brian Platz 

Brian is the Co-CEO and Co-Chairman of Fluree, PBC, a decentralized app platform that aims to remodel how business applications are built. Before establishing Fluree, Brian was the co-founder of SilkRoad technology which expanded to over 2,000 customers and 500 employees in 12 international offices.


Open APIs in Healthcare: The Future of Data Integration Report

Open APIs in Healthcare: The Future of Data Integration Report

What You Should Know:

– The latest Chilmark Research report examines how data-oriented APIs are contributing to development and integration efforts across healthcare from the perspective of the developer.

– Reeling from the impact of the COVID-19 pandemic and
seeking more effective ways to implement new functionality, healthcare
enterprises of all kinds are looking to alternatives for prevailing development
and integration practices.


Unlocking value
from the data scattered across healthcare communities was once a tantalizing
opportunity. After COVID-19,
it is an existential necessity. Chilmark
Research’s
latest Market Trends Report, Open APIs in Healthcare: The Future of Data Integration, captures a market whose approach to data access and
integration will be changing substantially in the coming years and introduces a
subvertical within healthcare
IT
that anticipates a 16% CAGR through 2025.

APIs Are Still New in Healthcare

What You Should Know:  - Latest Chilmark Research report, examines how data-oriented APIs are contributing to development and integration efforts across healthcare from the perspective of the developer. - Reeling from the impact of the COVID-19 pandemic and seeking more effective ways to implement new functionality, healthcare enterprises of all kinds are looking to alternatives for prevailing development and integration practices.  Unlocking value from the data scattered across healthcare communities was once a tantalizing opportunity. After COVID-19, it is an existential necessity. Chilmark Research’s latest Market Trends Report, Open APIs in Healthcare: The Future of Data Integration, captures a market whose approach to data access and integration will be changing substantially in the coming years and introduces a subvertical within healthcare IT that anticipates a 16% CAGR through 2025.   APIs Are Still New in Healthcare  Outside healthcare, the ascendance of data access and integration facilitated by application programming interfaces (APIs) is the culmination of decades of technology evolution and implementation lessons with distributed applications. Across the SaaS landscape in particular, APIs have become the preferred method for accessing data and conducting transactions across applications and organizations. Developers recognize and appreciate the value of loosely coupling their applications and data, wherever each is located. Inside healthcare, many enterprises are hesitant on the topic of APIs, seeing them as too big a leap from established, successful software practices. But they also recognize that eliminating the need for hard-coded interfaces that must be re-implemented every time an application or its underlying data changes will deliver higher programmer productivity and more-responsive applications.   Traditional Integration Methods Fall Short Conventional development and integration approaches proved cumbersome and slow in efforts to contribute to understanding or responding to the current health crisis. Unlocking more value from the data scattered across healthcare communities is — post-COVID-19 — a critical element in clinical and financial renewal. “Enterprises across healthcare were already wrestling with challenging market forces and government mandates,” says Brian Murphy, the report’s lead author and analyst. “Open APIs will play a central role for providers, payers, or any healthcare enterprises that intend to better utilize their data and pursue development efforts that make them — and the broader healthcare community — more responsive and adaptable to the demands of a post-pandemic healthcare system.” Developers Require Accessible Data Developers find data wherever they can from among a large and confusing mix of data holders and associated vendors. This report identifies the sources where different kinds of health-related data are most likely to be API-accessible. It shows how APIs are already contributing to development and integration efforts across healthcare and estimates the much larger potential of widespread adoption. This report includes detailed profiles on 20 public and private organizations and their offerings, including 1upHealth, 4Medica, Allscripts, Apple, Athenahealth, Availity, Blue Button 2.0, Cerner, Change Healthcare, Datica, Epic, Human API, Meditech, NextGen, NCPDP, Particle Health, The Sequoia Project, Redox, Surescripts, and Validic. For more information about the report, visit https://www.chilmarkresearch.com/chilmark_report/open-apis-in-healthcare-the-future-of-data-integration/

Outside healthcare, the ascendance of
data access and integration facilitated by application programming interfaces
(APIs) is the culmination of decades of technology evolution and implementation
lessons with distributed applications. Across the SaaS landscape in particular,
APIs have become the preferred method for accessing data and conducting
transactions across applications and organizations. Developers recognize and
appreciate the value of loosely coupling their applications and data, wherever
each is located.

Inside healthcare, many enterprises are
hesitant on the topic of APIs, seeing them as too big a leap from established,
successful software practices. But they also recognize that eliminating the
need for hard-coded interfaces that must be re-implemented every time an
application or its underlying data changes will deliver higher programmer
productivity and more-responsive applications.

Traditional Integration Methods Fall
Short

Conventional development and
integration approaches proved cumbersome and slow in efforts to contribute to
understanding or responding to the current health crisis. Unlocking more value
from the data scattered across healthcare communities is — post-COVID-19 —
a critical element in clinical and
financial renewal.

“Enterprises across healthcare were already wrestling with challenging market forces and government mandates,” says Brian Murphy, the report’s lead author and analyst. “Open APIs will play a central role for providers, payers, or any healthcare enterprises that intend to better utilize their data and pursue development efforts that make them — and the broader healthcare community — more responsive and adaptable to the demands of a post-pandemic healthcare system.”

Developers Require Accessible Data

Open APIs in Healthcare: The Future of Data Integration Report

Developers find data wherever they can from among a large
and confusing mix of data holders and associated vendors. This report
identifies the sources where different kinds of health-related data are most
likely to be API-accessible. It shows how APIs are already contributing to
development and integration efforts across healthcare and estimates the much
larger potential of widespread adoption.

This report includes detailed profiles on 20 public and
private organizations and their offerings, including 1upHealth, 4Medica,
Allscripts, Apple, Athenahealth, Availity, Blue Button 2.0, Cerner, Change
Healthcare, Datica, Epic, Human API, Meditech, NextGen, NCPDP, Particle Health,
The Sequoia Project, Redox, Surescripts, and Validic.

For more information about the
report, visit https://www.chilmarkresearch.com/chilmark_report/open-apis-in-healthcare-the-future-of-data-integration/